www.cotosen.com Open in urlscan Pro
2606:4700::6811:e321 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cotosen.com/
Effective URL:
https://www.cotosen.com/
Submission Tags: falconsandbox
Submission: On October 02 via api (October 2nd 2022, 12:16:29 pm UTC) from US — Scanned from DE

Summary HTTP 181 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 73 IPs in 11 countries across 65 domains to perform 181 HTTP transactions. The main IP is 2606:4700::6811:e321, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cotosen.com. The Cisco Umbrella rank of the primary domain is 594104.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2022. Valid for: a year.

This is the only time www.cotosen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:a7e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:e321	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:62::84 2a04:4e42:62::84	54113 (FASTLY) (FASTLY)
32	2606:4700::68... 2606:4700::6810:5953	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.45 13.32.121.45	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:20:... 2606:4700:20::681a:6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	84.53.161.83 84.53.161.83	34164 (AKAMAI-LON) (AKAMAI-LON)
1	52.222.225.250 52.222.225.250	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4754	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.117.98.198 34.117.98.198	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:a400:2:b::4 2607:a400:2:b::4	21859 (ZEN-ECN) (ZEN-ECN)
3	52.205.170.131 52.205.170.131	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e6:... 2606:4700:e6::ac40:c30f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.243.66.229 54.243.66.229	14618 (AMAZON-AES) (AMAZON-AES)
2	52.45.120.164 52.45.120.164	14618 (AMAZON-AES) (AMAZON-AES)
3	34.107.149.195 34.107.149.195	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1 7	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
6	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	185.26.99.247 185.26.99.247	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2620:1ec:40::44 2620:1ec:40::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:303... 2606:4700:3033::ac43:d085	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	137.184.242.20 137.184.242.20	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	3.122.47.104 3.122.47.104	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	63.34.160.83 63.34.160.83	16509 (AMAZON-02) (AMAZON-02)
1	184.51.8.30 184.51.8.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.158.179.233 35.158.179.233	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.29.139.35 52.29.139.35	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	34.255.95.163 34.255.95.163	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	2600:1f18:612... 2600:1f18:612b:4216:7ad5:1326:2d1:191d	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.34.53.236 63.34.53.236	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::6815:17f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	2606:4700:440... 2606:4700:4400::6812:2337	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7050	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.117.134.138 185.117.134.138	204006 (IQOPTION) (IQOPTION)
1 1	45.60.156.148 45.60.156.148	19551 (INCAPSULA) (INCAPSULA)
1	79.125.33.106 79.125.33.106	16509 (AMAZON-02) (AMAZON-02)
1	3.141.157.49 3.141.157.49	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
181	73

1 2606:4700:3033::ac43:a7e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cotosen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:e321 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cotosen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700::6810:5953 (United States)

ASN13335 (CLOUDFLARENET, US)

sources.aopcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.aopcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img4.aopcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img6.aopcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-45.fra60.r.cloudfront.net

eu-library.klarnaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:6d (United States)

ASN13335 (CLOUDFLARENET, US)

www.artfut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 84.53.161.83 (Vienna, Austria)

ASN34164 (AKAMAI-LON, NL)
PTR: a84-53-161-83.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.225.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-225-250.fra56.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4754 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lenmit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.98.198 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 198.98.117.34.bc.googleusercontent.com

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:a400:2:b::4 (United States)

ASN21859 (ZEN-ECN, US)

static.tongdun.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.205.170.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-170-131.compute-1.amazonaws.com

usfp.tongdun.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
behavior.tongdun.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:c30f (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.243.66.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-66-229.compute-1.amazonaws.com

api.hrznads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.120.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-120-164.compute-1.amazonaws.com

nc-1.theoverall.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.149.195 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 195.149.107.34.bc.googleusercontent.com

webtrafficsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.184.10.30 (Poland) 1 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fledge-usa.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ash.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.26.99.247 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde430-2.fornex.org

z.lenmit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:40::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:d085 (United States)

ASN13335 (CLOUDFLARENET, US)

rtg.l10.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 137.184.242.20 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

tag.forceadmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.clickanalyticsresource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redirect.lista10.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.47.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.160.83 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-160-83.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.8.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-30.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.179.233 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-179-233.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (Lovettsville, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.139.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.95.163 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-95-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:7ad5:1326:2d1:191d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.53.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-53-236.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:17f (United States)

ASN13335 (CLOUDFLARENET, US)

mediamathrdrt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2337 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7050 (United States)

ASN13335 (CLOUDFLARENET, US)

casadeapostas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.117.134.138 (Cyprus) 1 redirects

ASN204006 (IQOPTION, CY)

iqbroker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.156.148 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

affiliate.iqbroker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.33.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-33-106.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.141.157.49 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-157-49.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	aopcdn.com sources.aopcdn.com — Cisco Umbrella Rank: 207763 ups.aopcdn.com — Cisco Umbrella Rank: 205782 img4.aopcdn.com — Cisco Umbrella Rank: 327541 img6.aopcdn.com — Cisco Umbrella Rank: 344842	985 KB
10	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	8 KB
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 402 mug.criteo.com — Cisco Umbrella Rank: 2810 sslwidget.criteo.com — Cisco Umbrella Rank: 1889 dis.criteo.com — Cisco Umbrella Rank: 665	13 KB
9	creativecdn.com 2 redirects tags.creativecdn.com — Cisco Umbrella Rank: 18441 us.creativecdn.com — Cisco Umbrella Rank: 2771 fledge-usa.creativecdn.com — Cisco Umbrella Rank: 10439 cm.creativecdn.com — Cisco Umbrella Rank: 8488 ash.creativecdn.com — Cisco Umbrella Rank: 11611	5 KB
8	google.de www.google.de — Cisco Umbrella Rank: 6301	948 B
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 5431 www.google.com — Cisco Umbrella Rank: 2	4 KB
8	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2577 ct.pinterest.com — Cisco Umbrella Rank: 869 log.pinterest.com — Cisco Umbrella Rank: 3628	21 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 561 k.clarity.ms — Cisco Umbrella Rank: 5516 c.clarity.ms — Cisco Umbrella Rank: 1017	27 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	314 B
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3308 onesignal.com — Cisco Umbrella Rank: 1213 img.onesignal.com — Cisco Umbrella Rank: 7300	87 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	340 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 947	102 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	1 KB
4	tongdun.net static.tongdun.net — Cisco Umbrella Rank: 180804 usfp.tongdun.net — Cisco Umbrella Rank: 138409 behavior.tongdun.net — Cisco Umbrella Rank: 363103	48 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 378 c.bing.com — Cisco Umbrella Rank: 224	13 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	279 KB
4	cotosen.com 1 redirects cotosen.com — Cisco Umbrella Rank: 479831 www.cotosen.com — Cisco Umbrella Rank: 594104	74 KB
3	iqbroker.com 2 redirects iqbroker.com — Cisco Umbrella Rank: 100900 affiliate.iqbroker.com — Cisco Umbrella Rank: 136252	2 KB
3	clickanalyticsresource.com cdn.clickanalyticsresource.com — Cisco Umbrella Rank: 193396	1 KB
3	webtrafficsource.com webtrafficsource.com — Cisco Umbrella Rank: 52531	883 B
3	artfut.com www.artfut.com — Cisco Umbrella Rank: 27869	17 KB
2	betano.de 1 redirects www.betano.de — Cisco Umbrella Rank: 627491	546 B
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 83524	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 211	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 282	507 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 671	853 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1347	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 288	1 KB
2	forceadmedia.com tag.forceadmedia.com — Cisco Umbrella Rank: 149617	1 KB
2	l10.agency rtg.l10.agency — Cisco Umbrella Rank: 262623	24 KB
2	theoverall.link nc-1.theoverall.link — Cisco Umbrella Rank: 695078	1 KB
2	hrznads.com api.hrznads.com — Cisco Umbrella Rank: 146522	2 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 62505 prdredir.com — Cisco Umbrella Rank: 57979	30 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 788	20 KB
2	lenmit.com cdn.lenmit.com — Cisco Umbrella Rank: 157760 z.lenmit.com — Cisco Umbrella Rank: 58670	3 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1435	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 515	338 B
1	casadeapostas.com casadeapostas.com — Cisco Umbrella Rank: 124419
1	lista10.dev redirect.lista10.dev — Cisco Umbrella Rank: 549317	817 B
1	mediamathrdrt.com mediamathrdrt.com — Cisco Umbrella Rank: 100581	650 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2052	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 2179	522 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 24685	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2239	183 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 456	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 860	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1501	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 376	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1650	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1248	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 538	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 336	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 686	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 810	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1251	884 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 560	785 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	15 KB
1	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 22113	31 KB
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 6355	13 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 971	9 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 636	14 KB
1	klarnaservices.com eu-library.klarnaservices.com — Cisco Umbrella Rank: 22751	10 KB
181	65

	Domain	Requested by
18	ups.aopcdn.com	www.cotosen.com
12	sources.aopcdn.com	www.cotosen.com sources.aopcdn.com
8	www.google.de	www.cotosen.com
7	www.google.com	1 redirects www.cotosen.com
6	www.facebook.com	www.cotosen.com
6	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
6	www.googletagmanager.com	www.cotosen.com www.googletagmanager.com
5	ct.pinterest.com	s.pinimg.com www.cotosen.com
5	us.creativecdn.com	1 redirects www.cotosen.com tags.creativecdn.com
5	gum.criteo.com	4 redirects static.criteo.net
5	analytics.tiktok.com	www.cotosen.com analytics.tiktok.com
4	tr.snapchat.com	sc-static.net www.cotosen.com
4	connect.facebook.net	www.cotosen.com connect.facebook.net
3	k.clarity.ms	www.clarity.ms
3	cdn.clickanalyticsresource.com	cdn.lenmit.com cdn.clickanalyticsresource.com
3	onesignal.com	cdn.onesignal.com
3	webtrafficsource.com	www.cotosen.com webtrafficsource.com
3	bat.bing.com	www.cotosen.com bat.bing.com
3	www.artfut.com	www.cotosen.com www.artfut.com
3	www.cotosen.com	www.cotosen.com sources.aopcdn.com
2	iqbroker.com	1 redirects redirect.lista10.dev
2	www.betano.de	1 redirects prdredir.com
2	gml-grp.com	2 redirects
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
2	c.clarity.ms	1 redirects
2	tag.forceadmedia.com	www.cotosen.com tag.forceadmedia.com
2	rtg.l10.agency	cdn.lenmit.com rtg.l10.agency
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	nc-1.theoverall.link	www.cotosen.com
2	api.hrznads.com	www.cotosen.com api.hrznads.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	usfp.tongdun.net	www.cotosen.com
2	s.pinimg.com	www.cotosen.com s.pinimg.com
2	cdn.onesignal.com	www.cotosen.com cdn.onesignal.com
2	assets.pinterest.com	www.cotosen.com assets.pinterest.com
1	img.onesignal.com
1	behavior.tongdun.net	www.cotosen.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	affiliate.iqbroker.com	1 redirects
1	casadeapostas.com	mediamathrdrt.com
1	ash.creativecdn.com	us.creativecdn.com
1	cm.creativecdn.com	1 redirects
1	redirect.lista10.dev	rtg.l10.agency
1	prdredir.com	www.cotosen.com
1	mediamathrdrt.com	www.cotosen.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	fledge-usa.creativecdn.com	tags.creativecdn.com
1	c.bing.com	1 redirects
1	log.pinterest.com	www.cotosen.com
1	sslwidget.criteo.com	static.criteo.net
1	mug.criteo.com	www.cotosen.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	z.lenmit.com	cdn.lenmit.com
1	analytics.webgains.io	www.cotosen.com
1	scripts.prdredir.com	www.cotosen.com
1	utt.impactcdn.com	www.cotosen.com
1	static.tongdun.net	www.cotosen.com
1	img6.aopcdn.com	www.cotosen.com
1	img4.aopcdn.com	www.cotosen.com
1	tags.creativecdn.com	www.cotosen.com
1	cdn.lenmit.com	www.cotosen.com
1	sc-static.net	www.cotosen.com
1	static.criteo.net	www.cotosen.com
1	eu-library.klarnaservices.com	www.cotosen.com
1	cotosen.com	1 redirects
181	91

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.pinterest.com
www.tiktok.com

Subject Issuer	Validity	Valid
www.cotosen.com Cloudflare Inc ECC CA-3	`2022-07-22` - `2023-07-22`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.aopcdn.com Encryption Everywhere DV TLS CA - G1	`2022-05-05` - `2023-05-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.klarnaservices.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
tags.creativecdn.com GTS CA 1D4	`2022-08-15` - `2022-11-13`	3 months	crt.sh
*.tongdun.cn GlobalSign RSA OV SSL CA 2018	`2022-08-08` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
utt.impactcdn.com GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.prdredir.com E1	`2022-09-13` - `2022-12-12`	3 months	crt.sh
*.hrznads.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
nc-1.theoverall.link R3	`2022-09-06` - `2022-12-05`	3 months	crt.sh
webtrafficsource.com GTS CA 1D4	`2022-08-06` - `2022-11-04`	3 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
z.lenmit.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-23` - `2023-06-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
static.gortb.com Go Daddy Secure Certificate Authority - G2	`2022-06-10` - `2023-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.mediamathrdrt.com E1	`2022-09-14` - `2022-12-13`	3 months	crt.sh
*.casadeapostas.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-18` - `2023-06-24`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.cotosen.com/
Frame ID: F1AC87E619447F2A76D123781C3BD95E
Requests: 143 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.cotosen.com&origin=onetag
Frame ID: 269EFDC1554ADF37C8F33793A800C7A0
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=11157a01-9db7-448a-9659-b26a3b79baee&u_scsid=4f50512f-74a5-4f1d-b3a5-69dc12e3ac64&u_sclid=9b0184c0-7f4a-4528-8ff1-152351825b6d
Frame ID: F5305AC6768F6967B46606B4D416D626
Requests: 1 HTTP requests in this frame

Frame: https://api.hrznads.com/u/42/p093.js?code=cHdq&isq=0&cb=dbaf51139418398a05553&tod=1302&if=false&turl=https://www.cotosen.com/&pop=https%3A%2F%2Fwww.cotosen.com%2F
Frame ID: AC991219662E5D220C572629A23D2A8A
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: C9DAF1DF521D82D8DEBBA7A970033AC6
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/cm?type=iframe&sru=https%3A%2F%2Fwww.cotosen.com%2F&ti=bsF2DGUf4kC0n75x0THn&mcm=1&c=US
Frame ID: 5BFF3C300C7CFB6BD0169C2874E2B8BA
Requests: 2 HTTP requests in this frame

Frame: https://fledge-usa.creativecdn.com/fledge-igmembership?ntk=yqy9QH0zsoEJiByBbbneVvkBq8yk1cEnZS9VOTnLdCJRq2jajnrKkXsZlQNuRs6igyUUR0m7KDxw59SMuXMoZA
Frame ID: 8D834777ABA941377936A3314257DA69
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ypHlmxLMnlg2H4Acghp63uwVqTYorG-1gTk5vA&expires=30
Frame ID: E5D7D298747A6647813D94B7F5B7F443
Requests: 26 HTTP requests in this frame

Frame: https://mediamathrdrt.com/product/fc7c920d9b61d76f23202b1fba7187831644b9a88f0de03a1e6a326af7915a5b
Frame ID: 2583224B859C72763F35AB0BAE41CF34
Requests: 2 HTTP requests in this frame

Frame: https://prdredir.com/product/b7fd58b858b670a11efb78f17dd874ce80cbeac0cf398d54b0a28b221f4300dc
Frame ID: EB28A28A08BC364F96052DBB1B579188
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=PNZvKUFxtEkEaUYY
Frame ID: 564AF930B2E8B0CB8508119114B71526
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Men's Outdoor Clothing Online Shopping | Cheap Price Free Shipping Over $99 | Cotosen

Page URL History Show full URLs

http://cotosen.com/ HTTP 301
https://www.cotosen.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

181
Requests

91 %
HTTPS

38 %
IPv6

65
Domains

91
Subdomains

73
IPs

11
Countries

2240 kB
Transfer

6028 kB
Size

99
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/cotosen_ins/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cotosen-111424304926866

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/Cotosen_office/_created/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cotosen_official

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cotosen.com/ HTTP 301
https://www.cotosen.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://us.creativecdn.com/tags/v2?type=json HTTP 307
https://us.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 94

https://gum.criteo.com/sid/json?origin=onetag&domain=cotosen.com&sn=ChromeSyncframe&so=0&topUrl=www.cotosen.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Tz4AynxEOGR4eTc5dWtlWUJWZlMzTHdTRlZzdFNyTmlwQ215MTV1TGdTYzVLSm43VHZKTFd4RUVkQUQyc01ObnJRZXJ3U0VSQ3pFSnppOXlVRGxLWko2clRKK0V5cWM5SldZWk1vcmE1cUFDL3ZUc2E4TWNtR0wzbGtlU09ObjJDWVc4VmF0L2hHRkJPcnFlSXY4Ni9ERWgvRkoxL0UvY3NTMFlvbkpMUmRYOTM0RlRBb1VXSC9pUHpJRVJxTytjVTh3L1Y0NXNPK0I2SjRrTnpHMjMyVElyN2tKZ1pVVS9BN21wUWFQS3VIOFNZa1pVWXZsb2tGaXlZdkd4MmkzY3RHdWkvM21KTGZ2VzBmK0EvTVRUUkp0L3NzdmFKeWxMaURKRjJWcVRZMDU5VFZNZz18&cppv=2

Request Chain 113

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/549037503/?random=1664712983111&cv=9&fst=1664712983111&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&auid=10503377.1664712983&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/549037503/?random=1664712983111&cv=9&fst=1664712000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&is_vtc=1&random=2800285937&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/549037503/?random=1664712983111&cv=9&fst=1664712000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&is_vtc=1&random=2800285937&resp=GooglemKTybQhCsO&ipr=y

Request Chain 143

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=6205BB45759B48568DA89081DFBE7731&RedC=c.clarity.ms&MXFR=066B82D9DC30677A257D90E8D830693D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=6205BB45759B48568DA89081DFBE7731&MUID=1427D5329ED663F2359AC7039F0462F2

Request Chain 146

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ypHlmxLMnlg2H4Acghp63uwVqTYorG-1gTk5vA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ypHlmxLMnlg2H4Acghp63uwVqTYorG-1gTk5vA&expires=30

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-w97veBLMnlg2H4Acghp63uwVqTb7OY0xx5QGhw&google_cm&google_hm=ay13OTd2ZUJMTW5sZzJINEFjZ2hwNjN1d1ZxVGI3T1kweHg1UUdodw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-w97veBLMnlg2H4Acghp63uwVqTb7OY0xx5QGhw&google_gid=CAESEDyshIZ0VgHtPozv3edCDqo&google_cver=1&google_ula=913071,0

