bg.graphistik.com Open in urlscan Pro
2606:4700:3033::ac43:b815 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bg.graphistik.com/getting-touch-with-your-needs
Submission Tags: falconsandbox
Submission: On October 27 via api (October 27th 2022, 1:40:10 pm UTC) from US — Scanned from DE

Summary HTTP 224 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 37 domains to perform 224 HTTP transactions. The main IP is 2606:4700:3033::ac43:b815, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.graphistik.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 19th 2022. Valid for: a year.

This is the only time bg.graphistik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2606:4700:303... 2606:4700:3033::ac43:b815	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.177.92.30 185.177.92.30	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2600:9000:21f... 2600:9000:21f3:bc00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 17	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	34.235.40.219 34.235.40.219	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
5 5	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	52.28.129.28 52.28.129.28	16509 (AMAZON-02) (AMAZON-02)
2 2	3.127.128.151 3.127.128.151	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1e36:6736:c41a:e1de	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:223... 2600:9000:223f:fa00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
224	46

45 2606:4700:3033::ac43:b815 (United States)

ASN13335 (CLOUDFLARENET, US)

bg.graphistik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graphistik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.92.30 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-30.ah-server.com

dr6.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:bc00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.40.219 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-40-219.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.45 (Amsterdam, Netherlands) 5 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.129.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-129-28.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.128.151 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-128-151.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1e36:6736:c41a:e1de (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:fa00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	graphistik.com bg.graphistik.com graphistik.com	1009 KB
32	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 static.doubleclick.net — Cisco Umbrella Rank: 323 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	266 KB
32	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147	413 KB
29	criteo.net static.criteo.net — Cisco Umbrella Rank: 680 pix.eu.criteo.net — Cisco Umbrella Rank: 8015 csm.eu.criteo.net — Cisco Umbrella Rank: 8166	888 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com	302 KB
10	criteo.com 1 redirects rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14559 ads.eu.criteo.com — Cisco Umbrella Rank: 7867 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9939 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	89 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	793 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 jnn-pa.googleapis.com — Cisco Umbrella Rank: 276	33 KB
7	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 3345 r.skimresources.com — Cisco Umbrella Rank: 3218 t.skimresources.com — Cisco Umbrella Rank: 3387 p.skimresources.com — Cisco Umbrella Rank: 4387	20 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	16 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	186 KB
4	adform.net adx.adform.net — Cisco Umbrella Rank: 3993	819 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 543	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 373	955 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	1 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 924	434 B
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 232	1 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6233	358 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2105	24 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 32234	558 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 777	334 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 717	444 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	698 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2435	550 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	861 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 554	35 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 983	498 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 723	692 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 841	713 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 113	18 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	466 B
1	dr6.biz dr6.biz — Cisco Umbrella Rank: 332112	15 KB
224	37

	Domain	Requested by
44	graphistik.com	bg.graphistik.com
17	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com tpc.googlesyndication.com
14	cm.g.doubleclick.net	7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
14	static.criteo.net	ads.eu.criteo.com
14	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
13	pix.eu.criteo.net	ads.eu.criteo.com
12	pagead2.googlesyndication.com	bg.graphistik.com pagead2.googlesyndication.com 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net bg.graphistik.com
9	www.youtube.com	bg.graphistik.com www.youtube.com
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
4	www.gstatic.com	www.youtube.com www.gstatic.com 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
4	www.google.com	www.youtube.com 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com tpc.googlesyndication.com
4	jnn-pa.googleapis.com	www.youtube.com
4	adx.adform.net	get.optad360.io
4	fonts.googleapis.com	graphistik.com 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
3	sync.1rx.io	3 redirects
3	7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	eb2.3lift.com	2 redirects
2	x.bidswitch.net	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	prebid.a-mo.net	get.optad360.io
2	ib.adnxs.com	get.optad360.io
2	prebid-eu.creativecdn.com	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	p.skimresources.com	bg.graphistik.com
2	t.skimresources.com	bg.graphistik.com s.skimresources.com
2	r.skimresources.com	s.skimresources.com
2	get.optad360.io	bg.graphistik.com get.optad360.io
1	onetag-sys.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	sync.mathtag.com	1 redirects
1	encrypted-tbn3.gstatic.com	7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
1	encrypted-tbn1.gstatic.com	7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
1	match.sharethrough.com	7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
1	sync.go.sonobi.com	7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	um.simpli.fi	1 redirects
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cdn.jsdelivr.net	get.optad360.io
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.skimresources.com	bg.graphistik.com
1	dr6.biz	bg.graphistik.com
1	bg.graphistik.com
224	59

This site contains links to these domains. Also see Links.

Domain
fi.graphistik.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-19` - `2023-08-19`	a year	crt.sh
0.mo11.biz R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.optad360.io Amazon	`2022-10-17` - `2023-11-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-25` - `2023-11-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://bg.graphistik.com/getting-touch-with-your-needs
Frame ID: 9CBC263F9CF66853E74111B5492657E0
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/zrt_lookup.html
Frame ID: 2A8F608E8FC1455F3C70B575FA896284
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
Frame ID: F40834C2F177F0CB304BF48BB7A2B07F
Requests: 22 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4465319348921577
Frame ID: 66DA3C3F7F7978CBEFDAC5FFF84554AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&adk=1812271804&adf=3025194257&lmt=1666878004&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004005&bpp=4&bdt=172&idt=315&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8440485987196&frm=20&pv=2&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Frame ID: 4145576A4A11525688E1C2899501DB6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=4024887964&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004009&bpp=1&bdt=176&idt=348&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Js6lvdzJcL&p=https%3A//bg.graphistik.com&dtd=354
Frame ID: 3F12B76C0B4207DD373EA952B1BD38F4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315
Frame ID: 0199582D3F116CB0DA3E4EB7AA1FD747
Requests: 7 HTTP requests in this frame

Frame: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE75BBAFA6C17684F2F549E817298BCC
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1qKNAAHzn0ITwr-AAgz9M6NtKD0I7tf4C0aKA&u=%7C6sF%2FG4i0GeQ3IZ8azgVhr9eflPJ0Xoga97s2SfYVDXI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9XFx-HjBMFKmFhVHyCnurmqOJWaJUmgrOReUXb-oYayYsIlUxuEdPKmhxUwk4YuVs-P_Mq_76iF-MjsB3qs0GAagtnv-zTDjygA1MLZAaD3moRCps_OrsMtCq5P60E5KvvrUGJ6kEhBuI_ZI2oCRc0Tqfupuax0Assih-UQVsbj_4S5lX735hlKSDR_oyNC2mrNSADWpDcyX65Txk7O9hUtyq0K_AbsBPOiBnAryZ-Oc4x_ckVYeKI4C3eH904vJxypN7cUqqf2ztsjNOeCXCw8g9LPEQe7ieudiAqn-JZYNi4ZfN7dpXgYzXTdnbS1CV2P9uWqQannWrUKdc8WTKriVYwe6AiyTvrDmqe5oP9W6MH6jw0Yo4ZxaRYc9tjRkkvjUgXj_6gk84xDFgdp9cNRuSBZREvhZ4wkgiqiSyhJzGmBrZZWqaWgak1_PJCHn2Sy8iddrWTNTe863FhXgWOpW5wDCiPnnLra4aXg72WlhJdRCkGl5hIqUl2fk1iykWH68xGombKSL6Y8hjj1af2zw2yKXpG5Is05M44XV4ToVDxRYUmpmL2sEzAAM4UPsv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbq5FNIpaY_2cH_6VvPIP9OegyAfJntKxXPWdmPdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTQwNjI4NjY5OTIxNjc0MjHIAQmpAvV6_-v_17A-qAMBqgTqAU_QJvGMAaHaOrX_MCy1CkmDs4EFbjnAKUL2XKGjqjJkr016_qd2i-SeCZ4U-Nvaqydp6Mi6txggHo7jIrrAx1fK_rYIV1bfWbThNr-yoQjnnXAiMntBV82Taf9ATJjGOQ2b7EoJf2WjX8aWnwPdwiKptk9W8byH1SkTW0Ru5J0YyGxyzLAa8F38tosNAtBERqya6RnfupzJS9Mj9zcDUuS0BSa8_b7eF9zHGJu9MZwSFpeSk1e5zeR8MmYrBC699ZNN0W3NnaoMjIv6baeV9BqSgIsypkhmlPiCB54pnmRwwVE8yNTL2eI0W4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dKJ4Jl4_brvtzd8F28o9NbouZIw%26client%3Dca-pub-4062866992167421%26adurl%3D
Frame ID: 5A2A7814F263D01FE25FA218632F520A
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1qKNAAHn8cE0bL5AA0f7Hq6qYdhakTXYudaqA&u=%7C6sF%2FG4i0GeSBH30qS7NvrINP%2FfecEIgDgpqJPLkBFF8%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9XFx-HjBMFKmFhVHyCnurmqOJWaJUmgrOReUXb-oYayYfMEWvUCxmvgLxadY202kkUFpmdEU8nzbnC8Yaq-McvZBy-_C5CObpUfYa6I05p96DBZDQ13VTaNdPKjUxpkx7fRcBe00yMwEWRC-4YnLBlduoKJIPXA3t5QC51VpycnJitwF2zu_5KPcuKSi9MuYP8QxGI0ODZ9Bixs3bstgt2Jva56u7as6S61gGpsbDrwLB9l5sOT86zYXy7V3qji01CPPe0mRc703_Ja9jraoAb-f9RseJfYzxoS8BECf191kvrtnV0XtXWecSRVqt1vbOL9Satqbv4veQD0cDSPo3D_u4N3p4iDCSdqUQmZRx0XLbfxrxtvuu8dBSDx9FgxALWcJrPImhVUyHY8gCtYJQbaDz4lirumshXY6XxihUGcCxK0XH-JoIkfFCNGhQUb8gxuR9xTHsdLE67lUF4YvBFD_pzMNzRB58wOnC3F486EpUYQ6T23S8VDDrVU2r8Vc9pzaAUQUhBdgHnYS2jeBFiub1r4VLqpdl6xvFboNBv4vvmvrNExvcEU1KCMD_Ctw3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeiNINIpaY8e_HvnlxtYP7L-0iAzJntKxXLWY49aTAcCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MDYyODY2OTkyMTY3NDIxyAEJqQJSfh4lauKwPqgDAaoE6gFP0E2bBBobTDjaDAu4JZsH9HuJyAFlmltWvsvwmtxCIFEnTP38mm0fLL07cPTeE4fvqMHDne5-a82bzE93_3K4-KoKAjLhlm_RSMBELaYfGPUKDsLX04BJ3irCsLGsqq7b2L9ffBXHwmYLiXRbAw-RoMDODwh3ndi8c5-Aa2HzAKJvvCfQg1GpXxcKaaZWa3nL7FMz6894vVYV8hjKD26EfuP1-ZLHluGProVTebQQtjnBJUkUiOO0V9FzdZ8lOwAsqpC2jtr-ey670N1Q169QSP9MfioaWIdYcl5oKG1DiIJ_zCpj_vDZZceABoq-wI334YCFbqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0t6QpFJ_U3oSLKf1BX61gwWZpy3Q%26client%3Dca-pub-4062866992167421%26adurl%3D
Frame ID: 44FBF6B026F5003A283AEFDBDDD28318
Requests: 17 HTTP requests in this frame

Frame: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7491C8134D33232DBDC0828FECD0084E
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DF663F884AF6B84E8D837A08759F26B3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: 54F1E75231EDF929B014245B80ABC9BB
Requests: 1 HTTP requests in this frame

Frame: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 401220280FA97B077AB6A74E7D267F74
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EAA826A3527F7499341E381B4409D886
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DF1F69A8D5911669E5A153B23696815
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC5B30BE40CE86D740BB5EBC7B02C6FA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js
Frame ID: 0ACB939304DE8A8E9F1377198B4BB94C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Влизане във връзка с вашите нужди: порнография и депресия | BetterHelp - Депресия

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

224
Requests

93 %
HTTPS

59 %
IPv6

37
Domains

59
Subdomains

46
IPs

8
Countries

4638 kB
Transfer

9665 kB
Size

28
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://fi.graphistik.com/
Title: Други Езици

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 177

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 180

https://um.simpli.fi/gp_match?google_gid=CAESEBz42jCiVLDsBu6UvWG-RcE&google_cver=1&google_push=AZmPxg-GjqSkS_7Is-knssaxAet47PF3BkyoBG6qsxXyoqVy3U6I2NLNLG1JPHFZS8MzmtF08O7bDhER7BQ5e3fyodgoMn_GdI2dXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=401C09204EE3429DBB7CBA011CB40473&google_push=AZmPxg-GjqSkS_7Is-knssaxAet47PF3BkyoBG6qsxXyoqVy3U6I2NLNLG1JPHFZS8MzmtF08O7bDhER7BQ5e3fyodgoMn_GdI2dXw

Request Chain 181

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHIL9pxch4gqo6VBW91QvPU&google_cver=1&google_push=AZmPxg8UqngBLavc1zo3ZextifFi240HJk2ovTL482DkCQXN8U54cikrP9f2lj_IAFzDT4Qs3ViI4IrT0Li7YYZjVZHUxy25dm46wg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Cwm4cIItSh5sKkaoI0zS1CU6OvY&google_push=AZmPxg8UqngBLavc1zo3ZextifFi240HJk2ovTL482DkCQXN8U54cikrP9f2lj_IAFzDT4Qs3ViI4IrT0Li7YYZjVZHUxy25dm46wg

Request Chain 182

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL-gLAkFCraNeK6cfR0agmg&google_cver=1&google_push=AZmPxg_mlF-oV2TT8j-dOaLAMtfmny8yBPnE8RMMGGHdJAGyda1ogEqAmg2n_4D7FijB78QY3ltnFqmZEMcmETSpf4B8Axg6_kh_Gg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL-gLAkFCraNeK6cfR0agmg&google_push=AZmPxg_mlF-oV2TT8j-dOaLAMtfmny8yBPnE8RMMGGHdJAGyda1ogEqAmg2n_4D7FijB78QY3ltnFqmZEMcmETSpf4B8Axg6_kh_Gg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL-gLAkFCraNeK6cfR0agmg&google_hm=Y1qKNZgno9rJtm8CEJhdfgAAFDQAAAAB&google_nid=index&google_push=AZmPxg_mlF-oV2TT8j-dOaLAMtfmny8yBPnE8RMMGGHdJAGyda1ogEqAmg2n_4D7FijB78QY3ltnFqmZEMcmETSpf4B8Axg6_kh_Gg