Request Chain 148

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3612420855431349344

Request Chain 149

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-U-8SVRLMnlg2H4Acghp63uwVqTZBiBv6yaWUZA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-U-8SVRLMnlg2H4Acghp63uwVqTZBiBv6yaWUZA&C=1

Request Chain 150

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gJh_ORLMnlg2H4Acghp63uwVqTbqR9hmRCIZTQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gJh_ORLMnlg2H4Acghp63uwVqTbqR9hmRCIZTQ

Request Chain 161

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3RPXHhLMnlg2H4Acghp63uwVqTbTgV2FRwWcCg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3RPXHhLMnlg2H4Acghp63uwVqTbTgV2FRwWcCg&verify=true

Request Chain 164

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=50KMUdpdkfnx9zW31hjnOrOcjM_gdOgZ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=50KMUdpdkfnx9zW31hjnOrOcjM_gdOgZ

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=WDN6WVlqTHhaS3EwYjRVSWpRa2E%3D&pi=adx&tdc=ash&chain= HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEFzunyZVmml6JwfumeNruDM&google_cver=1&google_ula=5153224,0 HTTP 302
https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEFzunyZVmml6JwfumeNruDM&google_cver=1&google_ula=5153224,0

Request Chain 175

https://gml-grp.com/C.ashx?btag=a_8454b_817c_&affid=2441&siteid=8454&adid=817&c= HTTP 302
https://gml-grp.com/C.ashx?btag=a_8454b_817c_&affid=2441&siteid=8454&adid=817&c=&AutoR=1 HTTP 302
https://www.betano.de/?btag=a_8454b_817c_&utm_medium=2441&utm_source=1&siteid=8454 HTTP 302
https://www.betano.de/?utm_medium=2441&utm_source=1&siteid=8454

Request Chain 177

https://iqbroker.com/lp/mobile-partner/en/?aff=298933 HTTP 302
https://affiliate.iqbroker.com/redir/?forceBackLink=1&aff=298933 HTTP 302
https://iqbroker.com/lp/mobile-partner/pt/

Request Chain 179

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=soVGYycGMoSn-jEJnBeEkSwIph-iKgIn

Request Chain 180

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=V2AKkaWKsTeiKZMM7EpP2orCJ9sNJSgJ

181 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cotosen.com/
Redirect Chain

http://cotosen.com/
https://www.cotosen.com/

398 KB
72 KB

434ms
377ms

Document
text/html

2606:4700::6811:e321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a60703d1f18782e4ae079ca2358056c4af05199c82d2b7763a338ca670e096db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,X_Requested_With,Content-Type
access-control-allow-origin: *
access-control-max-age: 259200
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 753d5e683ec58fc8-FRA
content-encoding: br
content-language: de
content-type: text/html;charset=UTF-8
date: Sun, 02 Oct 2022 12:16:22 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-request-id: 4c44eb35fb54468db6b29f9a3569b2fc
x-server-ip: 172.20.103.234
x-site-id: 30885

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 753d5e650e06b912-AMS
Connection: keep-alive
Content-Type: text/html
Date: Sun, 02 Oct 2022 12:16:21 GMT
Location: https://www.cotosen.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVGeo2f6t8YGzDFvPq6Uf4LdOh%2FeIL0YM4XNZTpAqPMFiYyiiN0NyDIL8L4gsa%2FjqNyC4up3tFkkmnOAoczhGikh%2FacJmrXOLqxKy%2FGl8Vt4xv6Qci5PPWoBxHZ%2BEZtdHCgYvRHmui99bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
431 B 97ms
16ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
content-length: 203

GET
H2 200 vendor-0c8e7ad1a3.css
sources.aopcdn.com/cloud/opShop/pc/css/ 408 KB
68 KB 105ms
53ms Stylesheet
text/css 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/pc/css/vendor-0c8e7ad1a3.css
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4b6cac18809803b685557911961278dfcc6e96a44123403617bfa4c3e51afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 6333B3599EAA1A3038FEE0FE
cf-cache-status: HIT
content-md5: VPqDbTNRldU8La1RyC+Lzw==
age: 380349
cf-polished: origSize=423112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 03:23:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6b0b7590be-FRA
x-oss-hash-crc64ecma: 1024714085614593747
x-oss-server-time: 2
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 index-4704f63158.css
sources.aopcdn.com/cloud/opShop/pc/css/ 188 KB
39 KB 94ms
43ms Stylesheet
text/css 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4704f63158.css
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6141d9714cc328df16ec8dfe0209c0f495e7786d236b9d6d4e529a0d6d05af01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 63326BE32CAF363236AC4F19
cf-cache-status: HIT
content-md5: HDntYXkoT4gwwKwcRxdiyw==
age: 464179
cf-polished: origSize=192410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 03:18:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6b0b7990be-FRA
x-oss-hash-crc64ecma: 10096718695178301769
x-oss-server-time: 5
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 vendor-4d83fc9c1d.js Show response
sources.aopcdn.com/cloud/opShop/script/ 662 KB
186 KB 119ms
67ms Script
application/javascript 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/script/vendor-4d83fc9c1d.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13871bc967b0203c27f38fca9c994763b74b326500fed0c249c91d341253c32e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 631B15289EAA1A353801AE71
cf-cache-status: HIT
content-md5: TYP8nB3PwQ9erkL9mZCgCw==
age: 1993710
cf-polished: origSize=732487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Fri, 09 Sep 2022 10:23:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6b0b7d90be-FRA
x-oss-hash-crc64ecma: 1552834857035757423
x-oss-server-time: 6
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 66ms
24ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-178875983-1

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc00b74b943f688eb2d2bef91ae9f58b552727f36d5ebb4b9490abaa70008506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 Oct 2022 12:16:22 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 107ms
63ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1279
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 753d5e6c4d445be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 05 Oct 2022 12:16:22 GMT

GET
H2 200 index-741be2b968.js Show response
sources.aopcdn.com/cloud/opShop/script/ 106 KB
28 KB 140ms
89ms Script
application/javascript 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/script/index-741be2b968.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8e4aa00b57893dcb6ce5ea3a7d915d75d1246d24340f47a4a0a362ada0e491f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 631ADC4912A71A3633D7A194
cf-cache-status: HIT
content-md5: dBviuWgedN7RCMBLoERO2w==
age: 2008269
cf-polished: origSize=108237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Fri, 09 Sep 2022 06:23:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6b0b7a90be-FRA
x-oss-hash-crc64ecma: 11558538337145633522
x-oss-server-time: 1
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 lib.js Show response
eu-library.klarnaservices.com/ 31 KB
10 KB 82ms
25ms Script
application/javascript 13.32.121.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-library.klarnaservices.com/lib.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 849076f7b83ef1237b84279bd9e05ee519dfe8333cdb592bc4ca5d025c8d466a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:58:05 GMT
content-encoding: br
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified: Fri, 23 Sep 2022 11:54:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 15498
x-amz-server-side-encryption: AES256
etag: W/"94f8eda898d987e3caa43bb28e8c5baa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: dZyb6LHzd8WbJ6OEC7TA6EDgwRXk64TCsL1EFRQnDWixcYVK9x4kcw==

GET
H2 200 i7eo-e584e8f58f.css
sources.aopcdn.com/cloud/common/ 7 KB
5 KB 87ms
36ms Stylesheet
text/css 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/common/i7eo-e584e8f58f.css
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6fbf23fa288cf24f0b14f3660ccb665453d3727387c07fd97633a3877cce7cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 61EFACCE8083E73939A73240
cf-cache-status: HIT
content-md5: 5YTo9Y/FlMR4LsqNO0LW9w==
age: 2261958
cf-polished: origSize=7062
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Fri, 12 Mar 2021 08:16:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6b0b7690be-FRA
x-oss-hash-crc64ecma: 16128361567144840044
x-oss-server-time: 92
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 i7eo-cdb7a0aad4.js Show response
sources.aopcdn.com/cloud/common/ 33 KB
13 KB 95ms
44ms Script
application/javascript 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/common/i7eo-cdb7a0aad4.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb9dc9458faefdd3e10c17022f70d98cf041c358f4a7121e611aac7ec2bce6a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 61EFACCE2CAF3630360DE6DD
cf-cache-status: HIT
content-md5: zbegqtQougeXwv2gd2lgfQ==
age: 2262022
cf-polished: origSize=33459
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Mon, 15 Mar 2021 02:34:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6b0b7f90be-FRA
x-oss-hash-crc64ecma: 2318280625526166053
x-oss-server-time: 49
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 cart-progress-870d7ff2c0.js Show response
sources.aopcdn.com/cloud/opShop/script/ 6 KB
2 KB 89ms
38ms Script
application/javascript 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/script/cart-progress-870d7ff2c0.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e7855fb6fc9cc6c2b7017deeeb72fdb16ac9c81d5bb6316886b4899fd44f340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 6333B215EA9B0D36391C269A
cf-cache-status: HIT
content-md5: YHIVto2yzpdw8v51w/AcCw==
age: 380673
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 03:23:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6b0b7e90be-FRA
x-oss-hash-crc64ecma: 10498003901656960275
x-oss-server-time: 1
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350u5986f3134bfe443fbad8552e0f972edc.gif
ups.aopcdn.com/s30885/common/19256/ 10 KB
11 KB 48ms
32ms Image
image/gif 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/19256/1350u5986f3134bfe443fbad8552e0f972edc.gif?x-oss-process=image/format,gif/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d765a9dc5e1b75305e20897cd7a16280eabd5a7de9de8edaf9fe5ef39787576a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 632A8E4391795F39302187F9
cf-cache-status: HIT
age: 979667
cf-polished: origSize=10574, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10533
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Wed, 21 Sep 2022 03:39:13 GMT
server: cloudflare
etag: "3FA830E759DD464A85F2D66C7ECA5529"
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6c1cdf90be-FRA
x-oss-hash-crc64ecma: 13123198539853535507
x-oss-server-time: 20
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350u62dffc42b510400384097a094a73cf08.png
ups.aopcdn.com/s30885/common/18807/ 6 KB
6 KB 75ms
59ms Image
image/png 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/18807/1350u62dffc42b510400384097a094a73cf08.png?200
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90fd19bb2feac82c9e93dd0f8c3570c6564574834ac812c0d8e7e93f92689d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 61EFACFE2CAF363535B12CDE
cf-cache-status: HIT
content-md5: hBD/LUjrlFIEyGqhZ8P13g==
age: 2261737
cf-polished: origSize=9743, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6027
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Tue, 29 Jun 2021 01:40:55 GMT
server: cloudflare
etag: "8410FF2D48EB945204C86AA167C3F5DE"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6c1ce390be-FRA
x-oss-hash-crc64ecma: 15882305936817277137
x-oss-server-time: 17
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 user-core-b640671d09.js Show response
sources.aopcdn.com/cloud/opShop/script/ 7 KB
3 KB 46ms
45ms Script
application/javascript 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/script/user-core-b640671d09.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8146a64bb27f438cd5ae96bf63acc99815548a2616a2013dee70438cebb7e7c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 6333B35A719F773232E7363C
cf-cache-status: HIT
content-md5: tkBnHQmnqdlWlenXU5ghIQ==
age: 380348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 03:23:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6b9c3690be-FRA
x-oss-hash-crc64ecma: 18132986310976553868
x-oss-server-time: 3
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 login-1d6366dfd2.css
sources.aopcdn.com/cloud/opShop/pc/css/ 1 KB
623 B 42ms
42ms Stylesheet
text/css 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/opShop/pc/css/login-1d6366dfd2.css
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70abafda4a7bace20d7c2db6a982132be3d4e65228794eb74f4e8f4ff76dba9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 6316FD628BA11E39369AF4C2
cf-cache-status: HIT
content-md5: HWNm39J4ijoFrJm04YDs7g==
age: 2261940
cf-polished: origSize=1350
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Wed, 31 Aug 2022 08:32:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6bac3b90be-FRA
x-oss-hash-crc64ecma: 11006456508115807779
x-oss-server-time: 17
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 18ms
16ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.9999713021587233
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
content-length: 18679

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 98ms
47ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
server: nginx
etag: W/"630756af-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Oct 2022 12:16:22 GMT

GET
H2 200 tagtag.min.js Show response
www.artfut.com/static/ 3 KB
2 KB 88ms
42ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/tagtag.min.js?campaign_code=fe9cf762a5

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b1300d909d9777dd97614dc1778aaa570ea95e65a9d63958c716f599b8f400

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1199
pragma: public
last-modified: Mon, 23 May 2022 09:16:32 GMT
server: cloudflare
etag: W/"628b50f0-d05"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BOPm7zfyaVmM3VVOSzfJ5k7KhNx%2BsPTBBsayYVcGmAfQWJHrBSo5NIzf2FFETlEn2QJ26H7x9l%2BZhugde56HUhkt8SsosrWywIyycrvoqtMHaYd%2FKhBc9oa%2FpP9dQc%2BwMd3hbt5bf%2BDG8Hl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200, public
cf-ray: 753d5e6c48769180-FRA
expires: Sun, 02 Oct 2022 12:16:23 GMT

GET
H2 200 op-analytics-dc16129cfd.js Show response
sources.aopcdn.com/cloud/common/Components/ 5 KB
2 KB 38ms
35ms Script
application/javascript 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sources.aopcdn.com/cloud/common/Components/op-analytics-dc16129cfd.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e4eced603f246758e61c46721c5189c124201ff126bdf209696e984724610c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 631B14F65E5EEA3737269F71
cf-cache-status: HIT
content-md5: 3BYSnP3DiH7oc8U7qblHkQ==
age: 1993760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
cf-bgj: minify
last-modified: Fri, 09 Sep 2022 10:23:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6c0cbf90be-FRA
x-oss-hash-crc64ecma: 12700602223587514503
x-oss-server-time: 1
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
40 KB 85ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NF77PZ4

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d55fde170de1b9ccef0ef720faace7a0e13cbae35722f8a850065b69803577a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40693
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 12:16:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 54ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 12:16:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0jCOQVyzGsNF+F7O/CoGWuud8uznhkMndTgSdloby96NpuiACUaXqbQJTZl49ZJmGQZa9fTGnN74E00VQxcTnw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 270ms
142ms Script
application/javascript 84.53.161.83
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5K1TF9HT3DI94DIKE7G&lib=ttq
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.83 Vienna, Austria, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-161-83.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f074be49735fe3cd560812604cccc676f76e55f5c45de613040754fead762533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-akamai-request-id: 51de1cc5
date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a84-53-161-79.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=108
content-length: 1275
pragma: no-cache
server: nginx
x-tt-logid: 202210021216228407CE5C9CD75EF140B9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 109,84.53.161.79
x-tt-trace-host: 017a6eb07a63ab42bde60fe4b0e77d2c03d8727aea91ecfedcc5b4f386be3dd142c222cfa818949a73201ced758528756effa450552d8adac3ae68a332c12f457b74774d790b4251f7859b4bbc02422144
expires: Sun, 02 Oct 2022 12:16:22 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 269ms
161ms Script
application/javascript 84.53.161.83
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCCLGEJC77U7LPPFL4KG&lib=ttq
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.83 Vienna, Austria, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-161-83.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e17b996ef818d3b5fb17d3d6954a2c027ced418aa9897b66b2ae870cea79def4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-akamai-request-id: 1a144e68.51de1ccf
date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a84-53-161-79.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 122,84.53.161.79
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=12, inner; dur=3
content-length: 1273
pragma: no-cache
server: nginx
x-tt-logid: 20221002121622C6A3B906FD8FA0F5EDA8
x-cache-remote: TCP_MISS from a23-220-107-87.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.107.87
x-tt-trace-host: 017a6eb07a63ab42bde60fe4b0e77d2c03a8171d53f548829c17a8c5337078eaeaea94b9191f11b488c80928c3bdf17ee3982a342735902a4a998db266a1d828914b3030aaea4df48ffe41a41e98023ae6ba0a2d7fb32396e0eb5b38ea0be45d89
expires: Sun, 02 Oct 2022 12:16:22 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 25 KB
9 KB 94ms
29ms Script
application/javascript 52.222.225.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.225.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-225-250.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6533db921fa04e1546686ca9111f2cc38032b09365026cf886e3b4d8f58020d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P4
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 8757
x-amz-cf-id: JIL8dKquVfxTVnH1oHLcXvP-Idnx1cZ51GQweIcXKohayIGDgeA5nQ==

GET
H2 200 currencyLang-68da41cb40.png
sources.aopcdn.com/cloud/opShop/images/ 33 KB
33 KB 37ms
37ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sources.aopcdn.com/cloud/opShop/images/currencyLang-68da41cb40.png
Requested by: Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4704f63158.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fd3252c03b161df4233dbc71a76091107ce3a8d0df78e5c8762ae4126492661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4704f63158.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 632CF8449E0E753539F0F831
cf-cache-status: HIT
content-md5: aNpBy0C24WReAsd5Rq3uUA==
age: 821458
cf-polished: origFmt=png, origSize=86740
content-disposition: inline; filename="currencyLang-68da41cb40.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33620
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Thu, 15 Sep 2022 07:21:58 GMT
server: cloudflare
etag: "68DA41CB40B6E1645E02C77946ADEE50"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6c0cc890be-FRA
x-oss-hash-crc64ecma: 3758377531434878877
x-oss-server-time: 2
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 icon-search-e6e3f31fd1.svg
sources.aopcdn.com/cloud/opShop/images/ 797 B
603 B 39ms
38ms Image
image/svg+xml 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sources.aopcdn.com/cloud/opShop/images/icon-search-e6e3f31fd1.svg
Requested by: Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4704f63158.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ddff9611a19127864bb3f767bcc5b94a7f7cc454e674bf4f4ef2ac0d6778f67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sources.aopcdn.com/cloud/opShop/pc/css/index-4704f63158.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-oss-request-id: 61EFAD058083E73930868B40
cf-cache-status: HIT
content-md5: 5uPzH9GkKBzt4FeqaM0BPw==
age: 2261940
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Tue, 25 Jan 2022 07:55:28 GMT
server: cloudflare
etag: W/"E6E3F31FD1A4281CEDE057AA68CD013F"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
cf-ray: 753d5e6c3d1790be-FRA
x-oss-hash-crc64ecma: 5574513850971279347
x-oss-server-time: 3
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6971ae996e0c113ba7fe6939dfd81d7a2ac42b1edafd66a823cecc7db5afed36

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1350u39e4fb8c8e394045b8a37b8d8e401883.png
ups.aopcdn.com/s30885/common/18841/ 1 KB
1 KB 43ms
42ms Image
image/png 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/18841/1350u39e4fb8c8e394045b8a37b8d8e401883.png
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4102d802624ca51e77d93e0e955e986735577f7d5e290ebbb7368d3b28525cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 62F7C0D1E2741F31307BBBC4
cf-cache-status: HIT
content-md5: 1OvUM974ZpWecvPzbCJ4Fw==
age: 1889818
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1084
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Mon, 02 Aug 2021 06:54:10 GMT
server: cloudflare
etag: "D4EBD433DEF866959E72F3F36C227817"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6c6d6190be-FRA
x-oss-hash-crc64ecma: 14592513784047165462
x-oss-server-time: 2
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
DATA 200
OK truncated
/ 770 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcf0f283727ab4b94a2b8d35ea2eec70e36cef551437015c10e74f3f50b8be27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a8b77ab352a45b7838efd3df7ec52251e0f8763fcf78c715690efae5fe079e5

Request headers

Referer
Origin: https://www.cotosen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35d74733c644e9fb4b1993689dc405e8b8bbf95b14bd637718a9becfe249225e

Request headers

Referer
Origin: https://www.cotosen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 retag.js Show response
cdn.lenmit.com/static/js/ 6 KB
3 KB 189ms
76ms Script
application/javascript 2606:4700:20::ac43:4754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lenmit.com/static/js/retag.js?r=2
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:4754 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa07cc8277b2637e78b1984917145a224dbd8ec28be3f16bdc2fc5df059daec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Feb 2022 08:26:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7754
etag: W/"99d34fb0205afe21311da8a5384561d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HD2qHwrTJJHNh68n21vW0fWXM%2FUNlFDLxFuxOYMezeb5vWJkOCsIz6xg0ImGwr3Vn70Mn1w0We7eyy8jadkP9dSbJuQ5Djoi5GnsiZDC97wFJNFPt%2F945KqH63wzgtRkyOtKbWX13E%2BmWoG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 753d5e6d598e9a30-FRA
expires: Mon, 03 Oct 2022 10:07:08 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 22ms
21ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-cdn: fastly
etag: "ef33a337cb7aa4b4f9c294765d2176c0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
fastly-restarts: 1
content-length: 1146

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 187ms
64ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 02 Oct 2022 12:16:21 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7DF50237B9F249AFB6FDD17989DC8010 Ref B: FRAEDGE1314 Ref C: 2022-10-02T12:16:22Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 bsF2DGUf4kC0n75x0THn.js Show response
tags.creativecdn.com/ 4 KB
2 KB 132ms
55ms Script
application/javascript 34.117.98.198
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/bsF2DGUf4kC0n75x0THn.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.98.198 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 198.98.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23768bac423aff7240e9b8e91b238c35055e3cb6413ded4747b5fb0caea4f5a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:42:27 GMT
content-encoding: gzip
age: 2035
x-guploader-uploadid: ADPycdtsljqTZswUr-954BYTfxuWTgPRoeRYmg6iCJepFt-oQwnZD5Z9NvKasSF29ETDe_Qm9SYAvbKOdMp2ZkdtylMSdVUil5mg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1727
last-modified: Wed, 16 Mar 2022 09:33:12 GMT
server: UploadServer
etag: "26ae300e65c5c36cd8ff0a498e33995d"
vary: Accept-Encoding
x-goog-generation: 1647423192114331
x-goog-hash: crc32c=h8u73g==, md5=Jq4wDmXFw2zY/wpJjjOZXQ==
content-type: application/javascript
cache-control: public,max-age=0
x-goog-stored-content-length: 1727
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70f0bf9725cbed5fcefbfab9b542c67941434be1f22c9fbabe74b1380ec05b91

Request headers

Referer
Origin: https://www.cotosen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 1350u62dffc42b510400384097a094a73cf08.png
ups.aopcdn.com/s30885/common/18807/ 6 KB
6 KB 53ms
49ms Image
image/png 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/18807/1350u62dffc42b510400384097a094a73cf08.png?200?x-oss-process=image/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90fd19bb2feac82c9e93dd0f8c3570c6564574834ac812c0d8e7e93f92689d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 62FDDF36269C563632987037
cf-cache-status: HIT
content-md5: hBD/LUjrlFIEyGqhZ8P13g==
age: 1488839
cf-polished: origSize=9743, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6027
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Tue, 29 Jun 2021 01:40:55 GMT
server: cloudflare
etag: "8410FF2D48EB945204C86AA167C3F5DE"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdea90be-FRA
x-oss-hash-crc64ecma: 15882305936817277137
x-oss-server-time: 3
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350ubdbec63256344eeca89a5d14a45b1f34.jpg
ups.aopcdn.com/s30885/common/18853/ 12 KB
12 KB 49ms
45ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/18853/1350ubdbec63256344eeca89a5d14a45b1f34.jpg?x-oss-process=image/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 596beb5f11f0ff82e1ccc454c48baa74ab6b4e404c590996cbc6e215965d011c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 62FDE0F0976259313841165A
cf-cache-status: HIT
age: 1488131
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12020
x-oss-object-type: Normal
last-modified: Sat, 14 Aug 2021 09:00:44 GMT
server: cloudflare
etag: "D074EA428CC68D291A0B99C6BE3BFCC7"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdec90be-FRA
x-oss-hash-crc64ecma: 1532951280167037109
x-oss-server-time: 24
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350u69f481b9bd0b431ab36b301592034317.jpg
ups.aopcdn.com/s30885/common/19256/ 57 KB
57 KB 77ms
73ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/19256/1350u69f481b9bd0b431ab36b301592034317.jpg?x-oss-process=image/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc9a65231fe4ad48416bb5a69768561ca773d73b9e7a1ce7f01b76fdcad9592

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 632ABA20F488A53231A1FDE6
cf-cache-status: HIT
age: 968438
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58196
x-oss-object-type: Normal
last-modified: Wed, 21 Sep 2022 03:56:20 GMT
server: cloudflare
etag: "A86B9C8FA74557B38C80DCD8CAB98D06"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdf090be-FRA
x-oss-hash-crc64ecma: 16502676391929937335
x-oss-server-time: 206
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350u9c699202b68c4fbf8253742b14dfed0f.jpg
ups.aopcdn.com/s30885/common/19249/ 11 KB
11 KB 55ms
51ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/19249/1350u9c699202b68c4fbf8253742b14dfed0f.jpg?x-oss-process=image/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfdad13615a4f2cb43fc5f7bbd2be3f8353d53ed8750fed65081ea8f2405c5e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 63218016613553393753B91E
cf-cache-status: HIT
age: 1573120
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11472
x-oss-object-type: Normal
last-modified: Wed, 14 Sep 2022 06:59:27 GMT
server: cloudflare
etag: "8E73D2FC14AB903216A558683FF84DBC"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdf190be-FRA
x-oss-hash-crc64ecma: 3408391233749702814
x-oss-server-time: 54
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350ue24c9ad5eaa54b10b8c3611f3556cb37.jpg
ups.aopcdn.com/s30885/common/18853/ 3 KB
3 KB 51ms
47ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/18853/1350ue24c9ad5eaa54b10b8c3611f3556cb37.jpg?x-oss-process=image/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbd4601ef4e7df38e61858455bc84a734514e523daecab31bead3f1647026083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 62FDE0F09EAA1A3539075F9A
cf-cache-status: HIT
age: 1488131
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2970
x-oss-object-type: Normal
last-modified: Sat, 14 Aug 2021 07:36:03 GMT
server: cloudflare
etag: "420AB5339C3B690F209970FF30AA7B3E"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdf390be-FRA
x-oss-hash-crc64ecma: 4216228260759963390
x-oss-server-time: 25
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350u5c6a9dda5e914ca3b6ff59280b64fae7.jpg
ups.aopcdn.com/s30885/common/19242/ 80 KB
80 KB 89ms
86ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/19242/1350u5c6a9dda5e914ca3b6ff59280b64fae7.jpg?x-oss-process=image/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02de771d3041f2c25e25ddc71d0379633b58e146962af93c085124897ac3b6f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 631845F69EAA1A32325F6E4F
cf-cache-status: HIT
age: 2177824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82084
x-oss-object-type: Normal
last-modified: Wed, 07 Sep 2022 06:41:48 GMT
server: cloudflare
etag: "2B1AF80D06BED281D458287F6702F8B0"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdf690be-FRA
x-oss-hash-crc64ecma: 7920645979917492341
x-oss-server-time: 138
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350ua9efe294390847a187c3a91ba863cecc.jpg
ups.aopcdn.com/s30885/common/19256/ 52 KB
53 KB 53ms
50ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/19256/1350ua9efe294390847a187c3a91ba863cecc.jpg?x-oss-process=image/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94098d9e26746e65445a38c275d25f90abd2a6bbce84fb46ce0cf938bf837cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 633275032CAF3633335B0130
cf-cache-status: HIT
age: 461843
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53734
x-oss-object-type: Normal
last-modified: Wed, 21 Sep 2022 04:11:53 GMT
server: cloudflare
etag: "69EDEF0FBB1E4ACC8BD3ACE3852B8DD4"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdf890be-FRA
x-oss-hash-crc64ecma: 7418967142103187695
x-oss-server-time: 184
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1535u122eed7b5dbc4eb890bc11dcdaed6de0.jpg
ups.aopcdn.com/s30885/goods/19230/ 23 KB
23 KB 45ms
42ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/goods/19230/1535u122eed7b5dbc4eb890bc11dcdaed6de0.jpg?x-oss-process=image/resize,limit_0,m_fill,w_420,h_420/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bbd5c5cab6bb3dc14638228b7621ddd00b53d4f00500e6bfb3ffc5acfc19248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 6309C179F488A53636323D2C
cf-cache-status: HIT
age: 709917
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23346
x-oss-object-type: Normal
last-modified: Sat, 27 Aug 2022 07:00:39 GMT
server: cloudflare
etag: "91C7180BAF60A6AD72757A89E2A2FCB9"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdfa90be-FRA
x-oss-hash-crc64ecma: 16087077862395047647
x-oss-server-time: 72
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1535ua7deb967e5334ce0891d05ae15db91ef.jpg
ups.aopcdn.com/s30885/goods/19223/ 13 KB
13 KB 47ms
44ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/goods/19223/1535ua7deb967e5334ce0891d05ae15db91ef.jpg?x-oss-process=image/resize,limit_0,m_fill,w_420,h_420/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2561257b9f5e4427d61fdadb66cf58c0a3fc46ac5ffa072bb9f3e0c14062c1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 6309B66EE9011935355D04B8
cf-cache-status: HIT
age: 712857
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13410
x-oss-object-type: Normal
last-modified: Wed, 24 Aug 2022 04:00:07 GMT
server: cloudflare
etag: "90474327FE2C20AC7553F3E1764F590A"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdfd90be-FRA
x-oss-hash-crc64ecma: 5808851688847778259
x-oss-server-time: 59
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1437u7fafcbc1ed6c47979a07bce7dfc0a9d7.jpg
ups.aopcdn.com/s30817/goods/19230/ 19 KB
20 KB 103ms
101ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30817/goods/19230/1437u7fafcbc1ed6c47979a07bce7dfc0a9d7.jpg?x-oss-process=image/resize,limit_0,m_fill,w_420,h_420/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d26390c64e9c6dca172371679c9486c840cbe2d5314c9a35e700fb5ffce195ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 6309B932613553383828A1D9
cf-cache-status: HIT
age: 712148
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19772
x-oss-object-type: Normal
last-modified: Sat, 27 Aug 2022 06:00:40 GMT
server: cloudflare
etag: "4FFC5AA4BC93E4F242CF6C8AC432E855"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6ccdff90be-FRA
x-oss-hash-crc64ecma: 5726637990025470939
x-oss-server-time: 58
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 -2ue301b9cd003c432ba2e644c3965b886f.jpg
img4.aopcdn.com/s30885/goods/18964/ 16 KB
16 KB 59ms
42ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.aopcdn.com/s30885/goods/18964/-2ue301b9cd003c432ba2e644c3965b886f.jpg?x-oss-process=image/resize,limit_0,m_fill,w_420,h_420/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12fd86e58cda1285fed94540d10290b1682ab82a0feeaeadeb0d958feca99cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 6309B66B4EA12130363C6BCF
cf-cache-status: HIT
age: 6723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16194
x-oss-object-type: Normal
last-modified: Thu, 04 Aug 2022 08:00:09 GMT
server: cloudflare
etag: "1DF7AB985CFEA0AD102EEBB1B1D334C5"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6cee2290be-FRA
x-oss-hash-crc64ecma: 15251930041301010332
x-oss-server-time: 60
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 -2u88fa574f5261468e877526b69f2fb4f1.jpg
ups.aopcdn.com/s32030/goods/18933/ 19 KB
19 KB 45ms
42ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s32030/goods/18933/-2u88fa574f5261468e877526b69f2fb4f1.jpg?x-oss-process=image/resize,limit_0,m_fill,w_420,h_420/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d2d0b8e52d666e44e12153a5ca98730da2f7ca6b04cfa1ff5d9aa176ebb5d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 6309B6D78083E731335AACE4
cf-cache-status: HIT
age: 712759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19702
x-oss-object-type: Normal
last-modified: Tue, 02 Nov 2021 09:35:28 GMT
server: cloudflare
etag: "CF68BAF7ADFF017DE985AA174621D21D"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6cce0190be-FRA
x-oss-hash-crc64ecma: 10040046344600074165
x-oss-server-time: 124
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 -2u72073d0c57b5487f99829b4d4e0ced37.jpg
ups.aopcdn.com/s24852/goods/18856/ 13 KB
14 KB 52ms
50ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s24852/goods/18856/-2u72073d0c57b5487f99829b4d4e0ced37.jpg?x-oss-process=image/resize,limit_0,m_fill,w_420,h_420/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82467979080230dcdf438f5c26e6a6208f7ff81634a291a21e12d63fa53e1b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 6309B885976259303410308B
cf-cache-status: HIT
age: 712276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13802
x-oss-object-type: Normal
last-modified: Tue, 17 Aug 2021 04:13:09 GMT
server: cloudflare
etag: "79896A597E6715DD6F5330BA6EA6CE59"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6cce0390be-FRA
x-oss-hash-crc64ecma: 535019782836150095
x-oss-server-time: 2
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1525u99cc7dbc1bdc476ab0e173426a972555.jpg
ups.aopcdn.com/s30885/goods/19172/ 17 KB
17 KB 113ms
111ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/goods/19172/1525u99cc7dbc1bdc476ab0e173426a972555.jpg?x-oss-process=image/resize,limit_0,m_fill,w_420,h_420/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be2cd73a9716336225abcd7274efc3f4ee2d562f468876a96bce13aeb95257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 6309B67C4EA1213330B692CF
cf-cache-status: HIT
age: 712724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17484
x-oss-object-type: Normal
last-modified: Thu, 18 Aug 2022 06:00:33 GMT
server: cloudflare
etag: "0A219160F04E391322DFE20F6359CD55"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6cce0890be-FRA
x-oss-hash-crc64ecma: 751426528636269339
x-oss-server-time: 1
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1532u6e864e3e03db4ca084aa5df6e6d4a15d.jpg
img6.aopcdn.com/s24852/goods/19236/ 14 KB
14 KB 63ms
51ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img6.aopcdn.com/s24852/goods/19236/1532u6e864e3e03db4ca084aa5df6e6d4a15d.jpg?x-oss-process=image/resize,limit_0,m_fill,w_420,h_420/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed7799925f9f874867f89b540a9b5d5d99d87371edecaa4e2c24bf1442bc0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 631060284EA1213434713CF7
cf-cache-status: HIT
age: 7152
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13946
x-oss-object-type: Normal
last-modified: Thu, 01 Sep 2022 07:22:55 GMT
server: cloudflare
etag: "42B3273BA42BACABF1ADA7FE2A6C54AE"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6cde0c90be-FRA
x-oss-hash-crc64ecma: 6680715987605275453
x-oss-server-time: 44
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 1350u97e24f5892f94a868cb9fabae14ebbda.jpg
ups.aopcdn.com/s30885/common/19256/ 110 KB
110 KB 54ms
53ms Image
image/webp 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/19256/1350u97e24f5892f94a868cb9fabae14ebbda.jpg?x-oss-process=image/format,webp/interlace,1/quality,q_80
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1910ac35dac525b66c0cf3da00b83af44af2a4c5de53e9d00299336a33d91ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 632AC01DCB42C4343126BA99
cf-cache-status: HIT
age: 966905
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112858
x-oss-object-type: Normal
last-modified: Wed, 21 Sep 2022 06:04:47 GMT
server: cloudflare
etag: "59689FA1E3E7FF0230B00B55240AFCF9"
vary: Origin, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6cce0a90be-FRA
x-oss-hash-crc64ecma: 1055371403056724733
x-oss-server-time: 191
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 736477600692950 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/736477600692950?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4738a447b22061fb0d8515d2c1d830affed4acc77b4eecbed24a42a53eaf9503

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 12:16:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85888
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hns0bI+GbCn3SLb8pSK2/4k1ZROwad7EPTSCvqycrshhvU2imy0lX6DwDOQipMJA/KOMfIQq54vpc4fFABEUAQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fm.behavior.js Show response
static.tongdun.net/sg/ 140 KB
46 KB 1302ms
160ms Script
application/javascript 2607:a400:2:b::4
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tongdun.net/sg/fm.behavior.js?t=2774522
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:a400:2:b::4 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/2.17 /
Resource Hash: 2a98fb5ce00a85d3db4150e4b29b16c400f87a1d38b039b3e33d7c5677dc91c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:23 GMT
via: T.207.H, V.403-zj-fud-205, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-167, T.187.H, M.gtt-us-lax1-187
content-encoding: br
age: 219785
x-source: U/200
x-upyun-content-type: application/javascript
x-request-id: d97cce29ada255541521ee4e92311a81; bdd08f2f123c47180aaf9ef0f2e0c4be; 49840c986e734bbf67e39cba808c6eae; bf6a95219e2a3d6603a919da25f66d86
last-modified: Thu, 09 Dec 2021 12:11:00 GMT
server: marco/2.17
etag: W/"12dbfde05479ec01bbde85ce0b2acb51"
vary: Accept-Encoding
x-upyun-content-length: 143119
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
expires: Fri, 07 Oct 2022 23:13:18 GMT

GET
H/1.1 200 clear.png
usfp.tongdun.net/fp/ 0
421 B 396ms
112ms Image
text/plain 52.205.170.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://usfp.tongdun.net/fp/clear.png?partnerCode=TDAPProject&appName=TDAPProject_web&tokenId=TDAPProject-1664712982528-2575cde0243f4

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

52.205.170.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-170-131.compute-1.amazonaws.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 12:16:22 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server: openresty
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=180
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 74ms
30ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5SC402EM39&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178875983-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13a61b3146d1c200325c27d3d8b37155d87df036b3efd6ebcb3d04285f811594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75568
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 Oct 2022 12:16:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
15ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178875983-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 11:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3625
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 02 Oct 2022 13:15:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 69ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-549037503&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178875983-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12acefb1925c9af7a6400b44135a94d708522d91b1e225e627721eaaea627e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62772
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 12:16:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 94ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-581629830&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178875983-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb0dcc0a7286ccfdc33feb199fc77b433eb0d63a4ab322e5a8cb9a4defe48f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62726
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 12:16:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 86ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-581672963&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178875983-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c70cd9a7ea11580d9c138e9c716ef57dd18ed4989aff9ca75cca89a638cd0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62742
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 12:16:22 GMT