Request Chain 184

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPCw4tcZPwX1FqdVZn8jv0I&google_cver=1&google_push=AZmPxg9Kt3bhaTDMACwHt165Ba3Q7ADq-mOcXmLCfZG-HHDtBU_Yzj8TSi8yv05upyFYC5csugxPcAUPz2msHg53-duT8sLKXJ5i HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg9Kt3bhaTDMACwHt165Ba3Q7ADq-mOcXmLCfZG-HHDtBU_Yzj8TSi8yv05upyFYC5csugxPcAUPz2msHg53-duT8sLKXJ5i&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1666878005804 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-16eb4e11-30c5-4a53-91a7-902537fdcc3f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg9Kt3bhaTDMACwHt165Ba3Q7ADq-mOcXmLCfZG-HHDtBU_Yzj8TSi8yv05upyFYC5csugxPcAUPz2msHg53-duT8sLKXJ5i%26google_hm%3DAxbrThEwxUpTkaeQJTf9zD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9Kt3bhaTDMACwHt165Ba3Q7ADq-mOcXmLCfZG-HHDtBU_Yzj8TSi8yv05upyFYC5csugxPcAUPz2msHg53-duT8sLKXJ5i&google_hm=AxbrThEwxUpTkaeQJTf9zD8

Request Chain 186

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg9FzNC_vNwd_z657vkYyeCbd3y_JY5kb0OumdLKEImaCBeQIgJtRagDraZ5mKexl0fgJJPIsu1l_mWzrAsCdDS9cPKohfv1gQ0?google_gid=CAESEGxbGVgcoZdqgns7HZPFBPA&google_cver=1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg9FzNC_vNwd_z657vkYyeCbd3y_JY5kb0OumdLKEImaCBeQIgJtRagDraZ5mKexl0fgJJPIsu1l_mWzrAsCdDS9cPKohfv1gQ0?google_gid=CAESEGxbGVgcoZdqgns7HZPFBPA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e4724b52-d479-4d77-b6ad-448262d613da&&google_push=AZmPxg9FzNC_vNwd_z657vkYyeCbd3y_JY5kb0OumdLKEImaCBeQIgJtRagDraZ5mKexl0fgJJPIsu1l_mWzrAsCdDS9cPKohfv1gQ0

Request Chain 206

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM0BUxGm28QKFVar31YJoso&google_cver=1&google_push=AZmPxg-B9ZKQglIzfkbIhP6zv7G_lYuqCEYqY9MR2neOTeMMbherz6SlQn1JKRIlqv1_G__dkaxxiz8qsYxxSeRTfT6FfDVMlmo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-B9ZKQglIzfkbIhP6zv7G_lYuqCEYqY9MR2neOTeMMbherz6SlQn1JKRIlqv1_G__dkaxxiz8qsYxxSeRTfT6FfDVMlmo

Request Chain 207

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESED1TlDh08Yb7_a8LGgzrIyE&google_cver=1&google_push=AZmPxg_bTwx_W9yajf6dW1f60YjCami4Jjib9xe0ZaZTDOfjd1fwBwueh52xl60VLct3V-bhQpJM-X8YmvRDEwJkbrQ6osLdO-0- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg_bTwx_W9yajf6dW1f60YjCami4Jjib9xe0ZaZTDOfjd1fwBwueh52xl60VLct3V-bhQpJM-X8YmvRDEwJkbrQ6osLdO-0-

Request Chain 208

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGDC8yg9DizE3ujystaJuLk&google_cver=1&google_push=AZmPxg-OFiKc_zxER6bzqC0STdhY56HrB5Mrj-IqBnQwfcI3CcVI-lynzRuS0gwhUI07bp5A_YaZyFuS0UGh5-we2RboSa517QA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-OFiKc_zxER6bzqC0STdhY56HrB5Mrj-IqBnQwfcI3CcVI-lynzRuS0gwhUI07bp5A_YaZyFuS0UGh5-we2RboSa517QA&google_hm=NzU3NjQzNjY4ODAyNjI3MDI1Mw%3D%3D

Request Chain 209

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKME-oFNNXi3nDRMqBTOKwQ&google_cver=1&google_push=AZmPxg9AzfBSxilvkFwSAIxZVVDY_rVVMFIoNw3v3QZo9FqOrIbc2TEPXpNR9xecauKuGK2ZF15OZ-9YtK9iTjS1QX_gYDTFMelz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9AzfBSxilvkFwSAIxZVVDY_rVVMFIoNw3v3QZo9FqOrIbc2TEPXpNR9xecauKuGK2ZF15OZ-9YtK9iTjS1QX_gYDTFMelz

Request Chain 210

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI5c3ODuMnEpXzn2P1jdqMU&google_cver=1&google_push=AZmPxg82W8nk4JGPWZrqjSGJzWMQeLbn8L8BtlNuKdTkWpWKN4QfoXyFWftZhm09FJLOiBnx_WJt_VZvW3USsZIgdWA3mu8bWiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg82W8nk4JGPWZrqjSGJzWMQeLbn8L8BtlNuKdTkWpWKN4QfoXyFWftZhm09FJLOiBnx_WJt_VZvW3USsZIgdWA3mu8bWiQ

Request Chain 211

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDICjt5wxGiAGD-lK7xAKOI&google_cver=1&google_push=AZmPxg8LQrkPYB3dk76C6NCrdmoFtHCxUcOuTVelPPO2OAGWb4Qr0K4BwzDSHv9vJ0jwWdvAijTJJ15aWWK5Oks6sX5BiO_Zag8 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-16eb4e11-30c5-4a53-91a7-902537fdcc3f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8LQrkPYB3dk76C6NCrdmoFtHCxUcOuTVelPPO2OAGWb4Qr0K4BwzDSHv9vJ0jwWdvAijTJJ15aWWK5Oks6sX5BiO_Zag8%26google_hm%3DAxbrThEwxUpTkaeQJTf9zD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8LQrkPYB3dk76C6NCrdmoFtHCxUcOuTVelPPO2OAGWb4Qr0K4BwzDSHv9vJ0jwWdvAijTJJ15aWWK5Oks6sX5BiO_Zag8&google_hm=AxbrThEwxUpTkaeQJTf9zD8

Request Chain 212

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFtaXWBX_6TGLpjZ0SEiITU&google_cver=1&google_push=AZmPxg8HXjjaCjhNfSlajkpmuy9FZyJliHFF_-81HmRWgRsZT1yqnW6tc3i4Rjaoz1oUDgEZs4SWrGZb2nNCj0T30s0fuqzp8Kkb HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8HXjjaCjhNfSlajkpmuy9FZyJliHFF_-81HmRWgRsZT1yqnW6tc3i4Rjaoz1oUDgEZs4SWrGZb2nNCj0T30s0fuqzp8Kkb&google_gid=CAESEFtaXWBX_6TGLpjZ0SEiITU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg5MTI2ODMyMjE3NTI4NzIwNzIyOQ%3D%3D&google_push=AZmPxg8HXjjaCjhNfSlajkpmuy9FZyJliHFF_-81HmRWgRsZT1yqnW6tc3i4Rjaoz1oUDgEZs4SWrGZb2nNCj0T30s0fuqzp8Kkb

Request Chain 226

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.graphistik.com%2F&domain=bg.graphistik.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=dCO0fnwyWUZxQzZGckM4d29iM1dSc2VuWUkzUG9FallSanFtVnM5N0Z5ZDFJQmw4TzQrN0NRS3lORHJoUWpqUmUzYUtNTVE4dHZhNkV1Tkoyc0x2eGMxeUpmeVpucGs5VWM1M0hUTFk5QVhYNFoyVHkvNWJGN2svYUcxV25EdE4vZ0NFYTJZUytML3QzcTB4QURvMnlSb1FXRGNJQjYrV24rZjRzNmtrUm1TNXBkOGFhMU94UmVYLy81Z2dodU1pOVNNaC9aSHp6eTJ0Y3JaRzdUMmF5MTBYbnUwdVp0ZFZjODNKeHVwOUNKVzRXYndMVHQ3RlNJMU1hTlVRMlJ4RzRQVi9afA&cppv=2

224 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request getting-touch-with-your-needs Show response
bg.graphistik.com/ 51 KB
14 KB 245ms
199ms Document
text/html 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115b3c1a9883b99ee5f309916a15c8c8513e68cd2813479a8ed49c41a747e1f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 760bd762be2868fb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 13:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41M5zAyRCt94X1b%2FUgVBOczj1YZEn0VQXSqq4WsovWkIr67t9EdwXAAnNn9jHwx%2B1ONoHjgnwrXi5yYoby49nDxlB9c1scxPoC%2Bs8eUMEsT9BxyazZvZ6s%2Fse9jDaTvtv6vTFTKIJp3DxL6zyNlctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
graphistik.com/template/css/ 138 KB
22 KB 62ms
28ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/bootstrap.min.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d5bc92645660a6749189663c6b9c1b3625d6f6207e6b2e069db3cfe1046ea77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1840464
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:34:45 GMT
server: cloudflare
etag: W/"5f8fe495-22688"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Orzu5sKp%2FETq9GCLsJ4iw6GqxktGxYRjA5OXSp0rahWJVIRk%2Ff1dUwN%2F92rrUTyxZSHVz9SFMpDEDBIdw%2FupZqCtDkHaO%2FRVmXHK2UmfWvvvuWK%2BbObO2gQdVv9bl0GOG9p%2BP8IsIUKB6W9JAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd764394b68fb-FRA
expires: Sat, 05 Nov 2022 06:25:39 GMT

GET
H2 200 owl.carousel.min.css
graphistik.com/template/css/ 3 KB
1 KB 61ms
27ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/owl.carousel.min.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:34:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1537321
etag: W/"5f8fe498-b78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEChYnMCgTB5LSWT2EhpFbYrdq%2F29RXHNgJTWTtkencUp7Jykg4IpAkQd5%2BydXl%2BdeWo%2Br5MOu89ah5HRzI0tuy5AzJl%2Fst5zOFx2T9x%2FRSwQLt7i%2FIhaTYA1s1TXxRtzOH2a9pqSg0MROCPOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 760bd764396668fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 18:38:02 GMT

GET
H2 200 ticker-style.css
graphistik.com/template/css/ 3 KB
1 KB 58ms
25ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/ticker-style.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35715b0c31a27c526733550af019d9815eeed6c7ac0f629bf3d52d5940ac83b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1537321
etag: W/"5f8fe4b3-c7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzXX8RbouR6TEqZyhi33AFQ0AVUavOX0EXjmZEWIUbWsCdNlCoc4ErtVlIDSETNj26haLipuQERy3lVvoL2eYUKwBteyVxsro%2FcUYpNw8osi%2BRjeKVyqpwk9O7v7dzSHhqU89OutTbQy45f%2Frg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 760bd764396268fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 18:38:02 GMT

GET
H2 200 flaticon.css
graphistik.com/template/css/ 859 B
671 B 55ms
22ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/flaticon.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a72ab057cb91804a46bf5295522eb9cbe0402af589a1818771c7e8aeb409a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 668495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:34:45 GMT
server: cloudflare
etag: W/"5f8fe495-35b"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qghKgCndJlQRVezNZcGue7DtmeOQBiCafzO%2Fa%2Bq%2F%2FG0prMgEJb9zll74tyhVnLBiGkEUbbeYIqWrmvJi5CDSaVSW%2F4NIRF5AYfPyOip4oTf0rZgBz3%2FsCSeO6UQGuogEk6T8zbTukxCvDyytw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd764394d68fb-FRA
expires: Fri, 18 Nov 2022 19:58:28 GMT

GET
H2 200 slicknav.css
graphistik.com/template/css/ 6 KB
2 KB 64ms
30ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/slicknav.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c77ad2463a65b07ab16f6b13458b5d6480181fd01b307a1e9602dac63b25329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 668495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:15 GMT
server: cloudflare
etag: W/"5f8fe4b3-1664"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyh1HK79V9wWlMmBKVHCF6lWCLehEMiVqIdzpClBoorUTn6%2BMyzznlkrp26UkMau0rGbZMDAGKlNgBj4jX89gJj8FUlOXbDYERHCbmx5UWI3N1HhpBLOYtzAZL2p8t0Tcy3cDdf9WMHaCU%2FClw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd764394968fb-FRA
expires: Fri, 18 Nov 2022 19:58:28 GMT

GET
H2 200 animate.min.css
graphistik.com/template/css/ 55 KB
4 KB 53ms
20ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/animate.min.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed3871a7cdd082cbc715537d7c18b41c05c8f228a10bf7ebda096f8e182997fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1843687
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:34:45 GMT
server: cloudflare
etag: W/"5f8fe495-daf0"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjvE%2FqkjhR2dZ9s90bZjmw9YEz7YKWZblGwp%2FvlDpvpdmdb4J4ErlfaM%2BxxOeSLqBVr5Lx66k%2BYS5Peidf1HIGh8pcniCIbEzwP4R9NlPId%2FyPQXugUliZCiLsGcR07ezJkliLxG2MFunT0sLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd764394f68fb-FRA
expires: Sat, 05 Nov 2022 05:31:56 GMT

GET
H2 200 magnific-popup.css
graphistik.com/template/css/ 7 KB
2 KB 55ms
22ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/magnific-popup.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1843687
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:34:46 GMT
server: cloudflare
etag: W/"5f8fe496-1b27"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xf6qSXCyfUsK3B7%2BFnaoDmD5a%2BG8i2%2Fff7qPgel0hBzTxiT89SJhl5UlUo9T1bhR0ESeFrMRTEPZmjDyxf2iN%2FWI%2BBnCIiQTRwg93xJhbRqPbKMyxG%2F4u6xzNCUmMvN7kQhoj4xFvI9AKV5J6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd764394e68fb-FRA
expires: Sat, 05 Nov 2022 05:31:56 GMT

GET
H2 200 fontawesome-all.min.css
graphistik.com/template/css/ 34 KB
8 KB 61ms
29ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/fontawesome-all.min.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c91619ce3fbb1027b88729a8250d3c489f78802efade94e57db7eb8593b4783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 668495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:34:46 GMT
server: cloudflare
etag: W/"5f8fe496-8778"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lofJ%2FGKX6MCQzdTZqru8MxB2n98E265QS3f4kikKNaiYQAFYjT3EvBiPlCwecB36eulMyIwUm%2Bweu9FhyjqGPKV5qy%2FE0%2F4DxuQeZC7m%2B6Tzi2FlThQ1VegWSwhJ6slegXQkH%2F7HvPp2uwCJhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd764395368fb-FRA
expires: Fri, 18 Nov 2022 19:58:28 GMT