GET
H2 200 main.3a217bc7.js Show response
s.pinimg.com/ct/lib/ 55 KB
19 KB 21ms
21ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
x-cdn: fastly
etag: "e07e047bcf076284d8d2680e8f0c262c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
fastly-restarts: 1
content-length: 19398

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 64ms
39ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1278
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 753d5e6d2e329bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 05 Oct 2022 12:16:22 GMT

GET
H2 200 register-dialog.woff2
www.cotosen.com/static/opShop/pc/iconfonts/ 772 B
1000 B 173ms
172ms Font
application/octet-stream 2606:4700::6811:e321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cotosen.com/static/opShop/pc/iconfonts/register-dialog.woff2
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e45adaffb50ad71c559b52c2c08ff2d3bd536dd9b50b0c617bb503758c82fe63

Request headers

Referer: https://www.cotosen.com/
Origin: https://www.cotosen.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
cf-cache-status: HIT
age: 5374
content-length: 772
x-request-id: 12b25f325b6d4f88b74185292f846738
last-modified: Thu, 29 Sep 2022 00:26:12 GMT
server: cloudflare
access-control-max-age: 259200
vary: Accept-Encoding
content-type: application/octet-stream;charset=UTF-8
access-control-allow-origin: https://www.cotosen.com
x-server-ip: 172.20.103.197
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 753d5e6dbefd8fc8-FRA
access-control-allow-headers: X-Requested-With,X_Requested_With,Content-Type
expires: Sun, 02 Oct 2022 16:16:22 GMT

GET
H3 200 1350u27946f1993384125a27182c09b655eee.jpg
ups.aopcdn.com/s30885/common/19227/ 117 KB
117 KB 61ms
61ms Image
image/jpeg 2606:4700::6810:5953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.aopcdn.com/s30885/common/19227/1350u27946f1993384125a27182c09b655eee.jpg
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:5953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 366716641fa49a04f185f3b8b29a74f0be62cb2de38e74c0cb069b9facb43c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
x-oss-request-id: 6304956F6135533738E16E97
cf-cache-status: HIT
content-md5: OqdqhEb/3vy9yDXmxf+Rgg==
age: 1048731
cf-polished: origSize=128762, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 119360
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Tue, 23 Aug 2022 08:50:20 GMT
server: cloudflare
etag: "3AA76A8446FFDEFCBDC835E6C5FF9182"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2678400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 753d5e6dcc758fe8-FRA
x-oss-hash-crc64ecma: 11566775127541110831
x-oss-server-time: 2
expires: Wed, 02 Nov 2022 12:16:22 GMT

GET
H2 200 quantity.json Show response
www.cotosen.com/cart/ 46 B
355 B 225ms
224ms XHR
application/json 2606:4700::6811:e321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cotosen.com/cart/quantity.json?_=1664712982650
Requested by: Host: sources.aopcdn.com
URL: https://sources.aopcdn.com/cloud/opShop/script/vendor-4d83fc9c1d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df7eb497ebea720f0ad85ef07a7bb56bc00cd77c5c3668514728b3d7b4733a67

Request headers

Accept: */*
Referer: https://www.cotosen.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 259200
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-server-ip: 172.20.103.237
access-control-allow-credentials: true
cf-ray: 753d5e6dbf008fc8-FRA
access-control-allow-headers: X-Requested-With,X_Requested_With,Content-Type
x-site-id: 30885
x-request-id: aa442d2820c0438ba7fcc95042d51892

GET
H2 200 tracking.min.js Show response
www.artfut.com/static/ 24 KB
7 KB 68ms
68ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/tracking.min.js?campaign_code=fe9cf762a5

Requested by

Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=fe9cf762a5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3423e2830e0e8512380b5995774e5d31c763daf4acf434d145a6c2e2fbbfa35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124
pragma: public
last-modified: Mon, 23 May 2022 09:16:29 GMT
server: cloudflare
etag: W/"628b50ed-616e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q44%2F6XrpysmW0OfHPqCNAKWvSB4ZeePOigH6yZpRwwLvxHHz9FWv4o4rtSl6vLcdHPSzmNs34Q7AjtQy7RU1UCppPJbNOcZb01iFb5o1kyEguZe8M%2FL8GzrzX96BmYg6fS%2FdlB3YCF3AnVgc"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200, public
cf-ray: 753d5e6dac109180-FRA
expires: Sun, 02 Oct 2022 12:34:18 GMT

GET
H2 200 crossdevice.min.js Show response
www.artfut.com/static/ 24 KB
8 KB 32ms
31ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/crossdevice.min.js?campaign_code=fe9cf762a5

Requested by

Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=fe9cf762a5

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d31eb6c11df6156d1a8616666104c6d44a53c1b0a8e1b5e09ad693836cface

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111
pragma: public
last-modified: Mon, 23 May 2022 09:16:36 GMT
server: cloudflare
etag: W/"628b50f4-5f2e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qzr7V54Hrp1bE2jOgoK79%2BplbNglyfArpCgLtW9a5L6gL7x%2FReOqu3do5bScsWVVlyaTEESm%2FQ7Jmm8LN2K0ctGJldXCJE3Z8JqTGHJvPbDakl0ByBd%2B7SuwGI96yZJcLrQCtx%2BFZ9osQMSs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1200, public
cf-ray: 753d5e6dac159180-FRA
expires: Sun, 02 Oct 2022 12:34:31 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 269E 15 KB
6 KB 71ms
23ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.cotosen.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cotosen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 12:16:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 678772
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 A2923015-a522-4e2f-b9dd-c705e52fa87b1.js Show response
utt.impactcdn.com/ 42 KB
13 KB 351ms
102ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A2923015-a522-4e2f-b9dd-c705e52fa87b1.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 43fd0e4736ae07ebcfa4fc191912a7e825156ba606d5a08be43c919c89f30970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:14:01 GMT
content-encoding: gzip
age: 141
x-guploader-uploadid: ADPycdv5oB4Dn6RF0Orkd3aED_mzTGtgJXdyCsViyseJ9ruvbuVxwVYX1aMv_1Bv9Ve1cCSXDY06_dJZc9UKaK7776R5gg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13158
last-modified: Mon, 01 Aug 2022 04:25:01 GMT
server: UploadServer
etag: "89587d8442dbe11e75956d4d3a7fb62e"
vary: Accept-Encoding
x-goog-generation: 1659327901557488
x-goog-hash: crc32c=7HI3Qw==, md5=iVh9hELb4R51lW1NOn+2Lg==
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13158
accept-ranges: bytes
expires: Sun, 02 Oct 2022 12:19:01 GMT

GET
H2 200 k_cotosen.js Show response
scripts.prdredir.com/scripts/ 79 KB
30 KB 235ms
176ms Script
text/javascript 2606:4700:e6::ac40:c30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_cotosen.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c96b481c6610c3de990215c4b84afd212967fadbfaf9538c05f12edb75918953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: cac5bf57-c859-45ba-b15a-5870b7b54dfd
x-runtime: 0.019770
server: cloudflare
etag: W/"c96b481c6610c3de990215c4b84afd21"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBTvp5wA7ZNlFr6RAe7D1KE0kd8f5snsTRvtz8QG4GMPfYDGPf2G%2FRkIQ7w3%2BnLWkYlueapBsdZESrDxJ3D5pTYaBl2%2Bq5nEtwwg0Q3RYmsX0uOxk5CSm0hVdWgXwX8l87oimokCy12VS%2Bft0PLK0MACzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, public
cf-ray: 753d5e6e3c3d9c10-FRA
expires: 2022-09-02 12:16:22 UTC

GET
H2 200 p093.js Show response
api.hrznads.com/u/43/ 700 B
1 KB 355ms
109ms Script
text/javascript 54.243.66.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.hrznads.com/u/43/p093.js?campaignID=f6f8bb4b-215c-4134-902f-8ffb9718b00d&tid=1&campaignName=Cotosen&cb=1664712982682&krl=https%3A%2F%2Fwww.cotosen.com%2F
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.66.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-66-229.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: cbfe7ef66f9914aeb4d9442be4137f2bb7606d2a1cf8372cf07aa9bfee003348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
server: nginx/1.23.1
etag: W/"2bc-Rm8TOdP28tPxresmIi6lmaLr5NI"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 700

GET
H2 200 webimg_tr.js Show response
nc-1.theoverall.link/ 2 KB
930 B 406ms
110ms Script
application/javascript 52.45.120.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://nc-1.theoverall.link/webimg_tr.js?v=1

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.45.120.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-120-164.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7125cc161f9f4e5c03866c6421d0a8e4d0874069ead9b4514006aceac4f4c42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=60
expires: Sun, 02 Oct 2022 12:17:23 GMT

GET
H2 200 code.js Show response
webtrafficsource.com/track/ 644 B
871 B 266ms
21ms Script
application/javascript 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/track/code.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 4b3e2fa269ed7b27cfb61d5c90e78073a7911db1ab9aa9d75e79f6908dc2274e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
content-type: application/javascript;charset=UTF-8

GET
H2 200 clk.min.js Show response
analytics.webgains.io/ 83 KB
31 KB 81ms
20ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/clk.min.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43d82e0a7fbadccc9d100696fb970decfdbe1df38c079cc8101ef4b6689f9728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:27:45 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 15:27:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 74917
etag: W/"7141e9bbef032b9cc2d8c2abd6b54515"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7LoTCARR-RQObQWlwvTcmiHXCF8mv0V2tPCtOkHev5-oRJebzS3E9g==

GET
H3 200 696138651674653 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/696138651674653?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57d125e924fe29fc4111234aa0070b02a2350ba06c99f796a0548615595a5885

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 12:16:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85890
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9kajJL9U4CWmnhEejW4Kk7+xTP5WLm9Oe9Wt8c39cAijMTQlZ28lCX6tGBcyp2YJbjPyeQIElr0wUDy3DWnSrQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2

200

v2 Show response
us.creativecdn.com/tags/
Redirect Chain

https://us.creativecdn.com/tags/v2?type=json
https://us.creativecdn.com/tags/v2?type=json&tc=1

313 B
646 B

174ms
174ms

Fetch
application/json

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: 7a72c52030cf8525af2846cf42ad4dca0d88fd842e72ecd86aaaead49ddb4649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT, Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.cotosen.com
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 259
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 02 Oct 2022 12:16:23 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://www.cotosen.com
access-control-allow-methods: GET, POST
location: https://us.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 481ms
158ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cotosen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.cotosen.com
access-control-max-age: 3600
content-length: 0
date: Sun, 02 Oct 2022 12:16:23 GMT
vary: Origin

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
485 B 226ms
43ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614073784049&pd=%7B%7D&cb=1664712982748
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pin-unauth: dWlkPU5HWmhZMlptWTJFdE5HRTJNaTAwWmpVeExUbGhabVF0WmpabE9HUTVaR1poTm1NMw
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Sun, 02 Oct 2022 12:16:22 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cotosen.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1486093279309878
content-length: 373
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
753 B 225ms
42ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&tid=2614073784049&cb=1664712982749
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pin-unauth: dWlkPU5URTVaams0WW1RdE1tRTBaQzAwWXpZeUxXSXdNMlV0WmpFMFl6Vm1NelZtTXpWbA
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Sun, 02 Oct 2022 12:16:22 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cotosen.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1426770166421275
content-length: 373
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
z.lenmit.com/retag/tags/ 777 B
878 B 90ms
28ms Script
application/javascript 185.26.99.247
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://z.lenmit.com/retag/tags/?code=9ce8884df1
Requested by: Host: cdn.lenmit.com
URL: https://cdn.lenmit.com/static/js/retag.js?r=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.26.99.247 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde430-2.fornex.org
Software: nginx /
Resource Hash: 884d999f69ec27d17be1b2211831930aae722f3afdedc96194cd448d8606dbf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: application/javascript
date: Sun, 02 Oct 2022 12:16:22 GMT
server: nginx
content-length: 777
p3p: CP="NON DSP COR CURa TIA"

GET
H2 200 25145188.js Show response
bat.bing.com/p/action/ 1 KB
842 B 156ms
156ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25145188.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd20998adbb24ad963efba64ffbee9b587d065ec7100c19f90a3c335cb08dd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 02 Oct 2022 12:16:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 230C4792E81941CDAA65B629345B294C Ref B: FRAEDGE1314 Ref C: 2022-10-02T12:16:22Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 82ms
82ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25145188&Ver=2&mid=45cc1ce9-1c63-4ea6-af9c-e269afd48a82&sid=07682260424c11ed8d630b9fe6f44448&vid=076858f0424c11edb40e5f88b5f76072&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&kw=mens%20clothing,%20tactical%20clothing,%20outdoor%20sports%20and%20leisure%20clothing,vintage%20clothing,tactical%20pants,%20mens%20outwear,%20hiking%20footwear,%20uniform%20clothing,%20mens%20t-shirt,%20mens%20sweatshirt%20&p=https%3A%2F%2Fwww.cotosen.com%2F&r=&lt=1803&evt=pageLoad&sv=1&rn=511800

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 02 Oct 2022 12:16:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AAF6867D501E4568992947DD3AB865C6 Ref B: FRAEDGE1314 Ref C: 2022-10-02T12:16:22Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.Mi4wLjAuNTVfMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
97 KB 35ms
35ms Script
application/javascript 84.53.161.83
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTVfMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5K1TF9HT3DI94DIKE7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.83 Vienna, Austria, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-161-83.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-akamai-request-id: 51de1eac
date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20220927123900B480F71D889E11FB28FA
vary: Accept-Encoding
x-cache: TCP_HIT from a84-53-161-79.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ee3f0dfa0b15da869e50c1a1db38bdac8ab43f688bd456dbd58df3f23913d03b8b1da4e615f636961511d3a4c992f112d8e850686912d48eeefe236621c471de6fac1594cc06e08ac70c5622fd7f4514
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=23
content-length: 98186

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 55ms
23ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=271276952&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cotosen.com%2F&ul=en-us&de=UTF-8&dt=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=1066467780&gjid=1783011723&cid=922815448.1664712983&uid=&tid=UA-178875983-1&_gid=269101634.1664712983&_r=1&gtm=2ou9s0&z=1368402239

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cotosen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/006d63c1-85a7-422e-9d16-e3ff6b9cc83a/ 5 KB
2 KB 51ms
36ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/006d63c1-85a7-422e-9d16-e3ff6b9cc83a/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf79cbb6236a5279890bb55d1fb4ec356552c487a08cb02ec4d2fab2529e7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2271
cf-polished: origSize=5082
status: 200 OK
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 55a2aa35-2aea-4e26-b760-65e4fb76d18a
x-runtime: 0.031971
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"3c333621bf1388dd4fd5396a0965838b"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 753d5e6e999c5be1-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 02 Oct 2022 13:16:22 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 170ms
77ms Script
text/javascript 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-549037503&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 12:16:22 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
347 B 62ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5SC402EM39&gtm=2oe9s0&_p=271276952&_gaz=1&cid=922815448.1664712983&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1664712982&sct=1&seg=0&dl=https%3A%2F%2Fwww.cotosen.com%2F&dt=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5SC402EM39&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cotosen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 75ms
26ms Ping
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5SC402EM39&cid=922815448.1664712983&gtm=2oe9s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5SC402EM39&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cotosen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 92ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5SC402EM39&cid=922815448.1664712983&gtm=2oe9s0&aip=1&z=1584784593

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
479 B 122ms
25ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=11157a01-9db7-448a-9659-b26a3b79baee

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

c3c75402ec485980ac78b6bdc63ba90f13f7ec2f40b02e4f4ba5d5f4a19090b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cotosen.com
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 78 B
164 B 123ms
27ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=11157a01-9db7-448a-9659-b26a3b79baee&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fefceaa71730d43e9322005d13177457a7ece8a9d702437218e7aa93c53edede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cotosen.com
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 49ms
44ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614073784049&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.cotosen.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1664712982913
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:22 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 8266788952656603
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame F530 0
294 B 61ms
27ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=11157a01-9db7-448a-9659-b26a3b79baee&u_scsid=4f50512f-74a5-4f1d-b3a5-69dc12e3ac64&u_sclid=9b0184c0-7f4a-4528-8ff1-152351825b6d

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cotosen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 02 Oct 2022 12:16:22 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p
tr.snapchat.com/ 68 B
315 B 71ms
38ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryxL08FfrTaBLw2ZV1

Response headers

date: Sun, 02 Oct 2022 12:16:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://www.cotosen.com
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2

200

sid Show response
mug.criteo.com/ Frame 269E
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=cotosen.com&sn=ChromeSyncframe&so=0&topUrl=www.cotosen.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Tz4AynxEOGR4eTc5dWtlWUJWZlMzTHdTRlZzdFNyTmlwQ215MTV1TGdTYzVLSm43VHZKTFd4RUVkQUQyc01ObnJRZXJ3U0VSQ3pFSnppOXlVRGxLWko2clRKK0V5cWM5SldZWk1vcmE1cUFDL3ZUc2E4TWNtR0wzbGtlU0...

425 B
653 B

316ms
27ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Tz4AynxEOGR4eTc5dWtlWUJWZlMzTHdTRlZzdFNyTmlwQ215MTV1TGdTYzVLSm43VHZKTFd4RUVkQUQyc01ObnJRZXJ3U0VSQ3pFSnppOXlVRGxLWko2clRKK0V5cWM5SldZWk1vcmE1cUFDL3ZUc2E4TWNtR0wzbGtlU09ObjJDWVc4VmF0L2hHRkJPcnFlSXY4Ni9ERWgvRkoxL0UvY3NTMFlvbkpMUmRYOTM0RlRBb1VXSC9pUHpJRVJxTytjVTh3L1Y0NXNPK0I2SjRrTnpHMjMyVElyN2tKZ1pVVS9BN21wUWFQS3VIOFNZa1pVWXZsb2tGaXlZdkd4MmkzY3RHdWkvM21KTGZ2VzBmK0EvTVRUUkp0L3NzdmFKeWxMaURKRjJWcVRZMDU5VFZNZz18&cppv=2

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0cf33d7da5f92752c38c28e49aab4705d232f2d47abde37b8f88b9df0cabda90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1800215
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Tz4AynxEOGR4eTc5dWtlWUJWZlMzTHdTRlZzdFNyTmlwQ215MTV1TGdTYzVLSm43VHZKTFd4RUVkQUQyc01ObnJRZXJ3U0VSQ3pFSnppOXlVRGxLWko2clRKK0V5cWM5SldZWk1vcmE1cUFDL3ZUc2E4TWNtR0wzbGtlU09ObjJDWVc4VmF0L2hHRkJPcnFlSXY4Ni9ERWgvRkoxL0UvY3NTMFlvbkpMUmRYOTM0RlRBb1VXSC9pUHpJRVJxTytjVTh3L1Y0NXNPK0I2SjRrTnpHMjMyVElyN2tKZ1pVVS9BN21wUWFQS3VIOFNZa1pVWXZsb2tGaXlZdkd4MmkzY3RHdWkvM21KTGZ2VzBmK0EvTVRUUkp0L3NzdmFKeWxMaURKRjJWcVRZMDU5VFZNZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 949428
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 25ms
25ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-178875983-1&cid=922815448.1664712983&jid=1066467780&gjid=1783011723&_gid=269101634.1664712983&_u=4GBAAUAAAAAAAC~&z=1985744710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 12:16:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cotosen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 199737898771252 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/199737898771252?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c096aab7e6137c588392fbdc11c5fcb09e650dc2a8fd9c41c92eec6a9224701f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 12:16:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86039
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 3qPMXL62cgEqBA0gx2k3PEznPq8nw+e0OKi4qO2GwTBASulRoyWp+vz0tb0lVFUNx3uXfSXTt0hsxTbIsrG8zw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 25145188 Show response
www.clarity.ms/tag/uet/ 2 KB
3 KB 471ms
259ms Script
application/x-javascript 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/25145188
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/25145188.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: d9ec7bc3e6ee292ec0d0226967b0eb4f447a3138adb6706dae36328278a8338a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date: Sun, 02 Oct 2022 12:16:23 GMT
x-powered-by: ASP.NET
x-azure-ref: 0F4E5YwAAAADVioXYgvYRQ6SFf3UcM0DQRlJBMjMxMDUwNDE4MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 2464
expires: -1

GET
H2 200 admit_cotosen.js Show response
rtg.l10.agency/resources/content/ 1 KB
1 KB 355ms
182ms Script
text/javascript 2606:4700:3033::ac43:d085
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rtg.l10.agency/resources/content/admit_cotosen.js

Requested by

Host: cdn.lenmit.com
URL: https://cdn.lenmit.com/static/js/retag.js?r=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:d085 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

500214f984df5e3e26fc1336225809ad9934aa76af8da89077f22dba51183038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1263f848-d07c-413b-9938-33a66bd440bc
x-runtime: 0.002179
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"500214f984df5e3e26fc1336225809ad"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuHx3VWRhAoldY3Q5AVxT0PMC8AV98%2FqUx%2Fiv52AQgHW27ReNvVtVrnSl0awV2kn86w1JG8iAXQ4Ia5%2FeTj%2BKoYEjSzv1olVlVnKl8nSv5uv5Jr8dHkSF%2FBDvL6ULB01cWPtcAj3GrfpJ83rwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, private
cf-ray: 753d5e711dc19bf8-FRA

GET
H/1.1 200
OK rtg.js Show response
tag.forceadmedia.com/ 439 B
843 B 559ms
117ms Script
application/javascript 137.184.242.20
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.forceadmedia.com/rtg.js
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.20 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: 37077f3ff8ab85729439c824449ac25165ef19bf63850d81d218525fc4b05197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
x-powered-by: Express
surrogate-control: no-store
transfer-encoding: chunked
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0

GET
H2 200 analytics.js Show response
cdn.clickanalyticsresource.com/ 2 KB
1 KB 395ms
251ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clickanalyticsresource.com/analytics.js
Requested by: Host: cdn.lenmit.com
URL: https://cdn.lenmit.com/static/js/retag.js?r=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6b8cf89f7553ce96e56c6f3e26a4616b9a9b3513a7cebb98de292f8c48661c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 10 Aug 2022 10:32:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"6e6-182874ff341"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RztDjwNyja8fAzFndSF5VIKDgDVy8APPhqnk%2F%2FtmMlKbmfiyJ2MfAe5WBRgsStuIzDw%2F78MjzK6dsADeg2dJ8vqoNPWa7q8jOim%2FkSToBlqCnBXouIx3dHqmP5NAGtzrsed57RPzoq7guhmNy6gVbngvsm0P1sGy6lpZHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 753d5e70ef499193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 tr Show response
webtrafficsource.com/ 0
12 B 20ms
20ms XHR
text/plain 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/tr
Requested by: Host: webtrafficsource.com
URL: https://webtrafficsource.com/track/code.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Length
date: Sun, 02 Oct 2022 12:16:23 GMT
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 204 tr
webtrafficsource.com/ Frame 0
0 53ms
21ms Preflight 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/tr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cotosen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type
access-control-allow-methods: POST,GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 02 Oct 2022 12:16:23 GMT
via: 1.1 google

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
546 B 152ms
152ms Ping
application/octet-stream 84.53.161.83
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTVfMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.83 Vienna, Austria, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-161-83.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
x-akamai-request-id: 51de2105
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20221002121623685CC4E857E80AED4FB8
x-cache: TCP_MISS from a84-53-161-79.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 117,84.53.161.79
x-tt-trace-host: 017a6eb07a63ab42bde60fe4b0e77d2c03d8727aea91ecfedcc5b4f386be3dd14208e710fd74191fcbdbc018689621492b14be98b3b6eb625deee6d725c726fedd50f3461ed044593094938e80afc8b660
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=7, origin; dur=117
content-length: 0
expires: Sun, 02 Oct 2022 12:16:23 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
688 B 174ms
173ms Ping
application/octet-stream 84.53.161.83
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTVfMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.83 Vienna, Austria, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-161-83.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1a145a42.51de210a
date: Sun, 02 Oct 2022 12:16:23 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a84-53-161-79.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 131,84.53.161.79
server-timing: cdn-cache; desc=MISS, edge; dur=122, origin; dur=23, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022100212162388694E198F8520EA03AE
x-cache-remote: TCP_MISS from a23-220-107-87.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.220.107.87
x-tt-trace-host: 017a6eb07a63ab42bde60fe4b0e77d2c03a8171d53f548829c17a8c5337078eaeaea94b9191f11b488c80928c3bdf17ee304312b887ca8d9cb8749752be50f6f68de9f923ce28ed3944d5bffd258a65dc8972e14940ffa80dc589d361b95f033eb
expires: Sun, 02 Oct 2022 12:16:23 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
351 B 44ms
44ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&tid=2614073784049&cb=1664712982749&pd=%7B%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.cotosen.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1664712983082
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1262136896222501
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 95ms
55ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-178875983-1&cid=922815448.1664712983&jid=1066467780&_u=4GBAAUAAAAAAAC~&z=2037958602

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 89ms
54ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-178875983-1&cid=922815448.1664712983&jid=1066467780&_u=4GBAAUAAAAAAAC~&z=2037958602

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/581629830/ 2 KB
2 KB 72ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/581629830/?random=1664712983104&cv=9&fst=1664712983104&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&auid=10503377.1664712983&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc47fb85851f698840eb4094a6f9b1b212b431601ae8b3880b25b72413e840b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/581629830/ 2 KB
1 KB 105ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/581629830/?random=1664712983107&cv=9&fst=1664712983107&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&auid=10503377.1664712983&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

373325ab156d7187a65eb503ede5374382d7214eefe31c98ce051facdaeb9f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/581672963/ 2 KB
1 KB 70ms
32ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/581672963/?random=1664712983109&cv=9&fst=1664712983109&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&auid=10503377.1664712983&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1bb4e12f16a06715d8a852c7f11a37548ab5a1c462e49ee0e4bc91f7ec9c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/581672963/ 2 KB
1 KB 71ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/581672963/?random=1664712983110&cv=9&fst=1664712983110&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&auid=10503377.1664712983&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4dafd489309bcd7fe6abd20b722005d486c25d5d9bfa17b6de87f0a7957d76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/549037503/ 2 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/549037503/?random=1664712983111&cv=9&fst=1664712983111&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&auid=10503377.1664712983&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca43a98685920bddb80530cdabb1dd9184996ef6bf9c6424d37a70323cdf74ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/549037503/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/549037503/?random=1664712983111&cv=9&fst=1664712983111&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/549037503/?random=1664712983111&cv=9&fst=1664712000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/549037503/?random=1664712983111&cv=9&fst=1664712000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

31ms
30ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/549037503/?random=1664712983111&cv=9&fst=1664712000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&is_vtc=1&random=2800285937&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/549037503/?random=1664712983111&cv=9&fst=1664712000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&is_vtc=1&random=2800285937&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 59ms
22ms Image
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=736477600692950&ev=PageView&dl=https%3A%2F%2Fwww.cotosen.com%2F&rl=&if=false&ts=1664712983123&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664712983122.738864525&it=1664712982513&coo=false&rqm=GET

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 12:16:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 59ms
22ms Image
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=696138651674653&ev=PageView&dl=https%3A%2F%2Fwww.cotosen.com%2F&rl=&if=false&ts=1664712983125&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664712983122.738864525&it=1664712982513&coo=false&rqm=GET

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 12:16:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 60ms
23ms Image
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=199737898771252&ev=PageView&dl=https%3A%2F%2Fwww.cotosen.com%2F&rl=&if=false&ts=1664712983126&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664712983122.738864525&it=1664712982513&coo=false&rqm=GET

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 12:16:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 p093.js Show response
api.hrznads.com/u/42/ Frame AC99 43 B
316 B 108ms
108ms Document
image/gif 54.243.66.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.hrznads.com/u/42/p093.js?code=cHdq&isq=0&cb=dbaf51139418398a05553&tod=1302&if=false&turl=https://www.cotosen.com/&pop=https%3A%2F%2Fwww.cotosen.com%2F
Requested by: Host: api.hrznads.com
URL: https://api.hrznads.com/u/43/p093.js?campaignID=f6f8bb4b-215c-4134-902f-8ffb9718b00d&tid=1&campaignName=Cotosen&cb=1664712982682&krl=https%3A%2F%2Fwww.cotosen.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.66.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-66-229.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
content-length: 43
content-type: image/gif
date: Sun, 02 Oct 2022 12:16:23 GMT
server: nginx/1.23.1

GET
H2 200 webimg_tr.php
nc-1.theoverall.link/ 0
393 B 109ms
108ms Image
image/jpeg 52.45.120.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nc-1.theoverall.link/webimg_tr.php?ua=dW5kZWZpbmVk&ul=en-US&os=Win32&p=false&n=false&wd=false&c=true&s=false&ln=33&h=1200&w=1600&o=undefined&ff=false&op=false&ch=true&sf=false&ie=false

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.45.120.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-120-164.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
cache-control: max-age=60
strict-transport-security: max-age=63072000
server: nginx
expires: Sun, 02 Oct 2022 12:17:23 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/581672963/ 42 B
449 B 76ms
37ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/581672963/?random=1664712983109&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=2407401069&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/581672963/ 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/581672963/?random=1664712983109&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=2407401069&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/581629830/ 42 B
449 B 73ms
35ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/581629830/?random=1664712983104&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=2820346725&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/581629830/ 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/581629830/?random=1664712983104&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=2820346725&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/581672963/ 42 B
449 B 72ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/581672963/?random=1664712983110&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=205636709&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/581672963/ 42 B
64 B 36ms
35ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/581672963/?random=1664712983110&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=205636709&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/549037503/ 42 B
449 B 53ms
36ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/549037503/?random=1664712983111&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=3277936724&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/549037503/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/549037503/?random=1664712983111&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=3277936724&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/581629830/ 42 B
449 B 46ms
37ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/581629830/?random=1664712983107&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=1233835731&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/581629830/ 42 B
64 B 34ms
34ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/581629830/?random=1664712983107&cv=9&fst=1664712000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.cotosen.com%2F&tiba=Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen&async=1&fmt=3&is_vtc=1&random=1233835731&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 216ms
53ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=an%3Dwww.cotosen.com%26cn%3DDE%26ln%3Dde&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=JXv8nF9qMk1oeFRJemRaWDZJZ080YWVneElyJTJGWE5sT1BGemo4c25hWGRlODVlSHlqVld1V3MzTE5SS1F1ZVdnMExaTkZ6a1dxMGN3amhMd3BoT050WWFBQlBsWWFXeDFKMUtmRXFMVndHcjY0cGtnMU5yVXYxcG9RVm9zMDZTdjZ2NVVSVjRCNGRQYzBQJTJGeiUyQlJuJTJCZVRtU0RVZyUzRCUzRA&tld=cotosen.com&fu=https%253A%252F%252Fwww.cotosen.com%252F&dtycbr=28225

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7487e2775a8275726a7d4c01403e55a0eadd697172c05184cdef423e3d106740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 28223163
timing-allow-origin: *
expires: 0

GET
H3 200 admit_cotosen.gif Show response
rtg.l10.agency/hit/ 63 KB
23 KB 183ms
149ms Script
text/javascript 2606:4700:3033::ac43:d085
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rtg.l10.agency/hit/admit_cotosen.gif?ref=&lp=https%3A%2F%2Fwww.cotosen.com%2F&d=1664712983347

Requested by

Host: rtg.l10.agency
URL: https://rtg.l10.agency/resources/content/admit_cotosen.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d085 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca9f08cc2d7951eb61f9486298db4c2d7b5b2a31c15c2189d19741cb0883c478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0ea01a61-c9cf-4ff3-bad7-c92cd66dd2b6
x-runtime: 0.012787
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ca9f08cc2d7951eb61f9486298db4c2d"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xNL7Zxz%2F5NiJnWElNQgVUd3KO73RlbimyNgMn9ZrLa1CP6N7umYaZKz9KFR7IDBtvT26hWa7Jsl%2BhzS5%2BY5GvujNJIX9TD2aq8jFbzc31i9fnchBgadXaFTU5uYiLGjWD%2BMNE%2BcxTrwZTocZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 753d5e723fb48fe6-FRA

POST
H3 200 adtag
cdn.clickanalyticsresource.com/ 0
0 217ms
217ms Fetch
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clickanalyticsresource.com/adtag
Requested by: Host: cdn.clickanalyticsresource.com
URL: https://cdn.clickanalyticsresource.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzpdV13oDQqHhs7Lk8cNMuL0682qMyyW4EtqvkEeNmrqspDVBbILw1SuHAdD2reXCmVPU0x7uquJENRT9JBkgvVw8ePNcomckbjTaySmMICYfgB7X7Fhzbksc882ghcrIoJ6naoMGsAsosAU8Wbx%2FtKa98Q7gi3jX33XeTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 753d5e747de29073-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 204 adtag
cdn.clickanalyticsresource.com/ Frame 0
0 302ms
222ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clickanalyticsresource.com/adtag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cotosen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 753d5e731b509073-FRA
content-length: 0
date: Sun, 02 Oct 2022 12:16:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haGSZI98XQCLuitd%2FYpnaJT73OmArt86KdWLg9V0jdjRHeDmfQWvmSQRYmTBfSq4RRXMF9QQOcOEmiBWUbPMbEUyUYeD0D2D4Hl%2B8EMJ%2FBiFfFIcpqfme8G5LHfcsNONCgZuVSaUx7iIlFra7CBDF1a6w1Mvu3AqZTa5Ovs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 /
log.pinterest.com/ 0
206 B 140ms
139ms Image
text/plain 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=iwYTaF9rYP5T&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.cotosen.com%2F&viaSrc=canonical
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 02 Oct 2022 12:16:23 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1155810281495589
content-length: 0
x-served-by: cache-hhn4077-HHN
pragma: no-cache
server: envoy
x-timer: S1664712983.434468,VS0,VE96
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.6.42/ 53 KB
23 KB 156ms
156ms Script
application/javascript 2620:1ec:40::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/25145188
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:23 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8d4495324d7d4"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0F4E5YwAAAACzrY3kukzTQp0BU46mtBTGRlJBMjMxMDUwNDE4MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H/1.1 200
OK campaign_name_NMSOx1Ac1zaHR0cHM6Ly93d3cuY290b3Nlbi5jb20v.js Show response
tag.forceadmedia.com/ 0
397 B 109ms
109ms Script
application/javascript 137.184.242.20
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.forceadmedia.com/campaign_name_NMSOx1Ac1zaHR0cHM6Ly93d3cuY290b3Nlbi5jb20v.js
Requested by: Host: tag.forceadmedia.com
URL: https://tag.forceadmedia.com/rtg.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.184.242.20 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
x-powered-by: Express
surrogate-control: no-store
transfer-encoding: chunked
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 38ms
19ms Image
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=736477600692950&ev=Microdata&dl=https%3A%2F%2Fwww.cotosen.com%2F&rl=&if=false&ts=1664712983649&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen%20%22%2C%22meta%3Adescription%22%3A%22Cotosen%20is%20an%20The%20Global%20Store%20Online%20Apparel%20Brand%20Of%20Outdoor%20clothing%2C%20footwears.%20Fusing%20fashion%20and%20function%2C%20Shop%20the%20best%20outdoor%20menswear%20brands%20on%20the%20market%20today.%20%22%2C%22meta%3Akeywords%22%3A%22mens%20clothing%2C%20tactical%20clothing%2C%20outdoor%20sports%20and%20leisure%20clothing%2Cvintage%20clothing%2Ctactical%20pants%2C%20mens%20outwear%2C%20hiking%20footwear%2C%20uniform%20clothing%2C%20mens%20t-shirt%2C%20mens%20sweatshirt%20%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fcommon%2F18807%2F1350uac597973be40433abba07ed2c10238c8.png%40!w200%22%2C%22og%3Asite_name%22%3A%22cotosen%22%2C%22og%3Atitle%22%3A%22Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen%22%2C%22og%3Adescription%22%3A%22Cotosen%20is%20an%20The%20Global%20Store%20Online%20Apparel%20Brand%20Of%20Outdoor%20clothing%2C%20footwears.%20Fusing%20fashion%20and%20function%2C%20Shop%20the%20best%20outdoor%20menswear%20brands%20on%20the%20market%20today.%22%2C%22og%3Aurl%22%3A%22%2F%2Fwww.cotosen.com%2F%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664712983122.738864525&it=1664712982513&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 12:16:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 37ms
20ms Image
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=696138651674653&ev=Microdata&dl=https%3A%2F%2Fwww.cotosen.com%2F&rl=&if=false&ts=1664712983651&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen%20%22%2C%22meta%3Adescription%22%3A%22Cotosen%20is%20an%20The%20Global%20Store%20Online%20Apparel%20Brand%20Of%20Outdoor%20clothing%2C%20footwears.%20Fusing%20fashion%20and%20function%2C%20Shop%20the%20best%20outdoor%20menswear%20brands%20on%20the%20market%20today.%20%22%2C%22meta%3Akeywords%22%3A%22mens%20clothing%2C%20tactical%20clothing%2C%20outdoor%20sports%20and%20leisure%20clothing%2Cvintage%20clothing%2Ctactical%20pants%2C%20mens%20outwear%2C%20hiking%20footwear%2C%20uniform%20clothing%2C%20mens%20t-shirt%2C%20mens%20sweatshirt%20%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fcommon%2F18807%2F1350uac597973be40433abba07ed2c10238c8.png%40!w200%22%2C%22og%3Asite_name%22%3A%22cotosen%22%2C%22og%3Atitle%22%3A%22Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen%22%2C%22og%3Adescription%22%3A%22Cotosen%20is%20an%20The%20Global%20Store%20Online%20Apparel%20Brand%20Of%20Outdoor%20clothing%2C%20footwears.%20Fusing%20fashion%20and%20function%2C%20Shop%20the%20best%20outdoor%20menswear%20brands%20on%20the%20market%20today.%22%2C%22og%3Aurl%22%3A%22%2F%2Fwww.cotosen.com%2F%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664712983122.738864525&it=1664712982513&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 12:16:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 36ms
20ms Image
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=199737898771252&ev=Microdata&dl=https%3A%2F%2Fwww.cotosen.com%2F&rl=&if=false&ts=1664712983652&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen%20%22%2C%22meta%3Adescription%22%3A%22Cotosen%20is%20an%20The%20Global%20Store%20Online%20Apparel%20Brand%20Of%20Outdoor%20clothing%2C%20footwears.%20Fusing%20fashion%20and%20function%2C%20Shop%20the%20best%20outdoor%20menswear%20brands%20on%20the%20market%20today.%20%22%2C%22meta%3Akeywords%22%3A%22mens%20clothing%2C%20tactical%20clothing%2C%20outdoor%20sports%20and%20leisure%20clothing%2Cvintage%20clothing%2Ctactical%20pants%2C%20mens%20outwear%2C%20hiking%20footwear%2C%20uniform%20clothing%2C%20mens%20t-shirt%2C%20mens%20sweatshirt%20%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fups.aopcdn.com%2Fs30885%2Fcommon%2F18807%2F1350uac597973be40433abba07ed2c10238c8.png%40!w200%22%2C%22og%3Asite_name%22%3A%22cotosen%22%2C%22og%3Atitle%22%3A%22Men%27s%20Outdoor%20Clothing%20Online%20Shopping%20%7C%20Cheap%20Price%20Free%20Shipping%20Over%20%2499%20%7C%20Cotosen%22%2C%22og%3Adescription%22%3A%22Cotosen%20is%20an%20The%20Global%20Store%20Online%20Apparel%20Brand%20Of%20Outdoor%20clothing%2C%20footwears.%20Fusing%20fashion%20and%20function%2C%20Shop%20the%20best%20outdoor%20menswear%20brands%20on%20the%20market%20today.%22%2C%22og%3Aurl%22%3A%22%2F%2Fwww.cotosen.com%2F%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664712983122.738864525&it=1664712982513&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 12:16:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 v2
us.creativecdn.com/tags/ Frame 0
0 158ms
158ms Preflight 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cotosen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.cotosen.com
access-control-max-age: 3600
content-length: 0
date: Sun, 02 Oct 2022 12:16:23 GMT
vary: Origin