GET
H2 200 themify-icons.css
graphistik.com/template/css/ 16 KB
3 KB 53ms
21ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/themify-icons.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc50c9234e531dc0a85c496648772db66cc4d037ec385554305c65c99d85b526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243871
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:15 GMT
server: cloudflare
etag: W/"5f8fe4b3-4044"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhL9qV%2FLPnK6iBzhqmqm6Qk85P%2F5zM%2BCgMGg%2BGmBlt%2BTYLtOGjPsIn%2BduqmYecM97jb5dQqA3W%2BzCXUZq7eXIdLP231je7mtSs2SQEfh7SKCXs8ADOxNy03focGKBAeQjHHkzrpAwwSFzAMvfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd764395268fb-FRA
expires: Wed, 23 Nov 2022 17:55:32 GMT

GET
H2 200 slick.css
graphistik.com/template/css/ 2 KB
917 B 51ms
18ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/slick.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1555169
etag: W/"5f8fe4b3-6f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpRy6B93L3Gr%2BZFDq5xZqcMUUdVD6BSzk6NlPcxJ8OmXFZkwrWx8YL%2FVmIf1DC%2BaPnTQGDwzU%2FSNSs6HExNIAiI9%2BI2By%2B1x%2F8FlhivoUQwEBLRqfMnX4PyUt4iWSbvOHBHCHF1j26gAPvHwRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 760bd764395168fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:40:34 GMT

GET
H2 200 nice-select.css
graphistik.com/template/css/ 4 KB
1 KB 56ms
24ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/nice-select.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:34:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1555169
etag: W/"5f8fe498-fa7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifKnLzkS%2BJGwNFGAQpeobas6On6BjGFWuyG%2FdOi9hl2CpH3jz%2FwM5AaIsxxJeo%2FkoCxmXNTJM%2BhW0SdHNVCS3GPf9WnJQ3TByjQRoT%2FtiEj3rhnLkllYCVXz%2B3x0na1Gwpb%2BLJTXoNmTeeZMuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 760bd764395068fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:40:34 GMT

GET
H2 200 style.css
graphistik.com/template/css/ 89 KB
15 KB 57ms
25ms Stylesheet
text/css 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/css/style.css
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5471087dbb57ffc3d70587827a9d5abf09f6828217c94eeb4986e2453228f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1555169
etag: W/"5f8fe4b3-1642a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TW7ifVtnJAdICEaRK08Dhvmyas8QoNFIImrCp%2Fv49MEp6oqwr0RW%2FxjTRTrjrOPbq05j7CkKfv%2B6Y1B9W9Iwj2GgI8BRTH1o6cIf%2FCA%2BITnZBUEiJ1o6Gfalxktwa1YpIw3hMy%2Brs4sF%2F6Cpyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 760bd764395468fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:40:34 GMT

GET
H2 200 / Show response
dr6.biz/ 14 KB
15 KB 66ms
22ms Script
application/javascript 185.177.92.30
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dr6.biz/?te=he4tgmrwmm5ha3ddf42tamzz

Requested by

Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.92.30 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-92-30.ah-server.com

Software

nginx /

Resource Hash

638ce63072bd8dc1342082011d95dd73989b1c2439424ac24fa82024a920e3d4

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Oct 2022 13:40:03 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/ 395 KB
97 KB 116ms
16ms Script
application/javascript 2600:9000:21f3:bc00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:bc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebf7b463e2889acb14a10275820b649cd94854066e8a29dc2cbdccba50c7add7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:27:13 GMT
content-encoding: gzip
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
last-modified: Wed, 21 Sep 2022 14:33:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 771
etag: W/"b8fbab6bd585d83e0bdd53d43c8aa0aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 9qSBq0QyO3Y4tnpWW0sSK_dnPf-dG-mgJ2h-j7Z9e3h6aQDLLSdNMg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4062866992167421

Requested by

Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e87d6c017418a7099a9effa65b2a637575844684ab597db0bbfcfb62a46a3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55235
x-xss-protection: 0
server: cafe
etag: 15393630722160954245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 13:40:03 GMT

GET
H2 200 getting-touch-with-your-needs.jpg
graphistik.com/img/depression/98/ 78 KB
78 KB 203ms
190ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/depression/98/getting-touch-with-your-needs.jpg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a798ee773615b1fed3966228ecdf28fbc18315db2d06e67a89e23f44865de58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79387
last-modified: Thu, 15 Oct 2020 07:53:32 GMT
server: cloudflare
etag: "5f87fffc-1361b"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAGbG7IMYS%2Fz2%2B6pOzIT5pGCkFTF%2FvJfCkszRJ2uK6bcFDSFxLGL0PpTorqXYvnNy0AYm3GeOSZ5VEHBXIg2T21qcogXMCj5Al52xbJg9gupw7bZz8eiMRFn57hpysP1WNxgPUymuUhVqyQqUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479e568fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 getting-touch-with-your-needs-2.jpg
graphistik.com/img/depression/98/ 50 KB
51 KB 138ms
125ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/depression/98/getting-touch-with-your-needs-2.jpg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec6829494f76fee9af7524f7c93ca62dc4d49cae5c14c1613f3659ab06cb8384

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51600
last-modified: Thu, 15 Oct 2020 07:52:04 GMT
server: cloudflare
etag: "5f87ffa4-c990"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yt5SW7HwbTGHrQScyZA%2Ff90ZxacRu1wwyL%2BEDW5RCTooMSd0xmm2qoBiQzKlil0uL8z%2BCQgrj8CselC9NSDU49%2FpOqqtP6jME9yRG5%2FoD%2BcCJWBwA2iQDCAxBxpUjU3Z9JxA3PoJbsZA%2FLPtlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479e868fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 getting-touch-with-your-needs-3.jpg
graphistik.com/img/depression/98/ 79 KB
79 KB 132ms
119ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/depression/98/getting-touch-with-your-needs-3.jpg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cf57bf741808d9693a8476af4766ea0682df20ad7aca2ae5a3726fd5f534fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80579
last-modified: Thu, 15 Oct 2020 07:53:38 GMT
server: cloudflare
etag: "5f880002-13ac3"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNH0k2LGTY6VuyuKXUtUSBO0pNRmIH3rDf%2FV3DWRJFxSwJQ%2Fm9aV%2FGMQAL8CgZXGs98yo0V7CFYjhihNlNcrPCZ%2BJKGnXlMGXLKopXLvAZxYWPFZ6TEoj5pp5k5wIz7clT%2FNl1Zmc1FxEZuCBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479ec68fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 getting-touch-with-your-needs-4.jpg
graphistik.com/img/depression/98/ 40 KB
40 KB 111ms
101ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/depression/98/getting-touch-with-your-needs-4.jpg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09b5922e6f213a15e56c72a5d0ad874ee559cdb07818c788cafa6a14fdbf9c3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40671
last-modified: Thu, 15 Oct 2020 07:51:28 GMT
server: cloudflare
etag: "5f87ff80-9edf"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiknqhAmD%2FsTBLU1Re9QSd5vaOGi%2BB6n4C%2FdShR%2FeVBxNcvWekL43g2d3XmYHkoFwkAirT3JLxuIVr5PE71L0wo53GBuFR2Mr2w78dBtUlWXSMdxhNKzy4CSX1AD9k65zL1WqBQkNnQNbn21Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479ed68fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 anxiety-before-period.jpg
graphistik.com/img/anxiety/66/ 148 KB
149 KB 160ms
150ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/anxiety/66/anxiety-before-period.jpg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58aa85ce40075bd53c264e2191bdc7c08fa638281d8527c2b289e8ab496b20df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151505
last-modified: Thu, 15 Oct 2020 07:56:24 GMT
server: cloudflare
etag: "5f8800a8-24fd1"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUf2bp9k%2BWtpuYgEj123ws%2FpWaH9Er2eQlrbnJvgsTmc7QZjjoVmUMYDwnJJHD%2F0PpOUvDYxaRrZuXU3Su6%2BncQ%2B1oF0VgIFAOgbFVvc5%2B9luzh4B2Dk7XJ3zvvtYD2Sp%2Be%2Ftnxd9fjlIemEgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479ef68fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 why-does-love-hurt-much.jpeg
graphistik.com/img/relationships/75/ 92 KB
92 KB 143ms
132ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/relationships/75/why-does-love-hurt-much.jpeg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2509266225b4ffb958a903c16f4252867adb989b5b5156d1b9062e18970e264a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94145
last-modified: Thu, 15 Oct 2020 07:54:06 GMT
server: cloudflare
etag: "5f88001e-16fc1"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHCEuLGbzklkD7mkFGSZJunA9sOs%2FCTOwzvFMN6NwLKHK8Zio9fgwyQVKrmVxt%2FrIE1mxA7aV%2BbMNu%2B7Trc8HfOILl%2BLX9gofV4Xfutp7Yi6GVDIX9PF31YghCKZU4xsZjaiRguSlBzIpJ%2Fkqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479f068fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 what-is-slave-morality.jpeg
graphistik.com/img/morality/44/ 40 KB
41 KB 105ms
95ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/morality/44/what-is-slave-morality.jpeg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a58e5f501c61ccdd74022483b7401255dd19b32909e47fc8063b18f474a59c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41055
last-modified: Thu, 15 Oct 2020 07:51:08 GMT
server: cloudflare
etag: "5f87ff6c-a05f"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUzVQfi7brF3GSNBlNGdnXrZx6AQWNwBJGnApav5LDh364B7chYKQDBwyIosGvVkks%2BRDjGJGDQI%2FXk6us53vy6a4S8OhU5pNJ1Lsxz06glqNiCTvKP1SHc4DZlZzJXssSRapqR4C9iffFCMpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479f268fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 what-is-secure-attachment.jpeg
graphistik.com/img/psychologists/41/ 137 KB
137 KB 127ms
117ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/psychologists/41/what-is-secure-attachment.jpeg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec3b3c9e9614de1992dee92d143dc6231cd84929cc7cb8ca879c9b1c7a2d3fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140220
last-modified: Thu, 15 Oct 2020 07:56:30 GMT
server: cloudflare
etag: "5f8800ae-223bc"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RoFmAiTVnc825HynW%2B37i%2Fwv%2Bmuzp6be6qJf2S25ObDflwL%2FOMTt1jNUOQg7qXJ1ff%2BT6Qh1GoEd5nxLbzXHbRWq7R73r9msQogF8gLGZ97HCacUgZSv7ijmCEx3g1O7aPfhFJM2nbBGH8q1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479f368fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 what-is-peaceful-parenting.jpg
graphistik.com/img/parenting/58/ 94 KB
95 KB 124ms
114ms Image
image/jpeg 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graphistik.com/img/parenting/58/what-is-peaceful-parenting.jpg
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b17aa761d485107fbe0dc119b2518d2c70f58b0eff064f78b876ed5865f28ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96732
last-modified: Thu, 15 Oct 2020 07:54:02 GMT
server: cloudflare
etag: "5f88001a-179dc"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ikwa3Q9IRRD5G7Z0unbizRdyctzVIBl7149owvw1CdA2GEm76TahanqEbMb5Y%2FSju32qY8SjS5eqaVrGBg6e5RVf0y%2BtZp916xYDSXAM3WuFedc70wKBDcU06Bbnp%2BhG2WYzmuaBFeIEP0PemA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 760bd76479f568fb-FRA
expires: Sat, 26 Nov 2022 13:40:03 GMT

GET
H2 200 modernizr-3.5.0.min.js Show response
graphistik.com/template/js/vendor/ 8 KB
4 KB 32ms
18ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/vendor/modernizr-3.5.0.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 525ba420f42f72699e059e5c20dd3acd591da3d54d70a319b0e360369482dde8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 674136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:24 GMT
server: cloudflare
etag: W/"5f8fe4bc-21bc"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf7c2rn7jmOsPciDkdsVrhrMi6mGTKB8cCCBzqt%2FWu3VZA8KBKmbf6NmOQIm%2BiK9GLDrwuJrcou4LKhiRpPrgX2ULVPFfpqMsypYtHYmG9Bd%2Bfskx0sZ3xidfESjBlyhuuBdCnk0J9cXiPGFNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469b768fb-FRA
expires: Fri, 18 Nov 2022 18:24:27 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
graphistik.com/template/js/vendor/ 95 KB
34 KB 46ms
32ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/vendor/jquery-1.12.4.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554203
etag: W/"5f8fe4bc-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDJojlRLBVDzbPITdv0aeOlSPdWwwU4YNNBVpATdW92jslIzHr0jlGauMhcqlqszrRadpiaNp9139TER4f7eoiKVXR0nESLKrVrKauxFpqiEdiFd1hTRsr06MukPM9UFxNWQHd83XZ3e%2F3YF5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469be68fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:56:40 GMT

GET
H2 200 popper.min.js Show response
graphistik.com/template/js/ 19 KB
7 KB 37ms
24ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/popper.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554203
etag: W/"5f8fe4bb-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYKRXIUTzigqOdTxAc7fm1Zn667dbLqV0rr5XgC2k2KdlbUfsm1pY%2BulB%2F6WJxnb1vZhtbtAGTGkGCajuZXXinVBuqLXRk3LTj6xcpMXD0VeA6dmQRMPaOFMLy8%2F8UG1sHB64vqFaU%2BovVfD7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469bf68fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:56:40 GMT

GET
H2 200 bootstrap.min.js Show response
graphistik.com/template/js/ 48 KB
14 KB 34ms
21ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/bootstrap.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 674136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:21 GMT
server: cloudflare
etag: W/"5f8fe4b9-bf30"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFknKMHU%2B3YU%2FoKvITmR3jbpfqVZ9H%2FRtmjK5ItSx7kbiODSTvUBKYMhVKx%2Fkf2rKTXaLWMQ848nLFHYjW5GNbW3yxs3YaLLiU2af0wXiz6h2KVrgQm%2B4kLsompmjf1QSLTpRnQukfxzORrsPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469c168fb-FRA
expires: Fri, 18 Nov 2022 18:24:27 GMT

GET
H2 200 jquery.slicknav.min.js Show response
graphistik.com/template/js/ 8 KB
3 KB 43ms
29ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.slicknav.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 674136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:22 GMT
server: cloudflare
etag: W/"5f8fe4ba-20df"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtmzFhyNpnqpuaBCCEyJTZptMEJkD7bHMkI28P13dAznv9RdvfdvpaSpidmioDDWqGGiiOGL3YpXcpx8Q0njp1U0YKxMtDPm9sUIMqB4kb6riv6iVSeEy%2B3yDDijdrWWxl1N%2BkV0kK2FhAMUdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469c268fb-FRA
expires: Fri, 18 Nov 2022 18:24:27 GMT