POST
H2 204 collect Show response
k.clarity.ms/ 0
176 B 785ms
504ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.cotosen.com
date: Sun, 02 Oct 2022 12:16:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 660c6519d91af540602b10d86b594fc2c1f936316419779b25915081355b19cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame C9DA 565 B
423 B 47ms
47ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.cotosen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 12:16:24 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1644996765449429

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=6205BB45759B48568DA89081DFBE7731&RedC=c.clarity.ms&MXFR=066B82D9DC30677A257D90E8D830693D
https://c.clarity.ms/c.gif?CtsSyncId=6205BB45759B48568DA89081DFBE7731&MUID=1427D5329ED663F2359AC7039F0462F2

42 B
368 B

84ms
83ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=6205BB45759B48568DA89081DFBE7731&MUID=1427D5329ED663F2359AC7039F0462F2
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:24 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
etag: "8d3298b0aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 447DF1C990B94825BD7FD613ED8C8ECB Ref B: FRAEDGE1314 Ref C: 2022-10-02T12:16:24Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=6205BB45759B48568DA89081DFBE7731&MUID=1427D5329ED663F2359AC7039F0462F2
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 cm Show response
us.creativecdn.com/ Frame 5BFF 244 B
433 B 163ms
162ms Document
text/html 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/cm?type=iframe&sru=https%3A%2F%2Fwww.cotosen.com%2F&ti=bsF2DGUf4kC0n75x0THn&mcm=1&c=US
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/bsF2DGUf4kC0n75x0THn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: a4be6031f571792450127dea796bf3f80b634ef7a5154fcb3fb012115cc2862d

Request headers

Referer: https://www.cotosen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-encoding: gzip
content-length: 194
content-type: text/html;charset=utf-8
date: Sun, 02 Oct 2022 12:16:24 GMT Sun, 02 Oct 2022 12:16:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: Accept-Encoding

GET
H2 200 fledge-igmembership Show response
fledge-usa.creativecdn.com/ Frame 8D83 1 KB
892 B 221ms
161ms Document
text/html 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://fledge-usa.creativecdn.com/fledge-igmembership?ntk=yqy9QH0zsoEJiByBbbneVvkBq8yk1cEnZS9VOTnLdCJRq2jajnrKkXsZlQNuRs6igyUUR0m7KDxw59SMuXMoZA
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/bsF2DGUf4kC0n75x0THn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: 1c4213978e95313f45a64fa411b28d0cd0aac19cee1c4d9cd0e6644d3b6a03c5

Request headers

Referer: https://www.cotosen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 444
content-type: text/html;charset=utf-8
date: Sun, 02 Oct 2022 12:16:24 GMT Sun, 02 Oct 2022 12:16:24 GMT
expires: Mon, 03 Oct 2022 12:16:24 GMT
origin-trial: Ak5VBljBsjJRD9BC0VYrnHXYCIGSsChJNaOqX8hbKIGHkDDje71v/ij0z52980oFG8GrMXGX5DDkr55QzNcS0w0AAABxeyJvcmlnaW4iOiJodHRwczovL2NyZWF0aXZlY2RuLmNvbTo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjY5NzY2Mzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
vary: Accept-Encoding

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame E5D7
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ypHlmxLMnlg2H4Acghp63uwVqTYorG-1gTk5vA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ypHlmxLMnlg2H4Acghp63uwVqTYorG-1gTk5vA&expires=30

43 B
495 B

19ms
19ms

Image
image/gif

3.122.47.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ypHlmxLMnlg2H4Acghp63uwVqTYorG-1gTk5vA&expires=30
Protocol: HTTP/1.1
Server: 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 12:16:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ypHlmxLMnlg2H4Acghp63uwVqTYorG-1gTk5vA&expires=30
Date: Sun, 02 Oct 2022 12:16:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E5D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-w97veBLMnlg2H4Acghp63uwVqTb7OY0xx5QGhw&google_cm&google_hm=ay13OTd2ZUJMTW5sZzJINEFjZ2hwNjN1d1ZxVGI3T1kwe...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-w97veBLMnlg2H4Acghp63uwVqTb7OY0xx5QGhw&google_gid=CAESEDyshIZ0VgHtPozv3edCDqo&google_cver=1&google_ula=913071,0

43 B
370 B

27ms
26ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-w97veBLMnlg2H4Acghp63uwVqTb7OY0xx5QGhw&google_gid=CAESEDyshIZ0VgHtPozv3edCDqo&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1162906
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-w97veBLMnlg2H4Acghp63uwVqTb7OY0xx5QGhw&google_gid=CAESEDyshIZ0VgHtPozv3edCDqo&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E5D7
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3612420855431349344

43 B
371 B

54ms
54ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3612420855431349344

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 28839050
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 12:16:24 GMT
AN-X-Request-Uuid: 9158d657-6dcd-4be7-ab52-d2ef7a4bfd42
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3612420855431349344
Connection: keep-alive
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame E5D7
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-U-8SVRLMnlg2H4Acghp63uwVqTZBiBv6yaWUZA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-U-8SVRLMnlg2H4Acghp63uwVqTZBiBv6yaWUZA&C=1

43 B
869 B

180ms
48ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-U-8SVRLMnlg2H4Acghp63uwVqTZBiBv6yaWUZA&C=1
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wh9LRU65B%2B6IhxpfTqtvCM1EmfcY7HR4WccMHF%2FahXyX%2Bj%2B8mZC6PlpeoQNVCf%2FcQ4wU4vgg9Lv1L1wcQt27OUnXyl4CptLrnPlssrYAz5J7riLzY0cRM%2BfNaUxdYLDNU8oN"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753d5e7a7bc0bb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dzz%2BxDmKQed4L0oQh8XWyy7KzbakEW47XKdT9wWALAfoKDZCSHAyDFEkglp3Ns%2Buw3X3XL%2BOVTBKj0OjOWeNpFUk92UynmGj3F5YTOI0ObtSKMc0M5W78Ypi0CKaZ3EqxOdJ"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-U-8SVRLMnlg2H4Acghp63uwVqTZBiBv6yaWUZA&C=1
cache-control: no-cache
cf-ray: 753d5e797be69bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E5D7
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gJh_ORLMnlg2H4Acghp63uwVqTbqR9hmRCIZTQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gJh_ORLMnlg2H4Acghp63uwVqTbqR9hmRCIZTQ

43 B
447 B

44ms
43ms

Image
image/gif

63.34.160.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gJh_ORLMnlg2H4Acghp63uwVqTbqR9hmRCIZTQ
Protocol: H2
Server: 63.34.160.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-160-83.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Oct 2022 12:16:24 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gJh_ORLMnlg2H4Acghp63uwVqTbqR9hmRCIZTQ
date: Sun, 02 Oct 2022 12:16:24 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame E5D7 45 B
785 B 136ms
62ms Image
image/gif 184.51.8.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Urzt4RLMnlg2H4Acghp63uwVqTZLp2QRfJH6yQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-51-8-30.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 02 Oct 2022 12:16:24 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Sun, 02 Oct 2022 12:16:24 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame E5D7 0
884 B 137ms
75ms Image
text/html 35.158.179.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-k6qIIBLMnlg2H4Acghp63uwVqTbOoVQI8Rw44g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.179.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-179-233.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:24 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E5D7 0
145 B 431ms
97ms Image
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-huZauxLMnlg2H4Acghp63uwVqTYJt4-f0bzaig
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 12:16:24 GMT
Cache-Control: no-cache
X-TraceId: 62c28d1246c4651e275d0649d8828fd4
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E5D7 0
225 B 119ms
21ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-qzXXaRLMnlg2H4Acghp63uwVqTaanL9IQwPR2A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 12:16:23 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame E5D7 0
239 B 131ms
20ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-mtONFBLMnlg2H4Acghp63uwVqTa0rDppzficyQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame E5D7 0
35 B 131ms
16ms Image
text/plain 52.29.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-RyWyyxLMnlg2H4Acghp63uwVqTZMHilt3GoRqw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.139.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:24 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E5D7 43 B
163 B 452ms
46ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-w3XEZRLMnlg2H4Acghp63uwVqTb9Ilj6NhzXJg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:23 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E5D7 0
99 B 90ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-II6oXxLMnlg2H4Acghp63uwVqTYLDFxSAxiFEg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:24 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22873

GET
H2 200 um
criteo-sync.teads.tv/ Frame E5D7 23 B
172 B 332ms
226ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-d76RBBLMnlg2H4Acghp63uwVqTbNn27PqbMxKA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Sun, 02 Oct 2022 12:16:24 GMT
pragma: no-cache
date: Sun, 02 Oct 2022 12:16:24 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame E5D7 37 B
140 B 84ms
17ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-_utR6RLMnlg2H4Acghp63uwVqTbxphqMP5m6MA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame E5D7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3RPXHhLMnlg2H4Acghp63uwVqTbTgV2FRwWcCg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3RPXHhLMnlg2H4Acghp63uwVqTbTgV2FRwWcCg&verify=true

0
121 B

19ms
19ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3RPXHhLMnlg2H4Acghp63uwVqTbTgV2FRwWcCg&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3RPXHhLMnlg2H4Acghp63uwVqTbTgV2FRwWcCg&verify=true
date: Sun, 02 Oct 2022 12:16:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame E5D7 43 B
163 B 352ms
68ms Image
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-ggHRuxLMnlg2H4Acghp63uwVqTa97GbR43G-4w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:24 GMT
last-modified: Fri, 07 Feb 2020 08:03:24 GMT
server: nginx
accept-ranges: bytes
etag: "5e3d19cc-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame E5D7 49 B
235 B 84ms
25ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-foXePxLMnlg2H4Acghp63uwVqTYnOypcBaZRzw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:24 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E5D7
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=50KMUdpdkfnx9zW31hjnOrOcjM_gdOgZ
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=50KMUdpdkfnx9zW31hjnOrOcjM_gdOgZ

42 B
942 B

417ms
416ms

Image
image/gif

34.255.95.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=50KMUdpdkfnx9zW31hjnOrOcjM_gdOgZ

Protocol

HTTP/1.1

Server

34.255.95.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-95-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-063d3650f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Wd3cclLLT04=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v044-0deb8e9c6.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: a1SdWihgRGI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=50KMUdpdkfnx9zW31hjnOrOcjM_gdOgZ
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame E5D7 43 B
1 KB 60ms
17ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-loHTNxLMnlg2H4Acghp63uwVqTbU5X6tZmmvhQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 02 Oct 2022 12:16:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame E5D7 43 B
183 B 325ms
102ms Image
image/gif 2600:1f18:612b:4216:7ad5:1326:2d1:191d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-XSRjNRLMnlg2H4Acghp63uwVqTY0-grx_nhI3w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:7ad5:1326:2d1:191d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 02 Oct 2022 12:16:24 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame E5D7 43 B
153 B 301ms
70ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-toc5xxLMnlg2H4Acghp63uwVqTZoUKKMsN0Ibg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Oct 2022 12:16:24 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E5D7 0
522 B 149ms
66ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-JhMgjRLMnlg2H4Acghp63uwVqTYEjgGfn4JLxQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 12:16:24 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sat, 01 Oct 2022 12:16:24 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame E5D7 43 B
220 B 264ms
41ms Image
image/gif 63.34.53.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-J37iOBLMnlg2H4Acghp63uwVqTbto6FGp6h8zg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.53.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-53-236.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 02 Oct 2022 12:16:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200 profile.json Show response
usfp.tongdun.net/fp3/ 254 B
1 KB 111ms
111ms Script
text/javascript 52.205.170.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usfp.tongdun.net/fp3/profile.json?partner=TDAPProject&app_name=TDAPProject_web&token_id=TDAPProject-1664712982528-2575cde0243f4&a=oapTNX82EU1L0Hu0ej57MDXte%2F7PYNwSS5qNtL9xe6omRf%2BSpXL1OKL3zidMRA0wj9Mpw2H5ygZIVRZzkDs%2FIOj2nT3ATfUwMbkAlvlf5wGzTH6fJwtPiTwUSmYWIHzYHjevD0TybMHTD7oL%2BL6wFA%3D%3D&b=U86QAWvHODpm0TDr0hXgmfC5pOfB5RC3dThO9vgjS0KEAmAUn%2B%2FhVeutVC8oYgkcJKhtBxGxlS23flYxHLATAbmU%2FgEbyY7rIe5Ojf13lvBoldVnBLy23%2F4UNxVbobNlmiD6GfENgV8%2BkoZXvgL9Nvk%2F3oSsoreM0gRJu8inh3GXx%2FHGVms35%2Fc3OS70Q2vIoYXOjwoVZAeACXPA0oks7WN4hzN8cz92&c=Y%2BbFSrR8cPne5HtY%2BITGJfWjPAQp2T7HBxjQTbl%2BOFdzaHdQb5vLH%2Fxr%2Bstk9zunTn%2FsFiw63eLIOHjpBhFwnGa9qjzg4GwGSwikLStx4s6muveLZZhCvi%2F%2FnIOy9VqcJrFQfRoLU6o%3D&d=Ha7yfEIm4InxC31LYAVPy0d3TxMi4HYq33KcABDBQs6Rr8sYhclYgAoF7CPDKbSS8wD33jQDY0Rgw%2FHMxTTVTFLw2s0KNJn5qORBV6bU7TCZ6hJqN9G9OW72cqGu3XrdgwtAIEN4JhVdRarbQfdhdk12WyWAcIghmSrnu3hNKvrW6Z2%2F8mctQOv7QsBZoMHUZko8xvlI3T8ruEgJIQT%2BF964LMO5J%2FGhuamzcop8oSuI65%2B31u5UVAfM2%2FM8z3i8%2BkOXEM8VP7uyXMFIC7%2Fe46uK%2BFkb7Mf3vr6cJ4BA%2BHdPM78fZ1VBJPX%2FCrw6iXF2swIOeNgZLO1Rflr7nSv%2FOS4S%2BaCupJdTkbyyFea6OnFFPSe1zDd3wtU%2BjvEEDKEtYm4rkzMbeFRItpZjxoorKw%3D%3D&g=NqgKALBNH6DCMQzWiv%2F1wPij1c%2FsCzwl2PVbke6NPNosDBt93vwCb97zh%2FehICF7WmO5RGiYQCW4uxRPv86R%2FVaHD3mEwpyqfYhHNDbk%2FIs1Q5J1wq3GMloi8uCSyusw0n6xeH3Qxhr84ZZ4QA80wBoq0rwrkoXWnDl%2BE2slvqFo%2FfxtL0F8FWG0qorWpBC8sfqCRtodzIEBXCF4t4oPWQEKMOKfFWoY7CFxB6oPAnmJ5VDUOehUvQDprN6UShscfMKf8%2BMlu62S2BgiW9FhgZzc%2BOFtimoi6YaxPFFGhXZJXum%2BuKQrumTrv7oaaqg0X8gN6lbYqtVLOFBI1tdJrYUf%2B22cTgJrKZEhn5n2wygz75rYq%2Fu5Oitl%2FOdCDQKQ7S10v1LiNMWLtIiqgKQjH%2FJ6z2EL5Q%2B6BefCyAtWBJn0ZrU2hykjcQ%3D%3D&f=ACw4byWv4XwZujHERz8BCSHGuolPDUKb&e=BycNUqxNsEy745kNMex6YKbXUm7B8mvT4sbv27rIKMEZPp4qPpy5OkydT%5CrNfntcyM4I15IlSXjty5OxAAT0PHKW5XWJnW9ptAIIskiVIBRvGrfjKnfBPLgNJstKlyR6&q=iTbECCnkys80oqXa2tQbxsPwi1WEuWapqG8YReEZY2QWYWA0bE3VR4nL7mRnJmKYBmuHVVx5FYKVBrcjxmP2U57yQMx29kAudgox5p70T5cDOaNNgprp7QGj%2Fd7fbeawPW%2Fn3eP9HcI%3D&v=G2JPJKBvVJVUM5%2FSogr2Bg%3D%3D&idf=1664712984075-15740435748&w=CKp6j18B3HQtUJnJMsOpK6UqhFH6qAHFdrkajMLLTes%3D&ct=Wxztup3di7g%3D&_callback=_1664712984308_4186&p=ITI8HRU5r3oLDftjT0Kijg%3D%3D&h=12509a977c10c4a430f586c1624c6edb

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

52.205.170.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-170-131.compute-1.amazonaws.com

Software

openresty /

Resource Hash

d28fcb68b30dcc6d3ee15f8422d04e4366bbd2cd52d04821812d4462d3c6a481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 12:16:24 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP=IVAa PSAa, CP=IVAa PSAa, CP=IVAa PSAa
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=180
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H2 200 fc7c920d9b61d76f23202b1fba7187831644b9a88f0de03a1e6a326af7915a5b Show response
mediamathrdrt.com/product/ Frame 2583 199 B
650 B 178ms
125ms Document
text/html 2606:4700:3037::6815:17f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mediamathrdrt.com/product/fc7c920d9b61d76f23202b1fba7187831644b9a88f0de03a1e6a326af7915a5b

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:17f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a4c24cae2d913cd353de5a6bc1dc446a9209bebef643bd3f5d61960ea180d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cotosen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 753d5e78bfa592ab-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Sun, 02 Oct 2022 12:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0CVuyFFe92drMi14lJN1ceDuub6MTuPnnK70vFgV8MCtQp8MToz%2FNNidF06sHmlHJK70vA5RJKDsm1rLi6njwwU55BhgZgCkmkvMd0gqdXHfM5kl7%2BehJ9TSysmrsrGZL7Rvhg887hdjgqGhJj6Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 b7fd58b858b670a11efb78f17dd874ce80cbeac0cf398d54b0a28b221f4300dc Show response
prdredir.com/product/ Frame EB28 238 B
528 B 132ms
122ms Document
text/html 2606:4700:e6::ac40:c30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prdredir.com/product/b7fd58b858b670a11efb78f17dd874ce80cbeac0cf398d54b0a28b221f4300dc

Requested by

Host: www.cotosen.com
URL: https://www.cotosen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c30f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28b21811d22d3c6ac4b9035fb96b957f1a3af9be45e1d2ccd1e60809ba3d5445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cotosen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 753d5e787fa59c10-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Sun, 02 Oct 2022 12:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TcxxxjA1QumRQmuoSpbmPpC%2FUeGZYdoLS%2B52Pr%2FqqWgJFNwqyHKQHX%2BvDb8aWf5twPZnpqlmqmKKJkbgeMaT7BqXau2qjeHkZnpbpk6a79Dr%2FAFVNfG8N2SGpwys8%2BcS1ROEikzvppjCrc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 click Show response
redirect.lista10.dev/ Frame 564A 236 B
817 B 297ms
168ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redirect.lista10.dev/click?click_id=PNZvKUFxtEkEaUYY

Requested by

Host: rtg.l10.agency
URL: https://rtg.l10.agency/hit/admit_cotosen.gif?ref=&lp=https%3A%2F%2Fwww.cotosen.com%2F&d=1664712983347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57e701a602643839c5053dc0afebfa3249366b35f16e133d9906fc0291c30ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cotosen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 753d5e797c5e9b71-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 12:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NB1XtXNGI9t7u9H6InkYLzDhgIyQ9x1hSuOY0l%2BXzyjIGADU%2FHlH8s63rl5fBIU2pi2cWYR2QFlfCUPviumQzA6EB5WN45H3k3aSefuvSbmGC4NqCpIwqfiOvOOSFJTRmJjXHdrLlCAy31R8IMhpc5iFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 200 OK
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 548cf8e1-dd67-4a9b-b855-8f5a0683a0cc
x-runtime: 0.008353
x-xss-protection: 1; mode=block

GET
H2

200

cm
ash.creativecdn.com/adx/ Frame 5BFF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=WDN6WVlqTHhaS3EwYjRVSWpRa2E%3D&pi=adx&tdc=ash&chain=
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEFzunyZVmml6JwfumeNruDM&google_cver=1&google_ula=5153224,0
https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEFzunyZVmml6JwfumeNruDM&google_cver=1&google_ula=5153224,0

42 B
243 B

166ms
159ms

Image
image/gif

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEFzunyZVmml6JwfumeNruDM&google_cver=1&google_ula=5153224,0
Requested by: Host: us.creativecdn.com
URL: https://us.creativecdn.com/cm?type=iframe&sru=https%3A%2F%2Fwww.cotosen.com%2F&ti=bsF2DGUf4kC0n75x0THn&mcm=1&c=US
Protocol: H2
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.creativecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 12:16:24 GMT, Sun, 02 Oct 2022 12:16:24 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ash.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ash&chain=&google_gid=CAESEFzunyZVmml6JwfumeNruDM&google_cver=1&google_ula=5153224,0
date: Sun, 02 Oct 2022 12:16:24 GMT
content-length: 0

GET
H2

200

/
www.betano.de/ Frame EB28
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_8454b_817c_&affid=2441&siteid=8454&adid=817&c=
https://gml-grp.com/C.ashx?btag=a_8454b_817c_&affid=2441&siteid=8454&adid=817&c=&AutoR=1
https://www.betano.de/?btag=a_8454b_817c_&utm_medium=2441&utm_source=1&siteid=8454
https://www.betano.de/?utm_medium=2441&utm_source=1&siteid=8454

0
0

122ms
122ms

Image
text/html

2606:4700:4400::6812:2337
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.betano.de/?utm_medium=2441&utm_source=1&siteid=8454
Requested by: Host: prdredir.com
URL: https://prdredir.com/product/b7fd58b858b670a11efb78f17dd874ce80cbeac0cf398d54b0a28b221f4300dc
Protocol: H2
Server: 2606:4700:4400::6812:2337 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prdredir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 Oct 2022 12:16:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
location: /?utm_medium=2441&utm_source=1&siteid=8454
x-farm: DE-SB01
cache-control: no-store
cf-ray: 753d5e809a81bbec-FRA
content-length: 0
x-xss-protection: 1; mode=block
x-cacheable-status: 302

GET
H2 403 /
casadeapostas.com/pt-br/ Frame 2583 0
0 81ms
25ms Image
text/html 2606:4700::6811:7050
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casadeapostas.com/pt-br/?pmc=EONF
Requested by: Host: mediamathrdrt.com
URL: https://mediamathrdrt.com/product/fc7c920d9b61d76f23202b1fba7187831644b9a88f0de03a1e6a326af7915a5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mediamathrdrt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2

200

/
iqbroker.com/lp/mobile-partner/pt/ Frame 564A
Redirect Chain

https://iqbroker.com/lp/mobile-partner/en/?aff=298933
https://affiliate.iqbroker.com/redir/?forceBackLink=1&aff=298933
https://iqbroker.com/lp/mobile-partner/pt/

0
0

23ms
23ms

Image
text/html

185.117.134.138
IQOPTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iqbroker.com/lp/mobile-partner/pt/
Requested by: Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=PNZvKUFxtEkEaUYY
Protocol: H2
Server: 185.117.134.138 , Cyprus, ASN204006 (IQOPTION, CY),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 Oct 2022 12:16:24 GMT
strict-transport-security: max-age=15555600
x-content-type-options: nosniff
server: nginx
x-cdn: Imperva
location: https://iqbroker.com/lp/mobile-partner/pt/
x-iinfo: 13-220333352-220333357 NNNN CT(12 32 0) RT(1664712984294 24) q(0 0 0 0) r(0 0) U5
backend: arbitre_v4_api
content-length: 0

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 124ms
123ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.cotosen.com
date: Sun, 02 Oct 2022 12:16:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E5D7
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=soVGYycGMoSn-jEJnBeEkSwIph-iKgIn

0
338 B

143ms
39ms

Image
text/plain

79.125.33.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=soVGYycGMoSn-jEJnBeEkSwIph-iKgIn
Protocol: H2
Server: 79.125.33.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-33-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Sun, 02 Oct 2022 12:16:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1664712985
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=soVGYycGMoSn-jEJnBeEkSwIph-iKgIn
date: Sun, 02 Oct 2022 12:16:24 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 17196957
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame E5D7
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=V2AKkaWKsTeiKZMM7EpP2orCJ9sNJSgJ

35 B
268 B

439ms
139ms

Image
image/gif

3.141.157.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=V2AKkaWKsTeiKZMM7EpP2orCJ9sNJSgJ
Protocol: H2
Server: 3.141.157.49 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-157-49.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 12:16:26 GMT
x-bt-requestid: 0966e780-424c-11ed-bc8a-0000ac17036b
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=V2AKkaWKsTeiKZMM7EpP2orCJ9sNJSgJ
date: Sun, 02 Oct 2022 12:16:25 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1625722
content-length: 0

POST
H/1.1 200 v2 Show response
behavior.tongdun.net/behavior/upload/ 120 B
448 B 631ms
110ms XHR
application/json 52.205.170.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://behavior.tongdun.net/behavior/upload/v2?partner_code=TDAPProject
Requested by: Host: www.cotosen.com
URL: https://www.cotosen.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 52.205.170.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-170-131.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 1ebe3072a9ee5476c90e4e0c1644828a427161ecb96db81750229c402e780804

Request headers

Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary87jBGscuOD4PCu8T

Response headers

Date: Sun, 02 Oct 2022 12:16:26 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=180