GET
H2 200 owl.carousel.min.js Show response
graphistik.com/template/js/ 42 KB
12 KB 33ms
20ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/owl.carousel.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554203
etag: W/"5f8fe4bb-a70e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsRyeR4xIauOuQ5IhAN4uN7fQ54LYcmIKZhKvh%2Feya7FiZaLc%2BWVHpbImQRhkbVQk6LELNP6CnTW0KLHus2GZRdBo1Aok9SveFTMhSRXXKafaUk%2BW%2F2PGGGfsF7x7lRwQ%2Fmx5ioIZJYbXoXt3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469c368fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:56:40 GMT

GET
H2 200 slick.min.js Show response
graphistik.com/template/js/ 42 KB
11 KB 36ms
22ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/slick.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1851879
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:23 GMT
server: cloudflare
etag: W/"5f8fe4bb-a76f"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSWaaB58nrpIK1mWJrY%2Fq%2BOo4lssFWI3NbT7Odgdf2DEsO5pq2WIHaI%2Fszv5%2BvEX6xrcR3uGyKxEGzuI0hPB%2Fzjq4iv1%2BWOXw3iXPyS8YNcL9Df3h0P%2FfdyKb%2BXpPgPfORFa%2B%2BCY3Rfy%2Fi0qCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469c468fb-FRA
expires: Sat, 05 Nov 2022 03:15:24 GMT

GET
H2 200 gijgo.min.js Show response
graphistik.com/template/js/ 173 KB
39 KB 39ms
25ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/gijgo.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 619854bbaf5b0a7f6e4ea4322b0c10dc6c91ca94bb79ac69ff09954b6f36b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554203
etag: W/"5f8fe4b9-2b54f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rapWzDQrNRupb4%2BdRv6hXCZCg7TCjx8ZqN1qyNcA7gXUmDfF9SB6XXCRzZHt1Lwmr%2Butn8mVjHmyAMOyAlWJl1tJd0I%2Bk3rrPrS9cT9SLctLUTXm9OZsIAh8Riykx8mbDQxcOAe5H1BZXhe%2BZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469c668fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:56:40 GMT

GET
H2 200 wow.min.js Show response
graphistik.com/template/js/ 8 KB
3 KB 56ms
42ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/wow.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 674136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:23 GMT
server: cloudflare
etag: W/"5f8fe4bb-20df"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87CTURTI7SLkkto2sYetIDOhnTb6hWQqPprjGfMjD%2FOb5at%2BjHQj2XpghqAJj9JiQ3QHpXHwA%2BXudNlbeGn%2Bn6ZDoiAKJbaVp%2BYxdYxiyOdsEVitAJjDWFlE7qhTQr0%2BbFGde6Na4u%2F5DzuZDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469c968fb-FRA
expires: Fri, 18 Nov 2022 18:24:27 GMT

GET
H2 200 animated.headline.js Show response
graphistik.com/template/js/ 5 KB
2 KB 38ms
25ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/animated.headline.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d20866ac54b17d2205264f37b531fbb71b6a6425d124f551bd4c97a949dd43bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554203
etag: W/"5f8fe4b9-159c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5P%2BW8yUd3HTudihXlCRPHVppkXtd3FTgYhSQWYNWbSMhcDJXLdlnLh3qRt%2BSyDHUhu1uQH7qIaSYyc327RTfgTn%2BDMLYY9tns3EfE%2F0bUk4ZIfjL%2Blf89F8dHxGdGJdqYqNVatbulnerrb1qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469ca68fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:56:40 GMT

GET
H2 200 jquery.magnific-popup.js Show response
graphistik.com/template/js/ 20 KB
8 KB 42ms
28ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.magnific-popup.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554203
etag: W/"5f8fe4b9-4ef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ1O7pTtA7%2F5gZxFVigE%2BFvKQhkhtSlWDGhjBU6M6QEY2YIoeFa1ZIbw7sSC9XWpE53w5xaPIfgTEM517P1Uhmgahs3r5JMM0s3sZ23iQ8YQsMK%2BczyEfZtVEsl3Hwqc%2F558lJ0HbkBWMlEshA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469cb68fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:56:40 GMT

GET
H2 200 jquery.ticker.js Show response
graphistik.com/template/js/ 16 KB
5 KB 42ms
29ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.ticker.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf1b99bdb1e9ac3f93600da11399d4ef077bf2df73eac462a1eb3a75952ec1e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554203
etag: W/"5f8fe4ba-4003"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVcT79hLbpiH9ZFyELhiaepI26Xi6DYhhhqatkgbZ5FJKywrL9joWDDhEjKnEuzRocg%2FX5K1%2FaMntcdaeeYuHHFTDGrOnDQaCjexaHiEnyqI4VyMv4K%2FOrFiBDYo813zjI9fuifAm2CauhJckQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469cc68fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:56:40 GMT

GET
H2 200 site.js Show response
graphistik.com/template/js/ 674 B
663 B 43ms
30ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/site.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df4fcd5d701c5582c994a7a0d674d4765ce7bd90c44fe46409d6fda4837d2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547585
etag: W/"5f8fe4bb-2a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1RR6fA1f%2F%2B7yJL0QZbl0moeuaE%2B0gunexjDrx6EBjZerfW2otpw4QtupbblaSxRalgD%2Bi0LOgDgkQnc3RltLM9a%2FzlzHl5QsZcodAHTrNBqSwHxwhaZnr9ZyLG3Rd85o0F123fsmrjB9HiRMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469d068fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 15:46:57 GMT

GET
H2 200 jquery.scrollUp.min.js Show response
graphistik.com/template/js/ 2 KB
1 KB 47ms
34ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.scrollUp.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1174520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:22 GMT
server: cloudflare
etag: W/"5f8fe4ba-7f3"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjIfuMADA4r2V6gQD5VqidqU%2BgGXENYAZkgPoPIHxKECO%2FRvR4M1k0%2Fu%2B153rxljfY9liGnFf7CjleSBP2MQe5pI1LdHzEcgTTyhWEL3jzQFk7OznurxTHT5c4Al%2F8bty6AdNZrzUyjMz3Gt7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469d468fb-FRA
expires: Sat, 12 Nov 2022 23:24:43 GMT

GET
H2 200 jquery.nice-select.min.js Show response
graphistik.com/template/js/ 3 KB
1 KB 41ms
28ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.nice-select.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547585
etag: W/"5f8fe4ba-b7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=be1UaYDkjRbaJ1OC7zqeVJ2T7q%2FMCOb%2BO2uE7eP8oX9HpgSF8X6S8PZAaXF8eLtQiMjriJ6xZ8ZVJ%2FoVzPK%2Bcx6wV6QIR54LopDCCdfT5D9FIj%2BApLfR6wfR9Lqb7%2Fbn0xyIvbWa5u4YNiiObw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469d668fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 15:46:57 GMT

GET
H2 200 jquery.sticky.js Show response
graphistik.com/template/js/ 10 KB
3 KB 43ms
30ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.sticky.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1554203
etag: W/"5f8fe4ba-2765"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RvnGbEerfSO9TyinRf6E9gL2b%2BdnvKVaT2z9x6gy828LZ%2BAhyh2VXLEPtJPP%2FDu%2F%2FNjvE%2BkhAINbFUSnMJa7dt16WjliMiFASugJ227aRGNtwAzcFcNymPVti7qMtOeoaHzboUopxJ7Qi3uug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469d868fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 13:56:40 GMT

GET
H2 200 contact.js Show response
graphistik.com/template/js/ 3 KB
1 KB 32ms
19ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/contact.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f4afce6fd298cc840c98c170e74c218f9fc1985bec37d0c00b5056f3b3ff2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1174520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:21 GMT
server: cloudflare
etag: W/"5f8fe4b9-c24"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3WlH9Ib4BilYVf3bpwSNeNAgbqGhTPWK8m5VP0C195tWteYkh%2Bgv5ZxCSMPmtts2kPhaqnofduZxI3YtwsL1Fx03FKLw6eMZN%2ByvBsHyjCkxHI7n%2BlfH0qj%2FgpX%2F0S7FY%2FbeA1jqB6T1ne3eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469db68fb-FRA
expires: Sat, 12 Nov 2022 23:24:43 GMT

GET
H2 200 jquery.form.js Show response
graphistik.com/template/js/ 40 KB
12 KB 44ms
31ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.form.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14b30a934e36cdfc5301709bf515adc31e060bd7275eb056964cf7d2ed6e7550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 674136
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:21 GMT
server: cloudflare
etag: W/"5f8fe4b9-a087"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akftgi2AJo4sOWRUc%2FH%2FxVWcVak%2B7HcR%2FENYXR8nSiAiIa3DKHk%2F3GVP3%2BJVtwVsusrEVdRAm4m4TjDek7w%2FI%2FcSOW6aFMtgjQo9Jh6PeogZc7KOvkLN09ds2u3S0da0Im6vSJqr3Qj0GwJXZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469dc68fb-FRA
expires: Fri, 18 Nov 2022 18:24:27 GMT

GET
H2 200 jquery.validate.min.js Show response
graphistik.com/template/js/ 21 KB
7 KB 42ms
29ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.validate.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1174520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:22 GMT
server: cloudflare
etag: W/"5f8fe4ba-524c"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkx1RfTPZLb5P%2Fmk7ck5N2LfiTWS2hpbzUJK41cASaxSkbK9BCgNLHqjVNhaHT4RTZjBXB4kGgzW0EkMjFlbgicoevuS1xehAi8ToSgWEnP1Q08YRa82kZCFx1%2BeUIH6NHs6kRzJQkSCGpJ7Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76469dd68fb-FRA
expires: Sat, 12 Nov 2022 23:24:43 GMT

GET
H2 200 mail-script.js Show response
graphistik.com/template/js/ 1 KB
822 B 35ms
22ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/mail-script.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f639fd4c4119503e72e2bf2eb9c8a5984f7c83c7683c82dd0350ee9f63b3fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547585
etag: W/"5f8fe4ba-4ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmVfT72cOj32fXocdO79ZStmC8cinfY7KhhptMeYk01BRyE1aoyoOmQ04vDIUuwjg3QFUlLwpmlFMc%2FiJF%2FkIC0dux8OOOLOatNc9bLoL1XIhNoyJt0x5bMuRIph33uZtLliTnjHoCQy9ivjVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76469df68fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 15:46:57 GMT

GET
H2 200 jquery.ajaxchimp.min.js Show response
graphistik.com/template/js/ 5 KB
1 KB 46ms
33ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/jquery.ajaxchimp.min.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1174520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:21 GMT
server: cloudflare
etag: W/"5f8fe4b9-12d4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmHeEUOn%2BbA%2F7HP2Jba9s3AndffEhm7iERY2QeYjG%2FC6HwEl0owFhk0BnplnWgU9jcuKDutML3IxVnlh9HrjiBZUGIBTXmuBXjm9e3BNKC3f2PEjCjG17VZh%2Fbl7GJsN%2BxFQ6mMBP5%2BPCSJ%2F8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76479e168fb-FRA
expires: Sat, 12 Nov 2022 23:24:43 GMT

GET
H2 200 plugins.js Show response
graphistik.com/template/js/ 760 B
726 B 45ms
32ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/plugins.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6129bd3aeb079f5c310d2a9618478ba0d621992c1a5e5ef320917937dc2dbb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 07:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547585
etag: W/"5f8fe4bb-2f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTgHUy2NVqyn8vb%2FQTG3bUAj6fKQl9XCFR77NT6ZDn1dsmcGgnZmQTAohbqUOqQOHltmUa1fzrQJoqVaGpReGkZ6cfMkCclebs0RcT14hy8iOb5%2FpuA9aApwK%2FgeYNaRv2rh4d50DM6hb4%2BpHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 760bd76479e268fb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 08 Nov 2022 15:46:58 GMT

GET
H2 200 main.js Show response
graphistik.com/template/js/ 8 KB
2 KB 47ms
34ms Script
application/javascript 2606:4700:3033::ac43:b815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://graphistik.com/template/js/main.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 441e881c4c9390b16198285e9b3a705fbfe757db1b24c14ae7ee2af62c289950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1613539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Oct 2020 07:35:23 GMT
server: cloudflare
etag: W/"5f8fe4bb-1ee4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deEPY4lwgoRM5Ie79qLHPAIu7aBqALUs6X08YGb%2BYPNSWJ5SJXcsR8Xh2rlNg%2F7wFWgWWKUwr1jSfJ2Eltxf%2FMVK%2FxQcUyrCggjOY6xREp9ezOXN4xNw%2FNMmVkL9CvEdKx7AYqBDjX1Gs%2FIyOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 760bd76479e468fb-FRA
expires: Mon, 07 Nov 2022 21:27:44 GMT

GET
H2 200 192355X1677953.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 54ms
11ms Script
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/192355X1677953.skimlinks.js
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1e153517d0b554200b12533eee9889bdf1c4666db4464e5f000b8ecfc2417a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 08:52:03 GMT
server: AmazonS3
x-amz-request-id: 6NDXR9MN0DBD8J29
etag: "f4a0edfcb9f3b9ca0083db74b6a2e21f"
x-hw: 1666878003.cds246.fr8.hn,1666878003.cds132.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18866
x-amz-id-2: mvYrKQbEYc7WvBeHhSbsVC4djj5Bq66gcFL1WXSpx+XQ42YKzXEY5BfrNTUM5ygAUVpZDA2qZ5M=

GET
H2 200 css
fonts.googleapis.com/ 1 KB
978 B 61ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inconsolata:700

Requested by

Host: graphistik.com
URL: https://graphistik.com/template/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dff20a84996ce1ebc8618195c994aebf8047cce24b9cf6dbb234beb35d355a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 13:34:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 13:40:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
923 B 63ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Requested by

Host: graphistik.com
URL: https://graphistik.com/template/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 13:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 12:20:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 13:40:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 54ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:03:58 GMT
x-content-type-options: nosniff
age: 146166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:03:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 69ms
30ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:55:48 GMT
x-content-type-options: nosniff
age: 261856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:55:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 46ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 261839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:56:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 56ms
33ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 18:17:14 GMT
x-content-type-options: nosniff
age: 242570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 18:17:14 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/ 353 KB
116 KB 88ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062866992167421&plah=bg.graphistik.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4062866992167421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d93f6e787c6ddda41074d169749f8fcd40f38c17427d3da9b54d008af70c1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118756
x-xss-protection: 0
server: cafe
etag: 7573348176545144389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 13:40:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/ Frame 2A8F 10 KB
5 KB 83ms
23ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221025/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4062866992167421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 17:15:11 GMT
etag: 9671129459699598864
expires: Wed, 09 Nov 2022 17:15:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9T8n4cTPNRU Show response
www.youtube.com/embed/ Frame F408 69 KB
29 KB 121ms
77ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Requested by

Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1779d47eee3d37f8fa3e10bea7a77736b1ed381d331d08b1835e373a942f6e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 47ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 237814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 19:36:30 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 41ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 248112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:45:44 GMT
x-content-type-options: nosniff
age: 190460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 08:45:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.graphistik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 493160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:40:44 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 149 B
374 B 206ms
20ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677953.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

e277655afc61ff30b8e6a2dff2e801288a861805f24bb05e70133989b8a95976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bg.graphistik.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 66DA 0
134 B 205ms
19ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4465319348921577
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.10 aiohttp/3.8.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 213ms
24ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=9.267056310982094
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 27 Oct 2022 13:40:04 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 212ms
23ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=9.267056310982094
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 27 Oct 2022 13:40:04 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 www-player.css
www.youtube.com/s/player/64588dad/ Frame F408 360 KB
49 KB 43ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64588dad/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a315394ef4f9bf1be0bb1f3c89379b73cd6d55f0387881c763fb46bf6098cd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49873
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Oct 2023 14:48:31 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/64588dad/www-embed-player.vflset/ Frame F408 306 KB
95 KB 64ms
36ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64588dad/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de0e3e13ac455201d77e111b8c417ddae1ea4689e4406203baaa78d0ff9532bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97474
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Oct 2023 14:48:31 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/ Frame F408 2 MB
573 KB 63ms
35ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe60618c72a8859f6e3ddceab04f2834d4d8f938b76e419bf59ea7504c6af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586765
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Oct 2023 14:48:31 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/64588dad/fetch-polyfill.vflset/ Frame F408 9 KB
3 KB 62ms
34ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64588dad/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Oct 2023 14:48:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 148ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44aca1eae3e39ba997248990086d3869b5c11e0b9061db488cc214e12d77b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27374
x-xss-protection: 0
server: sffe
etag: "1375 / 538 of 1000 / last-modified: 1666868789"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Oct 2022 13:40:04 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
461 KB 12ms
11ms Script
application/javascript 2600:9000:21f3:bc00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:bc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 14:57:40 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 30926545
etag: "6dd0a13bde35d2daa452bba998871016"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
accept-ranges: bytes
content-length: 471445
x-amz-cf-id: y5qzoSxcE8y8eWYdiCPYVaPvy4BEfZK0lQOAekkbedhfNhad58aobQ==

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F408 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 160403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Oct 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F408 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 227925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:21:19 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
466 B 42ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bg.graphistik.com&callback=_gfp_s_&client=ca-pub-4062866992167421&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4062866992167421&plah=bg.graphistik.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f856fd59d0e34b5bca7df38076f05bf9b9f6a4d1f8bdf0a11a4f2a545c59a9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 95ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bg.graphistik.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 84ms
25ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.graphistik.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4145 0
19 B 182ms
146ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&adk=1812271804&adf=3025194257&lmt=1666878004&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004005&bpp=4&bdt=172&idt=315&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8440485987196&frm=20&pv=2&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Thu, 27 Oct 2022 13:40:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 / Show response
r.skimresources.com/api/ 149 B
196 B 58ms
21ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677953.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

e277655afc61ff30b8e6a2dff2e801288a861805f24bb05e70133989b8a95976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bg.graphistik.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F12 23 KB
10 KB 387ms
352ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=4024887964&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004009&bpp=1&bdt=176&idt=348&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Js6lvdzJcL&p=https%3A//bg.graphistik.com&dtd=354

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76220f983ec2e88479da255ea753aac8c9f8f89607c1a30fe1e9709ab601fbc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9904
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Thu, 27 Oct 2022 13:40:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0199 23 KB
10 KB 415ms
380ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3aee14d9bba42b87ad4f31feb241f862eb923d367c519b5fb72bde2455acb53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9873
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Thu, 27 Oct 2022 13:40:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 66ms
19ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bg.graphistik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bg.graphistik.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 62ms
17ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bg.graphistik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bg.graphistik.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 73ms
55ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221027

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6016bd5dfd9120716d82ab36e9d5c868a5757a039289a8e7991c01eee56d8770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 20259
x-jsd-version: 1.0.1505
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-yyz4548-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"669-WCWweklgZdpQ9GmupM1lKDfHFsw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 760bd767df5e9bfe-FRA

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
863 B 50ms
22ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
x-amz-version-id: 1666365882701197
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
age: 512075
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7VFRSb5GAd1YAXH8og1NLg0zQcGMu4KquT3yVeB4ZXn1P6zGS49dAMhZTa1mCheS5%2FOwnB019MSEbZhyxgsgy9uoYHB768WG6ZHNmyxcHREdaXoseuA02s8yXkNREAJclnjSAV2aoI9RpAJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 760bd767e8d8920d-FRA

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 53ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.graphistik.com
date: Thu, 27 Oct 2022 13:40:04 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
738 B 84ms
61ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:40:04 GMT
AN-X-Request-Uuid: 9fc1b0b2-62ad-4716-b8a3-28d2d7d0ead4
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bg.graphistik.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
157 B 56ms
17ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.graphistik.com
date: Thu, 27 Oct 2022 13:40:03 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
410 B 94ms
54ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://bg.graphistik.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 47ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.graphistik.com
date: Thu, 27 Oct 2022 13:40:04 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
738 B 40ms
22ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:40:04 GMT
AN-X-Request-Uuid: fb7b622e-acb6-4899-beb8-b1e1629c016f
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bg.graphistik.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
409 B 122ms
81ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://bg.graphistik.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
277 B 50ms
15ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.graphistik.com
date: Thu, 27 Oct 2022 13:40:04 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H3 200 page Show response
t.skimresources.com/api/v2/ 22 B
43 B 37ms
21ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677953.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.3 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.graphistik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://bg.graphistik.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Oct 2023 13:20:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 76 B
100 B 85ms
34ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.graphistik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f72d7c846719e7517f1ff16bc203c5eba57e1fe637a0b1d021bb00e76211efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75
x-xss-protection: 0
expires: Thu, 27 Oct 2022 13:40:04 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F408
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

22ms
22ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1454fe864e408060619f5cac9f05f47c84b74564fcdb2b90669ad8124796049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Oct 2022 13:40:04 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F408 29 B
588 B 62ms
14ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64588dad/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:32:23 GMT
x-content-type-options: nosniff
age: 461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Oct 2022 13:47:23 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 76ms
23ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 27 Oct 2022 13:40:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F408 66 KB
30 KB 96ms
44ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d768cd6f3ca3abc77fd4f46b3fd16742855f926f0f253612f4d015f532ddf93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30987
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/ Frame F408 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9996702b9882e1d6749cfc4967e3d357880aba3c6496888dd2a04db1ce60e334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37164
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Oct 2023 14:48:36 GMT

GET
H2 200 wjh_uz0vV4kvmBh32RTA-9oL3vnIf1WTq69pxsOy-vU.js Show response
www.google.com/js/th/ Frame F408 36 KB
15 KB 96ms
29ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/wjh_uz0vV4kvmBh32RTA-9oL3vnIf1WTq69pxsOy-vU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2387fbb3d2f57892f981877d914c0fbda0bdef9c87f5593abaf69c6c3b2faf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 05:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14314
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 05:04:23 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/ Frame F408 26 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63aea9f3b55e3e96839c90e39390619b879ff87a2a34a007336cbe6c71551b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8262
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:18:12 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Oct 2023 14:48:36 GMT

GET
DATA 200
OK truncated
/ Frame F408 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu8FcHKKA3Lqbm2gy3oPs7xf90UFCI0USc1WgzGW=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F408 3 KB
4 KB 92ms
24ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8FcHKKA3Lqbm2gy3oPs7xf90UFCI0USc1WgzGW=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

38e93e2d0130b75caa05136a516c440931b6c3f6a3d65acdae96e00beaabac22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:23:34 GMT
x-content-type-options: nosniff
age: 990
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3574
x-xss-protection: 0
server: fife
etag: "v25"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 30 Jul 2022 11:58:21 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/9T8n4cTPNRU/ Frame F408 17 KB
18 KB 79ms
24ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/9T8n4cTPNRU/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7547ede8d8e0f53e37fa616f0914553f56fe1ee7c97efedf53150b2da87e448d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17416
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Oct 2022 15:40:04 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 74 KB
23 KB 40ms
22ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
x-amz-version-id: 1666365881812584
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx5fad6a9767544b2485351-006352baaf
age: 477857
x-amz-id-2: tx5fad6a9767544b2485351-006352baaf
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GmJNxax924AmrPTx5CAK3SNSWtRPXxnbanXUQQ%2FlKKU9xuCnsWdZx2Wx9NF7W9DfUI%2BS3WwaYLx3xigaKkEFBefsEUmLfFvfjPSTodI13NMVNCGHi7uwHRS6JHN6rX%2FCSmU%2BUFt4dES3qZb"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 760bd768f867bb44-FRA
access-control-allow-headers: Authorization

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F408 10 KB
10 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:29:26 GMT
x-content-type-options: nosniff
age: 231038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 24 Oct 2023 21:29:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bg.graphistik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
24ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.graphistik.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1001 B
576 B 366ms
365ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3958024933254921&correlator=2197877443865474&eid=31069102&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=3132106321&sfv=1-0-38&ists=1&fas=8&sc=1&cookie=ID%3D98ed07f076ff4844-22041d3e58ce008d%3AT%3D1666878004%3ART%3D1666878004%3AS%3DALNI_MbMA0JrDehHHpmNvf80zAhp1ouJSw&gpic=UID%3D0000089439b8d55c%3AT%3D1666878004%3ART%3D1666878004%3AS%3DALNI_MaKNsctTsEFr6PErPh7iVdNI_K5IA&abxe=1&dt=1666878004659&lmt=1666878004&dlt=1666878003833&idt=797&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c993254cd63a84c506c7b7a0b5d7d87971d91c3478399774b178b65e37d2c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 545
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.graphistik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 110 KB
34 KB 833ms
832ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3958024933254921&correlator=2197877443865474&eid=31069102&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_stat_S3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C750x200%7C750x300&ifi=6&adks=1202500967&sfv=1-0-38&sc=1&cookie=ID%3D98ed07f076ff4844-22041d3e58ce008d%3AT%3D1666878004%3ART%3D1666878004%3AS%3DALNI_MbMA0JrDehHHpmNvf80zAhp1ouJSw&gpic=UID%3D0000089439b8d55c%3AT%3D1666878004%3ART%3D1666878004%3AS%3DALNI_MaKNsctTsEFr6PErPh7iVdNI_K5IA&abxe=1&dt=1666878004665&lmt=1666878004&dlt=1666878003833&idt=797&adxs=250&adys=852&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&frm=20&vis=1&psz=0x0&msz=728x0&fws=640&ohw=0&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c354b23d8d007c3e945d655805b9676bef7ac659bb1b650fdd8d8a227fd38e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35265
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.graphistik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE75 6 KB
4 KB 85ms
24ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Fri, 27 Oct 2023 13:40:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022102001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fea7b0113ae6fdb085de4fda6c1c5d2920fc700be5fb52142a4d17b09c01f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 05:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13942
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 05:36:23 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 106 KB
35 KB 1166ms
1164ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3958024933254921&correlator=2197877443865474&eid=31069102&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_SF2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=7&adks=4230804918&sfv=1-0-38&sc=1&cookie=ID%3D98ed07f076ff4844-22041d3e58ce008d%3AT%3D1666878004%3ART%3D1666878004%3AS%3DALNI_MbMA0JrDehHHpmNvf80zAhp1ouJSw&gpic=UID%3D0000089439b8d55c%3AT%3D1666878004%3ART%3D1666878004%3AS%3DALNI_MaKNsctTsEFr6PErPh7iVdNI_K5IA&abxe=1&dt=1666878004691&lmt=1666878004&dlt=1666878003833&idt=797&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=640&ohw=0&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbf07f8ad86e656ef138daeb30c2a73f218df235799ef88c4c52688a8383eb8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35511
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.graphistik.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F408 4 KB
3 KB 69ms
23ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:40:04 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F408 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?-i7PBw
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 3F12 3 KB
1 KB 68ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=4024887964&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004009&bpp=1&bdt=176&idt=348&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Js6lvdzJcL&p=https%3A//bg.graphistik.com&dtd=354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 3F12 17 KB
8 KB 65ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F12 152 KB
47 KB 81ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:40:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0199 3 KB
1 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:21:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 18:21:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0199 17 KB
7 KB 61ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0199 152 KB
46 KB 93ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:40:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F12 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUQEFNIpaY_2cH_6VvPIP9OegyAfJntKxXPWdmPdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTQwNjI4NjY5OTIxNjc0MjHIAQmpAvV6_-v_17A-qAMBqgTnAU_QJvGMAaHaOrX_MCy1CkmDs4EFbjnAKUL2XKGjqjJkr016_qd2i-SeCZ4U-Nvaqydp6Mi6txggHo7jIrrAx1fK_rYIV1bfWbThNr-yoQjnnXAiMntBV82Taf9ATJjGOQ2b7EoJf2WjX8aWnwPdwiKptk9W8byH1SkTW0Ru5J0YyGxyzLAa8F38tosNAtBERqya6RnfupzJS9Mj9zcDUuS0BSa8_b7eF9zHGJu9MZwSFpeSk1e5zeR8MmYrBC699ZMP00xfGiWQnzRmeQRFybxqiZ84EEJIjHo2z6OPbNtu7Um5YlDYZoAGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MDYyODY2OTkyMTY3NDIxGAA&sigh=79HR0V1wcyo&uach_m=[UACH]&cid=CAQSGwDq26N9vQjkMN4tV1n8XS_6Xbn46ACEOF_HShgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=4024887964&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004009&bpp=1&bdt=176&idt=348&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Js6lvdzJcL&p=https%3A//bg.graphistik.com&dtd=354
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 13:40:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 13:40:04 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 3F12 0
0 78ms
18ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kpq8Esz6RMEFmAKdg2ICAgAAALBpMEoMn4D4bJQTbBA0ilpjiKEO4m7KXBFZJfsAEgAA&wp=Y1qKNAAHzn0ITwr-AAgz9M6NtKD0I7tf4C0aKA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 253551
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5A2A 122 KB
43 KB 146ms
100ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1qKNAAHzn0ITwr-AAgz9M6NtKD0I7tf4C0aKA&u=%7C6sF%2FG4i0GeQ3IZ8azgVhr9eflPJ0Xoga97s2SfYVDXI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9XFx-HjBMFKmFhVHyCnurmqOJWaJUmgrOReUXb-oYayYsIlUxuEdPKmhxUwk4YuVs-P_Mq_76iF-MjsB3qs0GAagtnv-zTDjygA1MLZAaD3moRCps_OrsMtCq5P60E5KvvrUGJ6kEhBuI_ZI2oCRc0Tqfupuax0Assih-UQVsbj_4S5lX735hlKSDR_oyNC2mrNSADWpDcyX65Txk7O9hUtyq0K_AbsBPOiBnAryZ-Oc4x_ckVYeKI4C3eH904vJxypN7cUqqf2ztsjNOeCXCw8g9LPEQe7ieudiAqn-JZYNi4ZfN7dpXgYzXTdnbS1CV2P9uWqQannWrUKdc8WTKriVYwe6AiyTvrDmqe5oP9W6MH6jw0Yo4ZxaRYc9tjRkkvjUgXj_6gk84xDFgdp9cNRuSBZREvhZ4wkgiqiSyhJzGmBrZZWqaWgak1_PJCHn2Sy8iddrWTNTe863FhXgWOpW5wDCiPnnLra4aXg72WlhJdRCkGl5hIqUl2fk1iykWH68xGombKSL6Y8hjj1af2zw2yKXpG5Is05M44XV4ToVDxRYUmpmL2sEzAAM4UPsv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbq5FNIpaY_2cH_6VvPIP9OegyAfJntKxXPWdmPdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTQwNjI4NjY5OTIxNjc0MjHIAQmpAvV6_-v_17A-qAMBqgTqAU_QJvGMAaHaOrX_MCy1CkmDs4EFbjnAKUL2XKGjqjJkr016_qd2i-SeCZ4U-Nvaqydp6Mi6txggHo7jIrrAx1fK_rYIV1bfWbThNr-yoQjnnXAiMntBV82Taf9ATJjGOQ2b7EoJf2WjX8aWnwPdwiKptk9W8byH1SkTW0Ru5J0YyGxyzLAa8F38tosNAtBERqya6RnfupzJS9Mj9zcDUuS0BSa8_b7eF9zHGJu9MZwSFpeSk1e5zeR8MmYrBC699ZNN0W3NnaoMjIv6baeV9BqSgIsypkhmlPiCB54pnmRwwVE8yNTL2eI0W4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dKJ4Jl4_brvtzd8F28o9NbouZIw%26client%3Dca-pub-4062866992167421%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9edd5cde889173f89d4b37eac9bfb6b6124356e0e0e71874e3c8d82163a62511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=sRRj4cQ98AuVCVpjVXeUHYGkEvl3Q_KpMMgu1DAvt5D8QZwIVEyCwbKMHmoxonk4NCqXM_mcTsw3IX0DVbROsi64efhT_gcGNpQHzjM-TgHt02DhknJ8iq2JRmBpGPhFP3kGA0s1x_8ziVr1lDJtwc9IDNHqU3EO58MY1zsg0EzNVFvu3s7ZlGhBRGcf56Ps14CSCaOAdW7Z1QULGNjt1P1QGWRs4aulFce_3rsmiSkE2ZICgSgoinaaLfiB0yGd8yv7CQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 79689756
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0199 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFiyfNIpaY8e_HvnlxtYP7L-0iAzJntKxXLWY49aTAcCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MDYyODY2OTkyMTY3NDIxyAEJqQJSfh4lauKwPqgDAaoE5wFP0E2bBBobTDjaDAu4JZsH9HuJyAFlmltWvsvwmtxCIFEnTP38mm0fLL07cPTeE4fvqMHDne5-a82bzE93_3K4-KoKAjLhlm_RSMBELaYfGPUKDsLX04BJ3irCsLGsqq7b2L9ffBXHwmYLiXRbAw-RoMDODwh3ndi8c5-Aa2HzAKJvvCfQg1GpXxcKaaZWa3nL7FMz6894vVYV8hjKD26EfuP1-ZLHluGProVTebQQtjnBJUkUiOO0V9FzdZ8lOwAs6JKXHF1x5z0ETMnzB5L2sPZYdJwQdp_axpZVjp_8lq5nSYDn7U-ABoq-wI334YCFbqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDA2Mjg2Njk5MjE2NzQyMRgA&sigh=7lvX049VOYo&uach_m=[UACH]&cid=CAQSGwDq26N9ugxkxBudMV1Qh9u_2zt92YN5C2Vr5xgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Oct 2022 13:40:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Oct 2022 13:40:04 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 0199 0
0 74ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kpq8Esz6RMEFmAKdg2ICAgAAALBpMEoMn4D4bJQTbBAzilpjOTGN-vdJ7-aqPXYAEgAA&wp=Y1qKNAAHn8cE0bL5AA0f7Hq6qYdhakTXYudaqA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 338393
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 44FB 127 KB
44 KB 164ms
120ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1qKNAAHn8cE0bL5AA0f7Hq6qYdhakTXYudaqA&u=%7C6sF%2FG4i0GeSBH30qS7NvrINP%2FfecEIgDgpqJPLkBFF8%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9XFx-HjBMFKmFhVHyCnurmqOJWaJUmgrOReUXb-oYayYfMEWvUCxmvgLxadY202kkUFpmdEU8nzbnC8Yaq-McvZBy-_C5CObpUfYa6I05p96DBZDQ13VTaNdPKjUxpkx7fRcBe00yMwEWRC-4YnLBlduoKJIPXA3t5QC51VpycnJitwF2zu_5KPcuKSi9MuYP8QxGI0ODZ9Bixs3bstgt2Jva56u7as6S61gGpsbDrwLB9l5sOT86zYXy7V3qji01CPPe0mRc703_Ja9jraoAb-f9RseJfYzxoS8BECf191kvrtnV0XtXWecSRVqt1vbOL9Satqbv4veQD0cDSPo3D_u4N3p4iDCSdqUQmZRx0XLbfxrxtvuu8dBSDx9FgxALWcJrPImhVUyHY8gCtYJQbaDz4lirumshXY6XxihUGcCxK0XH-JoIkfFCNGhQUb8gxuR9xTHsdLE67lUF4YvBFD_pzMNzRB58wOnC3F486EpUYQ6T23S8VDDrVU2r8Vc9pzaAUQUhBdgHnYS2jeBFiub1r4VLqpdl6xvFboNBv4vvmvrNExvcEU1KCMD_Ctw3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeiNINIpaY8e_HvnlxtYP7L-0iAzJntKxXLWY49aTAcCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MDYyODY2OTkyMTY3NDIxyAEJqQJSfh4lauKwPqgDAaoE6gFP0E2bBBobTDjaDAu4JZsH9HuJyAFlmltWvsvwmtxCIFEnTP38mm0fLL07cPTeE4fvqMHDne5-a82bzE93_3K4-KoKAjLhlm_RSMBELaYfGPUKDsLX04BJ3irCsLGsqq7b2L9ffBXHwmYLiXRbAw-RoMDODwh3ndi8c5-Aa2HzAKJvvCfQg1GpXxcKaaZWa3nL7FMz6894vVYV8hjKD26EfuP1-ZLHluGProVTebQQtjnBJUkUiOO0V9FzdZ8lOwAsqpC2jtr-ey670N1Q169QSP9MfioaWIdYcl5oKG1DiIJ_zCpj_vDZZceABoq-wI334YCFbqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0t6QpFJ_U3oSLKf1BX61gwWZpy3Q%26client%3Dca-pub-4062866992167421%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=3289369676&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004056&bpp=2&bdt=223&idt=312&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C705x280&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=3434&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bOeiMfJgSQ&p=https%3A//bg.graphistik.com&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

71078d9d999c8e8f0e3903d5c84f0feae6d9f3d496f0ecc48f002393e5a337fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=FOBEDsQ98AuVCVpjdWVyHD4-KdxoiyGJAZSKU0dLMFOaWlyn8qRtQOQ1tip-b0ttCiO03Wqqg3F8pzPK1pS2cXrkqqwMxk7-MMGJYBz9n4K9IghNp6edkPwr1anUQDyQCCZCX2XRuewW4fqE-zE7zR19Nx6Ry6nYlsFkVHpjbEhdLMU7LuT80DzTwep5RPDf47hn0sJs2jJM-0uyaJMNR906AakEfE_hx_ipSz2J37kxtFVo8hK-zTGqByb46ysopeerxg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 91264106
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/106/ Frame F408 52 KB
15 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/106/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:17:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 15:10:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 28 Oct 2022 08:17:47 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F408 90 B
134 B 26ms
26ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64588dad/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29994a9eb5932e62c87802b3b690ad6ae91a223aa3b4f4a93959cb54211a1324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 22ms
21ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 27 Oct 2022 13:40:04 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3F12 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f2f25ebdb5ab38848e09da1f22b8ac40ff4c01f6ab44f4a15944734bb7f4df8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0199 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab365546f095ce6e728d1a3d9ca5afade77a44e3deb192c8e2be522f793490f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5A2A 2 KB
1 KB 80ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1qKNAAHzn0ITwr-AAgz9M6NtKD0I7tf4C0aKA&u=%7C6sF%2FG4i0GeQ3IZ8azgVhr9eflPJ0Xoga97s2SfYVDXI%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9XFx-HjBMFKmFhVHyCnurmqOJWaJUmgrOReUXb-oYayYsIlUxuEdPKmhxUwk4YuVs-P_Mq_76iF-MjsB3qs0GAagtnv-zTDjygA1MLZAaD3moRCps_OrsMtCq5P60E5KvvrUGJ6kEhBuI_ZI2oCRc0Tqfupuax0Assih-UQVsbj_4S5lX735hlKSDR_oyNC2mrNSADWpDcyX65Txk7O9hUtyq0K_AbsBPOiBnAryZ-Oc4x_ckVYeKI4C3eH904vJxypN7cUqqf2ztsjNOeCXCw8g9LPEQe7ieudiAqn-JZYNi4ZfN7dpXgYzXTdnbS1CV2P9uWqQannWrUKdc8WTKriVYwe6AiyTvrDmqe5oP9W6MH6jw0Yo4ZxaRYc9tjRkkvjUgXj_6gk84xDFgdp9cNRuSBZREvhZ4wkgiqiSyhJzGmBrZZWqaWgak1_PJCHn2Sy8iddrWTNTe863FhXgWOpW5wDCiPnnLra4aXg72WlhJdRCkGl5hIqUl2fk1iykWH68xGombKSL6Y8hjj1af2zw2yKXpG5Is05M44XV4ToVDxRYUmpmL2sEzAAM4UPsv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbq5FNIpaY_2cH_6VvPIP9OegyAfJntKxXPWdmPdwwI23ARABIABglcKmgrAHggEXY2EtcHViLTQwNjI4NjY5OTIxNjc0MjHIAQmpAvV6_-v_17A-qAMBqgTqAU_QJvGMAaHaOrX_MCy1CkmDs4EFbjnAKUL2XKGjqjJkr016_qd2i-SeCZ4U-Nvaqydp6Mi6txggHo7jIrrAx1fK_rYIV1bfWbThNr-yoQjnnXAiMntBV82Taf9ATJjGOQ2b7EoJf2WjX8aWnwPdwiKptk9W8byH1SkTW0Ru5J0YyGxyzLAa8F38tosNAtBERqya6RnfupzJS9Mj9zcDUuS0BSa8_b7eF9zHGJu9MZwSFpeSk1e5zeR8MmYrBC699ZNN0W3NnaoMjIv6baeV9BqSgIsypkhmlPiCB54pnmRwwVE8yNTL2eI0W4AGir7AjffhgIVuoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3dKJ4Jl4_brvtzd8F28o9NbouZIw%26client%3Dca-pub-4062866992167421%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5A2A 2 KB
1 KB 72ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5A2A 308 B
637 B 65ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5A2A 293 B
621 B 65ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 5A2A 43 B
348 B 205ms
22ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=e1LFZCQO0amY0n8kDRlZP41fk5dfsNHRKUuyZo_LAPJM697gGfzVFQnNVjjaMeDbXFx8KZP0MUJdln6B0PajZfN9w3ir1RbaNtQKJ_N-oic0HhhwrZtHH-to7UeF7bBeU2h7yRTCmbUKEY9HGdhj53WWZpPdPF2Zn9pMag98lsmHBZOK66vkdaT70zn8gzzrTAvm3SOEpNSV_lbYTDaMMzfJI8it5CZw59r-UMKzPWSmkFcuY_Py68ix_JWE2l6_t95zNQALPaNXvsKMW63RTZYzv6gMpp04Bha36MX54xu1QM--rdnU1dKH779UZzICNfmf1w5JTzZUy4mTH8aMKiVFge4LhY53LcXsSR2j1xq7XS3ABQ9PclYm-EjZhG8xVNPXF-jQyA_vYEyKRdrZyUZjDxmaXwcfBx788P_6HyiOFCh_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1733267
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5A2A 12 KB
6 KB 56ms
21ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5A2A 4 KB
4 KB 124ms
50ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=71093&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F69968%2F200319%2F70a5634dc08c484a92b4a51841bcf0ce_unitednudelogo.png&v=3&w=196&s=q4mPnmJwT23d348B47j0VEI2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5a1a8253fdc9653996614a8f70e40ef32ffad24fe68dd23ac39695ad85b816b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29181387
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4086
expires: Sat, 30 Sep 2023 07:36:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5A2A 203 KB
203 KB 99ms
25ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=71093&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F71093%2F210512%2F731e938bd7734096bb739b3b097cfcee_img_square_1.png&v=3&w=1200&s=GETpMB38C33hfNtfN3rbVi5g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ccd1eb4643bd5ac3e9c5279a93b67ddb2260c5bf40522eec5555919ae784cdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30731623
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 207692
expires: Wed, 18 Oct 2023 06:13:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5A2A 8 KB
9 KB 124ms
51ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fgrip-nomad-mid-vienna-outside.jpg%3Fv%3D1661877152&v=3&w=400&s=9ICoB1eze5uh1_WyAq5Q1pne&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a0444c453c1b24834f4587805ad77555d2cb2ae56096999bf898f6d643d3fa90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29860942
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8564
expires: Sun, 08 Oct 2023 04:22:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5A2A 7 KB
8 KB 87ms
14ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fgrip-nomad-mid-portland-angle-out.jpg%3Fv%3D1661877152&v=3&w=400&s=IcJnhoG2MGIuo2UGd_1LiJtB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