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 37ms
37ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1284
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 753d5e838de79bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 01 Nov 2022 12:16:26 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/006d63c1-85a7-422e-9d16-e3ff6b9cc83a/ 184 B
597 B 141ms
79ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/006d63c1-85a7-422e-9d16-e3ff6b9cc83a/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c4a53f30b16f37bbf4c08730326578a1843d3b1fc518d0c2ab2524209c7ea0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1
status: 200 OK
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5b484efe-d8ee-4dfb-af1d-ebc41b425e6c
x-runtime: 0.007754
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9c4a53f30b16f37bbf4c08730326578a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 753d5e847d698fe8-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 fe74a233-5490-43c2-8fd7-a9ba841b016b
img.onesignal.com/permanent/ 4 KB
5 KB 49ms
35ms Image
image/jpeg 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/permanent/fe74a233-5490-43c2-8fd7-a9ba841b016b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f316694f3a4d33817449b0a2b676388dd5359519272221c5f22a6827441e17d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cotosen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:16:26 GMT
x-amz-meta-cache-control: public, maxage=604800
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: BT417VEHQ76S302D
age: 2319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4446
x-amz-id-2: BRigtnA9PIMXq394ay41cU680EXQd4yYsTBIQBH0k9P8xYdyXmCk3bDLOnmul0Z5kz96dbUBrdY=
last-modified: Sat, 24 Jul 2021 06:10:19 GMT
server: cloudflare
etag: "0a3548d37b916f68f520fac6e681d262"
vary: Accept-Encoding
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 753d5e84ce085be1-FRA
expires: Wed, 02 Nov 2022 12:16:26 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
48 B 1471ms
1471ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cotosen.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.cotosen.com
date: Sun, 02 Oct 2022 12:16:27 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 06:26:39	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.cotosen.com/	1969-12-31 23:59:59	Name: locale Value: de
www.cotosen.com/	1969-12-31 23:59:59	Name: ccy Value: EUR
www.cotosen.com/	1970-01-20 15:10:48	Name: _opu Value: op_84aa8f4f65e68883_18398a03d9a_f7c8
www.cotosen.com/	1970-01-20 06:26:39	Name: _opud Value: op_ab80637c08a2fbae_18398a03d9a_d0fa
www.cotosen.com/	1970-01-20 15:10:48	Name: _odevice Value: 416453897
.bing.com/	1970-01-20 15:46:48	Name: MUID Value: 1427D5329ED663F2359AC7039F0462F2
www.cotosen.com/	1970-01-20 15:10:48	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22iw1BCz9w9NLMWcrX4oLs%22%7D
.criteo.com/	1970-01-20 15:46:48	Name: uid Value: 69063657-a6a8-4d98-9aad-366e0528b640
.cotosen.com/	1970-01-20 06:26:39	Name: _uetsid Value: 07682260424c11ed8d630b9fe6f44448
.cotosen.com/	1970-01-20 15:46:48	Name: _uetvid Value: 076858f0424c11edb40e5f88b5f76072
.cotosen.com/	1970-01-20 06:26:39	Name: _gid Value: GA1.2.269101634.1664712983
.cotosen.com/	1970-01-20 06:25:13	Name: _gat_gtag_UA_178875983_1 Value: 1
.cotosen.com/	1970-01-20 08:34:48	Name: _gcl_au Value: 1.1.10503377.1664712983
.cotosen.com/	1970-01-20 16:01:12	Name: _ga_5SC402EM39 Value: GS1.1.1664712982.1.0.1664712982.60.0.0
.cotosen.com/	1970-01-20 16:01:12	Name: _ga Value: GA1.1.922815448.1664712983
.cotosen.com/	1970-01-20 15:54:59	Name: _scid Value: 31b9339b-035e-4511-a931-feb37acba15c
webtrafficsource.com/	1970-01-20 15:10:48	Name: uxid Value: b709d20e-a5d4-4860-bc7e-661d9b34a21a
.cotosen.com/	1970-01-20 15:10:48	Name: _pin_unauth Value: dWlkPU5HWmhZMlptWTJFdE5HRTJNaTAwWmpVeExUbGhabVF0WmpabE9HUTVaR1poTm1NMw
.snapchat.com/	1970-01-20 15:46:48	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIZEyBcyT4Bcfbtr0izMV7U5j5pG5SbgdQW4PoGT2HrsiwWR//hmohMgAAAA==
api.hrznads.com/	1970-01-20 07:08:24	Name: uid Value: 43a14c8e-cb9d-4c65-bb1a-cd0f63734c65
api.hrznads.com/	1970-01-20 07:08:24	Name: pwj_mb Value: f0d65c47-fcbb-43a6-be30-909a35693f9f
api.hrznads.com/	1970-01-20 07:08:24	Name: pwj_mbn Value: 77fb2b79-f7da-4377-a320-a3b473c1c275
.cotosen.com/	1970-01-20 15:46:48	Name: _tt_enable_cookie Value: 1
.cotosen.com/	1970-01-20 15:46:48	Name: _ttp Value: ded8d6ab-6949-473b-8d39-ef28df4e3a9c
.cotosen.com/	1970-01-20 08:34:48	Name: _fbp Value: fb.1.1664712983122.738864525
.ct.pinterest.com/	1970-01-20 15:10:48	Name: _pinterest_ct_ua Value: "TWc9PSZ6dkppekl0Q2NuWGsxdTZDVnJGakNjRE9OOEpud0JSdCtHRXdMb1N2T3pOVTJudmFQc0o4bXFHUU9VR0ZxQkZQN0FaaEdWT3JOM3R4cVZiOEpxQnY4NFA3NHhHbmwvYmNsMmRuck5rYWRkUT0mZktLbmhQaDZ2SGYzN1VGeWNuMncxdDVwaUw4PQ=="
.cotosen.com/	1969-12-31 23:59:59	Name: IR_gbd Value: cotosen.com
.cotosen.com/	1969-12-31 23:59:59	Name: IR_14148 Value: 1664712983129%7C0%7C1664712983129%7C%7C
.cotosen.com/	1970-01-20 15:54:36	Name: cto_bundle Value: JXv8nF9qMk1oeFRJemRaWDZJZ080YWVneElyJTJGWE5sT1BGemo4c25hWGRlODVlSHlqVld1V3MzTE5SS1F1ZVdnMExaTkZ6a1dxMGN3amhMd3BoT050WWFBQlBsWWFXeDFKMUtmRXFMVndHcjY0cGtnMU5yVXYxcG9RVm9zMDZTdjZ2NVVSVjRCNGRQYzBQJTJGeiUyQlJuJTJCZVRtU0RVZyUzRCUzRA
www.cotosen.com/	1970-01-20 07:08:24	Name: clickanalyticsresource Value: f4c2b8fd-7bdc-44fe-b803-2ffd75ec9e25
www.clarity.ms/	1970-01-20 15:10:48	Name: CLID Value: c9763691e51146828bfef9240dc54370.20221002.20231002
.cotosen.com/	1970-01-20 15:10:48	Name: _clck Value: 134elue\|1\|f5d\|0
.creativecdn.com/	1970-01-20 15:10:48	Name: u Value: X3zYYjLxZKq0b4UIjQka
.creativecdn.com/	1970-01-20 15:10:48	Name: ts Value: 1664712983
www.cotosen.com/	1970-01-20 15:10:48	Name: c Value: L2LVL26i-1664712984201-0beb8d5e97fdc-198849238
.doubleclick.net/	1970-01-20 15:46:48	Name: IDE Value: AHWqTUkc-261rRO8S7t2pCNZmXCaL0KRr2bHhrYix-wnhWkgfGqw_8gFEX57g5kHGDc
.adnxs.com/	1970-01-20 08:34:48	Name: uuid2 Value: 3612420855431349344
.media.net/	1970-01-20 15:10:48	Name: visitor-id Value: 3077145848884130000V10
.media.net/	1970-01-20 07:08:24	Name: data-c-ts Value: 1664712984
.media.net/	1970-01-20 07:08:24	Name: data-c Value: k-Urzt4RLMnlg2H4Acghp63uwVqTZLp2QRfJH6yQ~~3
exchange.mediavine.com/	1970-01-20 06:45:22	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2208633320-424c-11ed-ab73-d95d8b87b9a2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:45:22	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2208633320-424c-11ed-ab73-d95d8b87b9a2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:45:22	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2208633320-424c-11ed-ab73-d95d8b87b9a2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:45:22	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2208633320-424c-11ed-ab73-d95d8b87b9a2%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:45:22	Name: criteo Value: %7B%22id%22%3A%22k-k6qIIBLMnlg2H4Acghp63uwVqTbOoVQI8Rw44g%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 08:34:48	Name: tuuid Value: 066b17f4-9d68-4dd8-9b52-886c1c94e1d3
.360yield.com/	1970-01-20 08:34:48	Name: tuuid_lu Value: 1664712984
.cotosen.com/	1970-01-20 06:26:39	Name: _clsk Value: 1uwhuff\|1664712984514\|1\|1\|k.clarity.ms/collect
.360yield.com/	1970-01-20 08:34:48	Name: um Value: !38,r9pLXGnYJSH8kGqFNNMRWkAat2XSNCYVS1Ot.SNUkLqG.eOEYzh9-4W22voMCv5vtcsV-c89,1672488984
.360yield.com/	1970-01-20 08:34:48	Name: umeh Value: !38,0,1726920984,-1
.casalemedia.com/	1970-01-20 15:10:48	Name: CMID Value: YzmBGPwnPF.2rfG0eLaiRQAA
.casalemedia.com/	1970-01-20 08:34:48	Name: CMPS Value: 1179
.casalemedia.com/	1970-01-20 08:34:48	Name: CMPRO Value: 1179
.c.bing.com/	1970-01-20 15:46:48	Name: SRM_B Value: 1427D5329ED663F2359AC7039F0462F2
.yahoo.com/	1970-01-20 15:11:10	Name: A3 Value: d=AQABBBiBOWMCEONkMAiF61jDXAkStXxk7RcFEgEBAQHSOmNDYwAAAAAA_eMAAA&S=AQAAAuXAB5oJoNvplKFUlcErm1I
.id5-sync.com/	1970-01-20 06:25:13	Name: cf Value:
.id5-sync.com/	1970-01-20 06:25:13	Name: cip Value:
.id5-sync.com/	1970-01-20 06:25:13	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:25:13	Name: car Value:
.id5-sync.com/	1970-01-20 06:25:13	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:25:13	Name: callback Value:
.analytics.yahoo.com/	1970-01-20 15:10:48	Name: IDSYNC Value: 18zh~27ho
.bidswitch.net/	1970-01-20 15:10:48	Name: tuuid Value: 5fb2ca22-deb3-48d7-b669-8041e8463e4c
.bidswitch.net/	1970-01-20 15:10:48	Name: c Value: 1664712984
.bidswitch.net/	1970-01-20 15:10:48	Name: tuuid_lu Value: 1664712984
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:46:48	Name: MUID Value: 1427D5329ED663F2359AC7039F0462F2
.c.clarity.ms/	1970-01-20 06:25:13	Name: ANONCHK Value: 0
.casalemedia.com/	1970-01-20 08:34:48	Name: CMTS Value: 5140
.iqbroker.com/	1970-01-20 07:09:51	Name: IsRestrictedCountry Value: false
.iqbroker.com/	1970-01-20 07:09:51	Name: IsRegulatedCountry Value: true
.iqbroker.com/	1970-01-20 07:09:51	Name: Country Value: de
.iqbroker.com/	1970-01-20 07:09:51	Name: CountryID Value: 78
.iqbroker.com/	1970-01-20 07:09:51	Name: aff_model Value:
.iqbroker.com/	1970-01-20 07:09:51	Name: aff_ts Value: 2022-10-02T12:16:24Z
.iqbroker.com/	1970-01-20 07:09:51	Name: AffTrackGroup Value: Black_team_(partnerka)
.iqbroker.com/	1970-01-20 07:09:51	Name: Serv Value: NL
.iqbroker.com/	1970-01-20 07:09:51	Name: AppID Value: id871125783
.iqbroker.com/	1970-01-20 06:35:17	Name: brand_id Value: 1
.iqbroker.com/	1970-01-20 07:09:51	Name: platform Value: 9
.iqbroker.com/	1970-01-20 07:09:51	Name: client_platform_id Value: 9
.iqbroker.com/	1970-01-20 07:09:51	Name: support_email Value: support@eu.iqoption.com
.iqbroker.com/	1970-01-20 07:09:51	Name: company_id Value: 1
.iqbroker.com/	1970-01-20 07:09:51	Name: IsAppStoreCountry Value: true
.yieldlab.net/	1970-01-20 15:10:48	Name: id Value: f3d3a7d6-cd17-44b1-be5a-1f952df96689
usfp.tongdun.net/	1970-01-20 15:10:48	Name: _fmdata Value: HlpbTPRgNyJKD7uy2VxnpFS1KbJ8sQnuXsTlxZ+8knSicY6reNSx5EmGafKcPRmZMcjEY+bGNJddQCam70RTqw==
usfp.tongdun.net/	1970-01-20 15:10:48	Name: c Value: L2LVL26i-1664712984201-0beb8d5e97fdc-198849238
usfp.tongdun.net/	1970-01-20 15:10:48	Name: _xid Value: DHaf/HV5Y/+y6gbZNa85J+npyqYLDb2CmkpHH7sKick=
www.cotosen.com/	1970-01-20 15:10:48	Name: _fmdata Value: HlpbTPRgNyJKD7uy2VxnpFS1KbJ8sQnuXsTlxZ%2B8knSicY6reNSx5EmGafKcPRmZMcjEY%2BbGNJddQCam70RTqw%3D%3D
www.cotosen.com/	1970-01-20 16:01:12	Name: black_box Value: eyJ2IjoiRzJKUEpLQnZWSlZVTTUvU29ncjJCZz09Iiwib3MiOiJ3ZWIiLCJpdCI6NzM5LCJ0IjoiZ3ZhY3dta0E5QlhVSGVOc1d5Q0oxSWo5a00yZ0VCZkZHZmR6UE1oZU5TWFZKU2I1d0llUWZCeVFKdmpHWnlRSENUSHEwci9kUFlJNlZ3VFVWMHBCbkE9PSJ9
.iqbroker.com/	1970-01-20 07:09:51	Name: landing Value: /lp/mobile-partner/pt/
.iqbroker.com/	1970-01-20 07:09:51	Name: RedirectDomain Value: iqoption.com
.iqbroker.com/	1970-01-20 07:09:51	Name: RedirectDomains Value: iqoption.com,iqtrading.asia
.demdex.net/	1970-01-20 10:44:24	Name: demdex Value: 87019028293497835290449114299582209049
.dpm.demdex.net/	1970-01-20 10:44:24	Name: dpm Value: 87019028293497835290449114299582209049
.krxd.net/	1970-01-20 10:44:24	Name: _kuid_ Value: PHSOI5ei
.betano.de/	1970-01-20 07:08:24	Name: btag Value: a_8454b_817c_
.betano.de/	1970-01-20 06:25:14	Name: __cf_bm Value: PxO_SGEByumGx94cjKpd_bKiIipGTMwj.LNCSMFNWQQ-1664712985-0-AXmJECGlz6s/HpTEYhJcrDlAryjKOwOalsJnuYDh+r7n88bAkuWQJv3ykbp8fZ99M4UYf5IqQ7hhWNNr0bh29Kc=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://casadeapostas.com/pt-br/?pmc=EONF Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
affiliate.iqbroker.com
analytics.tiktok.com
analytics.webgains.io
api.hrznads.com
ash.creativecdn.com
assets.pinterest.com
bat.bing.com
beacon.krxd.net
behavior.tongdun.net
c.bing.com
c.clarity.ms
casadeapostas.com
cdn.clickanalyticsresource.com
cdn.lenmit.com
cdn.onesignal.com
cm.adform.net
cm.creativecdn.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cotosen.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
ct.pinterest.com
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
eu-library.klarnaservices.com
exchange.mediavine.com
fledge-usa.creativecdn.com
gml-grp.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
img.onesignal.com
img4.aopcdn.com
img6.aopcdn.com
iqbroker.com
k.clarity.ms
log.pinterest.com
match.sharethrough.com
mediamathrdrt.com
mug.criteo.com
nc-1.theoverall.link
onesignal.com
pixel.rubiconproject.com
prdredir.com
r.casalemedia.com
redirect.lista10.dev
region1.analytics.google.com
rtb-csync.smartadserver.com
rtg.l10.agency
s.pinimg.com
s.thebrighttag.com
sc-static.net
scripts.prdredir.com
simage2.pubmatic.com
sources.aopcdn.com
sslwidget.criteo.com
static.criteo.net
static.tongdun.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tag.forceadmedia.com
tags.creativecdn.com
tr.snapchat.com
ups.analytics.yahoo.com
ups.aopcdn.com
us.creativecdn.com
usfp.tongdun.net
utt.impactcdn.com
visitor.omnitagjs.com
webtrafficsource.com
www.artfut.com
www.betano.de
www.clarity.ms
www.cotosen.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
z.lenmit.com
104.18.19.126
104.96.128.226
13.248.245.213
13.32.121.45
137.184.242.20
141.226.228.48
141.95.98.65
151.101.64.84
172.217.16.194
172.217.20.2
178.250.0.157
178.250.0.163
18.66.147.98
184.51.8.30
185.117.134.138
185.184.10.30
185.184.8.90
185.255.84.153
185.26.99.247
185.64.189.110
185.86.137.132
185.89.210.20
20.234.93.27
20.96.88.162
2001:4860:4802:32::36
2001:4860:4802:34::178
2600:1f18:612b:4216:7ad5:1326:2d1:191d
2606:4700:20::681a:6d
2606:4700:20::ac43:4754
2606:4700:3033::ac43:a7e1
2606:4700:3033::ac43:d085
2606:4700:3037::6815:17f
2606:4700:4400::6812:2337
2606:4700::6810:5953
2606:4700::6811:7050
2606:4700::6811:e321
2606:4700::6812:e134
2606:4700::6812:e234
2606:4700:e6::ac40:c30f
2607:a400:2:b::4
2620:1ec:40::44
2620:1ec:c11::200
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
2a00:1450:4025:401::9c
2a02:2638:1::13
2a02:2638::3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:62::84
2a06:98c1:3120::3
3.122.47.104
3.126.56.137
3.141.157.49
34.107.149.195
34.117.98.198
34.255.95.163
35.158.179.233
35.186.249.72
35.190.43.134
37.157.3.30
45.60.156.148
52.205.170.131
52.222.225.250
52.29.139.35
52.45.120.164
54.243.66.229
63.34.160.83
63.34.53.236
64.202.112.95
69.173.144.138
79.125.33.106
84.53.161.83
85.215.5.31
96.16.132.239
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
02de771d3041f2c25e25ddc71d0379633b58e146962af93c085124897ac3b6f1
0cf33d7da5f92752c38c28e49aab4705d232f2d47abde37b8f88b9df0cabda90
12acefb1925c9af7a6400b44135a94d708522d91b1e225e627721eaaea627e58
12fd86e58cda1285fed94540d10290b1682ab82a0feeaeadeb0d958feca99cd2
13871bc967b0203c27f38fca9c994763b74b326500fed0c249c91d341253c32e
13a61b3146d1c200325c27d3d8b37155d87df036b3efd6ebcb3d04285f811594
1910ac35dac525b66c0cf3da00b83af44af2a4c5de53e9d00299336a33d91ef6
1b4b6cac18809803b685557911961278dfcc6e96a44123403617bfa4c3e51afd
1c4213978e95313f45a64fa411b28d0cd0aac19cee1c4d9cd0e6644d3b6a03c5
1e7855fb6fc9cc6c2b7017deeeb72fdb16ac9c81d5bb6316886b4899fd44f340
1ebe3072a9ee5476c90e4e0c1644828a427161ecb96db81750229c402e780804
1fd3252c03b161df4233dbc71a76091107ce3a8d0df78e5c8762ae4126492661
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
23768bac423aff7240e9b8e91b238c35055e3cb6413ded4747b5fb0caea4f5a8
2561257b9f5e4427d61fdadb66cf58c0a3fc46ac5ffa072bb9f3e0c14062c1e1
28b21811d22d3c6ac4b9035fb96b957f1a3af9be45e1d2ccd1e60809ba3d5445
2a98fb5ce00a85d3db4150e4b29b16c400f87a1d38b039b3e33d7c5677dc91c0
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
30d31eb6c11df6156d1a8616666104c6d44a53c1b0a8e1b5e09ad693836cface
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35d74733c644e9fb4b1993689dc405e8b8bbf95b14bd637718a9becfe249225e
366716641fa49a04f185f3b8b29a74f0be62cb2de38e74c0cb069b9facb43c86
37077f3ff8ab85729439c824449ac25165ef19bf63850d81d218525fc4b05197
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
373325ab156d7187a65eb503ede5374382d7214eefe31c98ce051facdaeb9f92
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a4c24cae2d913cd353de5a6bc1dc446a9209bebef643bd3f5d61960ea180d76
3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6
3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4102d802624ca51e77d93e0e955e986735577f7d5e290ebbb7368d3b28525cb5
43d82e0a7fbadccc9d100696fb970decfdbe1df38c079cc8101ef4b6689f9728
43fd0e4736ae07ebcfa4fc191912a7e825156ba606d5a08be43c919c89f30970
4738a447b22061fb0d8515d2c1d830affed4acc77b4eecbed24a42a53eaf9503
4b3e2fa269ed7b27cfb61d5c90e78073a7911db1ab9aa9d75e79f6908dc2274e
4cc47fb85851f698840eb4094a6f9b1b212b431601ae8b3880b25b72413e840b
4ddff9611a19127864bb3f767bcc5b94a7f7cc454e674bf4f4ef2ac0d6778f67
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
500214f984df5e3e26fc1336225809ad9934aa76af8da89077f22dba51183038
50e4eced603f246758e61c46721c5189c124201ff126bdf209696e984724610c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57d125e924fe29fc4111234aa0070b02a2350ba06c99f796a0548615595a5885
57e701a602643839c5053dc0afebfa3249366b35f16e133d9906fc0291c30ae2
596beb5f11f0ff82e1ccc454c48baa74ab6b4e404c590996cbc6e215965d011c
5c70cd9a7ea11580d9c138e9c716ef57dd18ed4989aff9ca75cca89a638cd0e8
6141d9714cc328df16ec8dfe0209c0f495e7786d236b9d6d4e529a0d6d05af01
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
6533db921fa04e1546686ca9111f2cc38032b09365026cf886e3b4d8f58020d6
660c6519d91af540602b10d86b594fc2c1f936316419779b25915081355b19cd
6971ae996e0c113ba7fe6939dfd81d7a2ac42b1edafd66a823cecc7db5afed36
6b8cf89f7553ce96e56c6f3e26a4616b9a9b3513a7cebb98de292f8c48661c2a
70abafda4a7bace20d7c2db6a982132be3d4e65228794eb74f4e8f4ff76dba9a
70f0bf9725cbed5fcefbfab9b542c67941434be1f22c9fbabe74b1380ec05b91
7125cc161f9f4e5c03866c6421d0a8e4d0874069ead9b4514006aceac4f4c42b
7487e2775a8275726a7d4c01403e55a0eadd697172c05184cdef423e3d106740
7a72c52030cf8525af2846cf42ad4dca0d88fd842e72ecd86aaaead49ddb4649
8146a64bb27f438cd5ae96bf63acc99815548a2616a2013dee70438cebb7e7c7
82467979080230dcdf438f5c26e6a6208f7ff81634a291a21e12d63fa53e1b41
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
849076f7b83ef1237b84279bd9e05ee519dfe8333cdb592bc4ca5d025c8d466a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be2cd73a9716336225abcd7274efc3f4ee2d562f468876a96bce13aeb95257
884d999f69ec27d17be1b2211831930aae722f3afdedc96194cd448d8606dbf5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8b77ab352a45b7838efd3df7ec52251e0f8763fcf78c715690efae5fe079e5
8bbd5c5cab6bb3dc14638228b7621ddd00b53d4f00500e6bfb3ffc5acfc19248
90fd19bb2feac82c9e93dd0f8c3570c6564574834ac812c0d8e7e93f92689d08
94098d9e26746e65445a38c275d25f90abd2a6bbce84fb46ce0cf938bf837cc7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c4a53f30b16f37bbf4c08730326578a1843d3b1fc518d0c2ab2524209c7ea0f
9d2d0b8e52d666e44e12153a5ca98730da2f7ca6b04cfa1ff5d9aa176ebb5d20
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4be6031f571792450127dea796bf3f80b634ef7a5154fcb3fb012115cc2862d
a60703d1f18782e4ae079ca2358056c4af05199c82d2b7763a338ca670e096db
abc9a65231fe4ad48416bb5a69768561ca773d73b9e7a1ce7f01b76fdcad9592
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4dafd489309bcd7fe6abd20b722005d486c25d5d9bfa17b6de87f0a7957d76a
bb0dcc0a7286ccfdc33feb199fc77b433eb0d63a4ab322e5a8cb9a4defe48f28
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc00b74b943f688eb2d2bef91ae9f58b552727f36d5ebb4b9490abaa70008506
bcf0f283727ab4b94a2b8d35ea2eec70e36cef551437015c10e74f3f50b8be27
bfdad13615a4f2cb43fc5f7bbd2be3f8353d53ed8750fed65081ea8f2405c5e2
c096aab7e6137c588392fbdc11c5fcb09e650dc2a8fd9c41c92eec6a9224701f
c3423e2830e0e8512380b5995774e5d31c763daf4acf434d145a6c2e2fbbfa35
c3c75402ec485980ac78b6bdc63ba90f13f7ec2f40b02e4f4ba5d5f4a19090b7
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e
c96b481c6610c3de990215c4b84afd212967fadbfaf9538c05f12edb75918953
ca43a98685920bddb80530cdabb1dd9184996ef6bf9c6424d37a70323cdf74ce
ca9f08cc2d7951eb61f9486298db4c2d7b5b2a31c15c2189d19741cb0883c478
cbf79cbb6236a5279890bb55d1fb4ec356552c487a08cb02ec4d2fab2529e7b5
cbfe7ef66f9914aeb4d9442be4137f2bb7606d2a1cf8372cf07aa9bfee003348
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d26390c64e9c6dca172371679c9486c840cbe2d5314c9a35e700fb5ffce195ea
d28fcb68b30dcc6d3ee15f8422d04e4366bbd2cd52d04821812d4462d3c6a481
d55fde170de1b9ccef0ef720faace7a0e13cbae35722f8a850065b69803577a3
d765a9dc5e1b75305e20897cd7a16280eabd5a7de9de8edaf9fe5ef39787576a
d8e4aa00b57893dcb6ce5ea3a7d915d75d1246d24340f47a4a0a362ada0e491f
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
d9ec7bc3e6ee292ec0d0226967b0eb4f447a3138adb6706dae36328278a8338a
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df7eb497ebea720f0ad85ef07a7bb56bc00cd77c5c3668514728b3d7b4733a67
e17b996ef818d3b5fb17d3d6954a2c027ced418aa9897b66b2ae870cea79def4
e1bb4e12f16a06715d8a852c7f11a37548ab5a1c462e49ee0e4bc91f7ec9c6cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45adaffb50ad71c559b52c2c08ff2d3bd536dd9b50b0c617bb503758c82fe63
e6fbf23fa288cf24f0b14f3660ccb665453d3727387c07fd97633a3877cce7cb
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2
eb9dc9458faefdd3e10c17022f70d98cf041c358f4a7121e611aac7ec2bce6a7
eed7799925f9f874867f89b540a9b5d5d99d87371edecaa4e2c24bf1442bc0e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f074be49735fe3cd560812604cccc676f76e55f5c45de613040754fead762533
f316694f3a4d33817449b0a2b676388dd5359519272221c5f22a6827441e17d4
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f6b1300d909d9777dd97614dc1778aaa570ea95e65a9d63958c716f599b8f400
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
faa07cc8277b2637e78b1984917145a224dbd8ec28be3f16bdc2fc5df059daec
fbd4601ef4e7df38e61858455bc84a734514e523daecab31bead3f1647026083
fd20998adbb24ad963efba64ffbee9b587d065ec7100c19f90a3c335cb08dd5d
fefceaa71730d43e9322005d13177457a7ece8a9d702437218e7aa93c53edede

www.cotosen.com Open in urlscan Pro 2606:4700::6811:e321 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

91 %HTTPS

38 %IPv6

65 Domains

91 Subdomains

73 IPs

11 Countries

2240 kBTransfer

6028 kBSize

99 Cookies

4 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cotosen.com Open in urlscan Pro
2606:4700::6811:e321 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

91 %
HTTPS

38 %
IPv6

65
Domains

91
Subdomains

73
IPs

11
Countries

2240 kB
Transfer

6028 kB
Size

99
Cookies

181 HTTP transactions
6 data transactions