69dece5023c084e79b9d1acdc24be885814edff35d67b3526b1fee6527ad452e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29209386
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7542
expires: Sat, 30 Sep 2023 15:23:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5A2A 0
128 B 134ms
15ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=sRRj4cQ98AuVCVpjVXeUHYGkEvl3Q_KpMMgu1DAvt5D8QZwIVEyCwbKMHmoxonk4NCqXM_mcTsw3IX0DVbROsi64efhT_gcGNpQHzjM-TgHt02DhknJ8iq2JRmBpGPhFP3kGA0s1x_8ziVr1lDJtwc9IDNHqU3EO58MY1zsg0EzNVFvu3s7ZlGhBRGcf56Ps14CSCaOAdW7Z1QULGNjt1P1QGWRs4aulFce_3rsmiSkE2ZICgSgoinaaLfiB0yGd8yv7CQ&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Oct 2022 13:40:05 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5A2A 2 KB
1 KB 43ms
27ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5A2A 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 44FB 2 KB
1 KB 38ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1qKNAAHn8cE0bL5AA0f7Hq6qYdhakTXYudaqA&u=%7C6sF%2FG4i0GeSBH30qS7NvrINP%2FfecEIgDgpqJPLkBFF8%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9XFx-HjBMFKmFhVHyCnurmqOJWaJUmgrOReUXb-oYayYfMEWvUCxmvgLxadY202kkUFpmdEU8nzbnC8Yaq-McvZBy-_C5CObpUfYa6I05p96DBZDQ13VTaNdPKjUxpkx7fRcBe00yMwEWRC-4YnLBlduoKJIPXA3t5QC51VpycnJitwF2zu_5KPcuKSi9MuYP8QxGI0ODZ9Bixs3bstgt2Jva56u7as6S61gGpsbDrwLB9l5sOT86zYXy7V3qji01CPPe0mRc703_Ja9jraoAb-f9RseJfYzxoS8BECf191kvrtnV0XtXWecSRVqt1vbOL9Satqbv4veQD0cDSPo3D_u4N3p4iDCSdqUQmZRx0XLbfxrxtvuu8dBSDx9FgxALWcJrPImhVUyHY8gCtYJQbaDz4lirumshXY6XxihUGcCxK0XH-JoIkfFCNGhQUb8gxuR9xTHsdLE67lUF4YvBFD_pzMNzRB58wOnC3F486EpUYQ6T23S8VDDrVU2r8Vc9pzaAUQUhBdgHnYS2jeBFiub1r4VLqpdl6xvFboNBv4vvmvrNExvcEU1KCMD_Ctw3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeiNINIpaY8e_HvnlxtYP7L-0iAzJntKxXLWY49aTAcCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi00MDYyODY2OTkyMTY3NDIxyAEJqQJSfh4lauKwPqgDAaoE6gFP0E2bBBobTDjaDAu4JZsH9HuJyAFlmltWvsvwmtxCIFEnTP38mm0fLL07cPTeE4fvqMHDne5-a82bzE93_3K4-KoKAjLhlm_RSMBELaYfGPUKDsLX04BJ3irCsLGsqq7b2L9ffBXHwmYLiXRbAw-RoMDODwh3ndi8c5-Aa2HzAKJvvCfQg1GpXxcKaaZWa3nL7FMz6894vVYV8hjKD26EfuP1-ZLHluGProVTebQQtjnBJUkUiOO0V9FzdZ8lOwAsqpC2jtr-ey670N1Q169QSP9MfioaWIdYcl5oKG1DiIJ_zCpj_vDZZceABoq-wI334YCFbqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0t6QpFJ_U3oSLKf1BX61gwWZpy3Q%26client%3Dca-pub-4062866992167421%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 44FB 2 KB
1 KB 35ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 44FB 308 B
636 B 22ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 44FB 293 B
621 B 34ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 44FB 43 B
347 B 162ms
23ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=d9Ay5iQO0amY0n8kDRlZP41fk5daBAm_NNo1Ogk9ErCtYeZ2RSIDtgg4ZgnBKB0On4pDQgUoXOMv14sKArTxvXGcgIf825FqAgN5MVHhtMzBKvJ4Hi1tFdrfTeWYXfzsA42_Ll9FyWbLhwYIcLbCDO_ODfFxosU3PsIQro5EATsJyYnEPRpgU498zKAFn7bYzZOOMf0_XxENdKjKMXJ3oJIsnxPvcKmWojDnLRb-mVrxD2ej6WWc2c6EzGltYNd3NZWQyx4quMVUAbEx7pbp0cWn9orTcrolwggdzhdq-9mc4lZkhALBLgjrWGt3VILiUhhIJY27LWX2O14mbz5f4iOZTBDl2FDq2Jj7XQc--Z6S360MimzM-zXk71dTA7a87ryEVXM2jFFf6dIOWzPQf3bDMxdq04RsfNsTFd7uNon-n6mp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3509446
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 44FB 12 KB
6 KB 34ms
34ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 44FB 4 KB
4 KB 85ms
53ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5a1a8253fdc9653996614a8f70e40ef32ffad24fe68dd23ac39695ad85b816b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29181387
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4086
expires: Sat, 30 Sep 2023 07:36:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 44FB 203 KB
203 KB 86ms
53ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ccd1eb4643bd5ac3e9c5279a93b67ddb2260c5bf40522eec5555919ae784cdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30731623
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 207692
expires: Wed, 18 Oct 2023 06:13:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 44FB 8 KB
9 KB 83ms
50ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a0444c453c1b24834f4587805ad77555d2cb2ae56096999bf898f6d643d3fa90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29860942
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8564
expires: Sun, 08 Oct 2023 04:22:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 44FB 6 KB
6 KB 86ms
54ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fko-mid-natural-1-outside.jpg%3Fv%3D1645134333&v=3&w=400&s=9EzZcIc0CagaRF9EgGJ8PmtC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e17d22c941eed01ca1a6a1d67cb028e4f7030a313fb1925ee3c25bb743b400c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28848771
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5960
expires: Tue, 26 Sep 2023 11:12:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 44FB 2 KB
2 KB 92ms
60ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=71093&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0282%2F5394%2F5987%2Fproducts%2Fwa-long-boot-lo-gargoyle-outside.jpg%3Fv%3D1659401975&v=3&w=400&s=sGWcWy_W04B04zl2afe2R4N1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d49d3cff930d3a90432477f8fb875d17680761c3012ad9278d837258064a5f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30098697
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2138
expires: Tue, 10 Oct 2023 22:25:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 44FB 0
127 B 94ms
16ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=FOBEDsQ98AuVCVpjdWVyHD4-KdxoiyGJAZSKU0dLMFOaWlyn8qRtQOQ1tip-b0ttCiO03Wqqg3F8pzPK1pS2cXrkqqwMxk7-MMGJYBz9n4K9IghNp6edkPwr1anUQDyQCCZCX2XRuewW4fqE-zE7zR19Nx6Ry6nYlsFkVHpjbEhdLMU7LuT80DzTwep5RPDf47hn0sJs2jJM-0uyaJMNR906AakEfE_hx_ipSz2J37kxtFVo8hK-zTGqByb46ysopeerxg&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 44FB 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 44FB 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Oct 2023 13:40:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5A2A 4 KB
4 KB 25ms
24ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5a1a8253fdc9653996614a8f70e40ef32ffad24fe68dd23ac39695ad85b816b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29181387
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4086
expires: Sat, 30 Sep 2023 07:36:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 44FB 4 KB
4 KB 23ms
23ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5a1a8253fdc9653996614a8f70e40ef32ffad24fe68dd23ac39695ad85b816b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29181387
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4086
expires: Sat, 30 Sep 2023 07:36:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5A2A 203 KB
203 KB 15ms
14ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ccd1eb4643bd5ac3e9c5279a93b67ddb2260c5bf40522eec5555919ae784cdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30731623
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 207692
expires: Wed, 18 Oct 2023 06:13:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 44FB 203 KB
203 KB 15ms
14ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ccd1eb4643bd5ac3e9c5279a93b67ddb2260c5bf40522eec5555919ae784cdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30731623
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 207692
expires: Wed, 18 Oct 2023 06:13:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 57ms
28ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221025&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dac0038ed60da6ee073fdf127d815e3404262b8d0d74642c0281d5d18aa4d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 703ms
672ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:40:06 GMT

GET
H3 200 container.html Show response
7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7491 6 KB
3 KB 164ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Fri, 27 Oct 2023 13:40:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 7491 4 KB
621 B 59ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 13:30:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 13:40:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 7491 2 KB
765 B 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:55:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7491 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy-tRNYpaY_3wAc_Ix_AP6MWzkAvcxbaDacrVg5jTDI3WhZmAHBABIKqAwyJglcKmgrAHoAGwuqHXA8gBCakCTp_qZYPosD7gAgCoAwHIA8sEqgSQAk_QpAnrhlNQeNCrbO6shuggvlT2voDZa4-JPo6oBagKcogDblBhj-W5OEIoMvDSryR2yODwD7OObgD_iSFBjJ8gmqHpxNV1NlfkO6qbLPzaI0fOBKxpEuLzQadjWPtqfxAKYnqsex2PCYqWaOk9RP_3014DJFvC8DFaa4bpSg9EtHi7WPl9Rynj1wyK2PDsdmFcYb3y8j2vwXDRbpO4VW348jk7x3er5nWA2biK_-FnxKecKF_SrS88N8Q_1mIyR9VkSCsUZ5dPicohq1sezOq1YDyumWZmuSGrVMZQoAPp5xoi0UC6cmcx37zl9tpISQxZptux93D0tx9e2KEOQFY4gUitoBcpVjSoszqdHc1NwAS5q_3kogPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDa3wrSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAdgTDIgUAtAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=l2TMvuYlWwc&uach_m=[UACH]&template_id=494
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 7491 23 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:12:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 7491 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 7491 17 KB
7 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7491 0
0 70ms
21ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3dI9qV_J5TOaP2OsNc-7uCNS6ksNSss9zrS16Br2Ge4F3caQauCKQJVA3rRkseQrQE6oJyS8PId8xxIbIUnnpCGU5nw
Requested by: Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7491 152 KB
46 KB 74ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:40:05 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 7491 33 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
DATA 200
OK truncated
/ Frame 7491 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 7491
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

22ms
22ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 09:38:45 GMT
x-content-type-options: nosniff
age: 100880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 09:38:45 GMT

Redirect headers

date: Thu, 27 Oct 2022 08:06:41 GMT
x-content-type-options: nosniff
server: cafe
age: 20004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 08:06:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DF66 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 11:23:52 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 11:23:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7491 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96344796f92cef0783c7bdca9c1f6f4c1ad38458f5bf79aac97dba5a8031b1e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF66
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBz42jCiVLDsBu6UvWG-RcE&google_cver=1&google_push=AZmPxg-GjqSkS_7Is-knssaxAet47PF3BkyoBG6qsxXyoqVy3U6I2NLNLG1JPHFZS8MzmtF08O7bDhER7BQ5e3fyodgoMn_GdI2dXw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=401C09204EE3429DBB7CBA011CB40473&google_push=AZmPxg-GjqSkS_7Is-knssaxAet47PF3BkyoBG6qsxXyoqVy3U6I2NLNLG1JPHFZS8MzmtF08O7bDhER7BQ5e3f...

170 B
329 B

26ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=401C09204EE3429DBB7CBA011CB40473&google_push=AZmPxg-GjqSkS_7Is-knssaxAet47PF3BkyoBG6qsxXyoqVy3U6I2NLNLG1JPHFZS8MzmtF08O7bDhER7BQ5e3fyodgoMn_GdI2dXw

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Oct 2022 13:40:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=401C09204EE3429DBB7CBA011CB40473&google_push=AZmPxg-GjqSkS_7Is-knssaxAet47PF3BkyoBG6qsxXyoqVy3U6I2NLNLG1JPHFZS8MzmtF08O7bDhER7BQ5e3fyodgoMn_GdI2dXw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 26 Oct 2022 13:40:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF66
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHIL9pxch4gqo6VBW91QvPU&google_cver=1&google_push=AZmPxg8UqngBLavc1zo3ZextifFi240HJk2ovTL482DkCQXN8U54cikrP9f2lj_IAFzDT4Qs3ViI4IrT0Li7YYZ...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Cwm4cIItSh5sKkaoI0zS1CU6OvY&google_push=AZmPxg8UqngBLavc1zo3ZextifFi240HJk2ovTL482DkCQXN8U54cikrP9f2lj_IAFzDT4Qs3ViI4IrT0Li7YY...

170 B
188 B

25ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Cwm4cIItSh5sKkaoI0zS1CU6OvY&google_push=AZmPxg8UqngBLavc1zo3ZextifFi240HJk2ovTL482DkCQXN8U54cikrP9f2lj_IAFzDT4Qs3ViI4IrT0Li7YYZjVZHUxy25dm46wg

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Cwm4cIItSh5sKkaoI0zS1CU6OvY&google_push=AZmPxg8UqngBLavc1zo3ZextifFi240HJk2ovTL482DkCQXN8U54cikrP9f2lj_IAFzDT4Qs3ViI4IrT0Li7YYZjVZHUxy25dm46wg
Date: Thu, 27 Oct 2022 13:40:06 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF66
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL-gLAkFCraNeK6cfR0agmg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL-gLAkFCraNeK6cfR0agmg&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL-gLAkFCraNeK6cfR0agmg&google_hm=Y1qKNZgno9rJtm8CEJhdfgAAFDQAAAAB&google_nid=index&google_push=AZmPxg_mlF-oV2TT8j-dOaLAMtfmny8yBPnE8...

170 B
188 B

65ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL-gLAkFCraNeK6cfR0agmg&google_hm=Y1qKNZgno9rJtm8CEJhdfgAAFDQAAAAB&google_nid=index&google_push=AZmPxg_mlF-oV2TT8j-dOaLAMtfmny8yBPnE8RMMGGHdJAGyda1ogEqAmg2n_4D7FijB78QY3ltnFqmZEMcmETSpf4B8Axg6_kh_Gg

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL-gLAkFCraNeK6cfR0agmg&google_hm=Y1qKNZgno9rJtm8CEJhdfgAAFDQAAAAB&google_nid=index&google_push=AZmPxg_mlF-oV2TT8j-dOaLAMtfmny8yBPnE8RMMGGHdJAGyda1ogEqAmg2n_4D7FijB78QY3ltnFqmZEMcmETSpf4B8Axg6_kh_Gg
cache-control: no-cache
cf-ray: 760bd770aa0dbbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame DF66 0
498 B 400ms
97ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg-5a8VWtbngteIAI2Z_3ImOx6OaisC2w2CoXtrOM9uSivS9R3MBprmIuX_TfMW0WFlGqHBaAAHI1tEpTydSZzbFiClCqA5U%26google_hm%3D%5BUID%5D&google_gid=CAESEL-4vKu1KCmtPcQ4Uz1ux8o&google_cver=1

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 13:40:06 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-20
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF66
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg9Kt3bhaTDMACwHt165Ba3Q7ADq-mOcXmLCfZG-HHDtBU_Yzj8TSi8yv05upyFYC5csugxPcAUPz2msHg53-duT8sLKXJ5i&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-16eb4e11-30c5-4a53-91a7-902537fdcc3f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg9Kt3bhaTDMACwHt165B...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9Kt3bhaTDMACwHt165Ba3Q7ADq-mOcXmLCfZG-HHDtBU_Yzj8TSi8yv05upyFYC5csugxPcAUPz2msHg53-duT8sLKXJ5i&google_hm=AxbrThEwxUpTkaeQJTf9zD8

170 B
188 B

65ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9Kt3bhaTDMACwHt165Ba3Q7ADq-mOcXmLCfZG-HHDtBU_Yzj8TSi8yv05upyFYC5csugxPcAUPz2msHg53-duT8sLKXJ5i&google_hm=AxbrThEwxUpTkaeQJTf9zD8

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg9Kt3bhaTDMACwHt165Ba3Q7ADq-mOcXmLCfZG-HHDtBU_Yzj8TSi8yv05upyFYC5csugxPcAUPz2msHg53-duT8sLKXJ5i&google_hm=AxbrThEwxUpTkaeQJTf9zD8
date: Thu, 27 Oct 2022 13:40:05 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX16eb4e1130c54a5391a7902537fdcc3f003
content-type: text/html

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame DF66 0
35 B 57ms
10ms Image
text/plain 52.28.129.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEOIW4ucYIPCpeMp3P9D1RqE&google_cver=1&google_push=AZmPxg_mLWZdsU4CESKqVZ0ayiXnNp73UIm_y7YlolJ7uSAYKLbAGODeWb-ou6ICfzakHhHbYAT_0__2gVfUaDQPwEIMs9GPrc2FNVU
Requested by: Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.129.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-129-28.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF66
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg9FzNC_vNwd_z657vkYyeCbd3y_JY5kb0Ou...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=AZmPxg9FzNC_vNwd_z657vkYyeCbd3y_JY...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e4724b52-d479-4d77-b6ad-448262d613da&&google_push=AZmPxg9FzNC_vNwd_z657vkYyeCbd3y_JY5kb0OumdLKEImaCBeQIgJtRagDraZ5mKexl0fgJJ...

170 B
188 B

56ms
35ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e4724b52-d479-4d77-b6ad-448262d613da&&google_push=AZmPxg9FzNC_vNwd_z657vkYyeCbd3y_JY5kb0OumdLKEImaCBeQIgJtRagDraZ5mKexl0fgJJPIsu1l_mWzrAsCdDS9cPKohfv1gQ0

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=e4724b52-d479-4d77-b6ad-448262d613da&&google_push=AZmPxg9FzNC_vNwd_z657vkYyeCbd3y_JY5kb0OumdLKEImaCBeQIgJtRagDraZ5mKexl0fgJJPIsu1l_mWzrAsCdDS9cPKohfv1gQ0
Date: Thu, 27 Oct 2022 13:40:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DF66 0
223 B 101ms
24ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYpAAuPIm7g37auE-O15B06D6Eljaw-hv65DDzEsFzWANdqi5JLQLoOO-wBIC4XsM-LHxu6pI

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7491 16 KB
16 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 261840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 12:56:05 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 54F1 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:40:42 GMT

GET
H3 200 container.html Show response
7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4012 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:04 GMT
expires: Fri, 27 Oct 2023 13:40:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 4012 3 KB
601 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 13:34:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 13:40:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 4012 2 KB
765 B 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:55:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4012 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZJM2NYpaY6iQG87igAffiZqQC_yNgr9spLe-oYkQ5ub_q5wyEAEgqoDDImCVwqaCsAegAfC9xvYDyAEJqQL1ev_r_9ewPuACAKgDAcgDywSqBJICT9AG-q4CotMQkjdN8AGH_ClkC_Kzkt1ViHPUfuEt65IIwk8gk3cdwfbL1txrZKs8Nz0yy62lWQmgC487bd5RC1wG01ixwI1AJF-mBEk0thdsWl29LDamzuH7If8VTLvIMwLD3doFlqmi4bfFIJHiK4QNuIJxhhRqvljshkV1SFhkFh_fjPqGI05BfvfIl0aEJIcRAG-4hMT7sWslGgOIG53RRc_YogDv1pYN0CJl1YoUr_0X8oq7IA1TKOP5tq1g7yclUXPkvI3bHHON9tR5THbf4dt-y6o3DVhOhHZx2YL1QjUGZY6nwAlx1u59QJbmrxCxpLzoLebgBV3Z1MX5u_bG4ve4xAOB8xqYkv2QxDEBW8AEr67Q0YsE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_jBuQmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQrukG0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgPICwHYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=qA7fF1chljc&uach_m=[UACH]&template_id=494
Requested by: Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/ Frame 4012 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/abg_lite_fy2021.js

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 21:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 21:12:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 4012 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:37:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 10:37:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame 4012 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 14:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Nov 2022 14:50:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4012 0
0 29ms
28ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuhw6LdgQj09v4ss4TX6WAMqJG1vcYtA--apypFsf8MF1-PgsV-NHKkyrfAzHEabYk3GZlYJrg_e3kc3zIDr5hlNf-Mg
Requested by: Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4012 152 KB
46 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666784471914692"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 13:40:05 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 4012 33 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 06:50:44 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4012 14 KB
14 KB 72ms
19ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS3HT5BvnGcsILyDkX4_Yl6VAzBT-YS2ybxPzVkTabn3GhfKCm9VdUebRrDO74&usqp=CAI

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d94a9c7e4a5cfad4bc6bd7d2f85aaae12f2a78eac191374c89ff5a0301e27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 17:27:32 GMT
x-content-type-options: nosniff
age: 245554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13918
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 23:52:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 24 Oct 2023 17:27:32 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4012 14 KB
15 KB 107ms
27ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTpTmjWe3yWrNHu5-Da1s1Fgr0VPGdE9MtTjEMcAkUajzCgzzOtQ-OsNDIznQ&usqp=CAI

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39b8f0adeba6e06add4837f7e2bb140c904c98b22bb10f9b34b1376f24b58c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:14:26 GMT
x-content-type-options: nosniff
age: 195940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14512
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 16:38:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 25 Oct 2023 07:14:26 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4012 21 KB
22 KB 66ms
18ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSS1ubIeE7nmAUTyRFnB6HLDCOPy5WEENAJmp5LlHF4j9XAZ-H5Egnavp5ZCQ&usqp=CAI

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264ffe9589d2f8b8a16da8fac1a4a5a7286c6bb57173ae506ed7a437433601d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 09:15:46 GMT
x-content-type-options: nosniff
age: 361460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21968
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 05:08:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 23 Oct 2023 09:15:46 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 4012 8 KB
9 KB 86ms
15ms Image
image/png 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTPz8vhUgVWs0PKqhxKeDqCxc8JlYQOtxdaH-CVfl0Al4LkpdA&usqp=CAI

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721f4c021d879982d666e9b40589730f3174cea763c7641e1c9555b299944cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 09:15:52 GMT
x-content-type-options: nosniff
age: 534254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8345
x-xss-protection: 0
last-modified: Wed, 10 Jul 2019 09:48:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 21 Oct 2023 09:15:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EAA8 1 KB
643 B 20ms
14ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 11:23:52 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 11:23:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4012 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85e009cef3636e7fae88a72c78801fb15055bfc806757929b890e623f26b51dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEM0BUxGm28QKFVar31YJoso&google_cver=1&google_push=AZmPxg-B9ZKQglIzfkbIhP6zv7G_lYuqCEYqY9MR2neOTeMMbherz6SlQn1JKRIlqv1_G__dkaxxiz8qsYxxSeRT...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-B9ZKQglIzfkbIhP6zv7G_lYuqCEYqY9MR2neOTeMMbherz6SlQn1JKRIlqv1_G__dkaxxiz8qsYxxSeRTfT6FfDVMlmo

170 B
188 B

24ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-B9ZKQglIzfkbIhP6zv7G_lYuqCEYqY9MR2neOTeMMbherz6SlQn1JKRIlqv1_G__dkaxxiz8qsYxxSeRTfT6FfDVMlmo

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 Oct 2022 13:40:06 GMT
Server: MT3 4539 98cc2da master zrh-pixel-x31 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-B9ZKQglIzfkbIhP6zv7G_lYuqCEYqY9MR2neOTeMMbherz6SlQn1JKRIlqv1_G__dkaxxiz8qsYxxSeRTfT6FfDVMlmo
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 Oct 2022 13:40:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA8
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESED1TlDh08Yb7_a8LGgzrIyE&google_cver=1&google_push=AZmPxg_bTwx_W9yajf6dW1f60YjCami4Jjib9xe0ZaZTDOfjd1fwBwueh52xl60VLct3V-bhQpJM-X8YmvR...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg_bTwx_W9yajf6dW1f60YjCami4Jjib9xe0ZaZTDOfjd1fwBwueh52xl60VLct3V-bhQpJM-X8YmvRDEwJkbrQ6osLdO-0-

170 B
188 B

27ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg_bTwx_W9yajf6dW1f60YjCami4Jjib9xe0ZaZTDOfjd1fwBwueh52xl60VLct3V-bhQpJM-X8YmvRDEwJkbrQ6osLdO-0-

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AZmPxg_bTwx_W9yajf6dW1f60YjCami4Jjib9xe0ZaZTDOfjd1fwBwueh52xl60VLct3V-bhQpJM-X8YmvRDEwJkbrQ6osLdO-0-
Date: Thu, 27 Oct 2022 13:40:06 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGDC8yg9DizE3ujystaJuLk&google_cver=1&google_push=AZmPxg-OFiKc_zxER6bzqC0STdhY56HrB5Mrj-IqBnQwfcI3CcVI-lynzRuS0gwhUI07bp5A_YaZyFuS0UGh5-we2RboSa5...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-OFiKc_zxER6bzqC0STdhY56HrB5Mrj-IqBnQwfcI3CcVI-lynzRuS0gwhUI07bp5A_YaZyFuS0UGh5-we2RboSa517QA&google_hm=NzU3NjQzNjY4ODAyNjI3MDI...

170 B
188 B

41ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-OFiKc_zxER6bzqC0STdhY56HrB5Mrj-IqBnQwfcI3CcVI-lynzRuS0gwhUI07bp5A_YaZyFuS0UGh5-we2RboSa517QA&google_hm=NzU3NjQzNjY4ODAyNjI3MDI1Mw%3D%3D

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Oct 2022 13:40:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-OFiKc_zxER6bzqC0STdhY56HrB5Mrj-IqBnQwfcI3CcVI-lynzRuS0gwhUI07bp5A_YaZyFuS0UGh5-we2RboSa517QA&google_hm=NzU3NjQzNjY4ODAyNjI3MDI1Mw%3D%3D
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA8
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKME-oFNNXi3nDRMqBTOKwQ&google_cver=1&google_push=AZmPxg9AzfBSxilvkFwSAIxZVVDY_rVVMFIoNw3v3QZo9FqOrIbc2TEPXpNR9xecauKuGK2ZF15OZ-9YtK9iTjS1...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9AzfBSxilvkFwSAIxZVVDY_rVVMFIoNw3v3QZo9FqOrIbc2TEPXpNR9xecauKuGK2ZF15OZ-9YtK9iTjS1QX_gYDTFMelz

170 B
188 B

27ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9AzfBSxilvkFwSAIxZVVDY_rVVMFIoNw3v3QZo9FqOrIbc2TEPXpNR9xecauKuGK2ZF15OZ-9YtK9iTjS1QX_gYDTFMelz

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Oct 2022 13:40:06 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg9AzfBSxilvkFwSAIxZVVDY_rVVMFIoNw3v3QZo9FqOrIbc2TEPXpNR9xecauKuGK2ZF15OZ-9YtK9iTjS1QX_gYDTFMelz
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: sEcu6dBkzeyAc2ZgItGkpq8KpHxoGNbhCRHjEiPj2UbPcBWNHqzb-A==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA8
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI5c3ODuMnEpXzn2P1jdqMU&google_cver=1&google_push=AZmPxg82W8nk4JGPWZrqjSGJzWMQeLbn8L8BtlNuKdTkWpWKN4QfoXyFWftZhm09FJLOiBnx_WJt_VZvW3US...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg82W8nk4JGPWZrqjSGJzWMQeLbn8L8BtlNuKdTkWpWKN4QfoXyFWftZhm09FJLOiBnx_WJt_VZvW3USsZIgdWA3mu8bWiQ

170 B
188 B

27ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg82W8nk4JGPWZrqjSGJzWMQeLbn8L8BtlNuKdTkWpWKN4QfoXyFWftZhm09FJLOiBnx_WJt_VZvW3USsZIgdWA3mu8bWiQ

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg82W8nk4JGPWZrqjSGJzWMQeLbn8L8BtlNuKdTkWpWKN4QfoXyFWftZhm09FJLOiBnx_WJt_VZvW3USsZIgdWA3mu8bWiQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA8
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.targeting.unrulymedia.com/csync/RX-16eb4e11-30c5-4a53-91a7-902537fdcc3f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8LQrkPYB3dk76C6NCrd...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8LQrkPYB3dk76C6NCrdmoFtHCxUcOuTVelPPO2OAGWb4Qr0K4BwzDSHv9vJ0jwWdvAijTJJ15aWWK5Oks6sX5BiO_Zag8&google_hm=AxbrThEwxUpTkaeQJTf9zD8

170 B
188 B

27ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8LQrkPYB3dk76C6NCrdmoFtHCxUcOuTVelPPO2OAGWb4Qr0K4BwzDSHv9vJ0jwWdvAijTJJ15aWWK5Oks6sX5BiO_Zag8&google_hm=AxbrThEwxUpTkaeQJTf9zD8

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8LQrkPYB3dk76C6NCrdmoFtHCxUcOuTVelPPO2OAGWb4Qr0K4BwzDSHv9vJ0jwWdvAijTJJ15aWWK5Oks6sX5BiO_Zag8&google_hm=AxbrThEwxUpTkaeQJTf9zD8
date: Thu, 27 Oct 2022 13:40:06 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX16eb4e1130c54a5391a7902537fdcc3f003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA8
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFtaXWBX_6TGLpjZ0SEiITU&google_cver=1&google_push=AZmPxg8HXjjaCjhNfSlajkpmuy9FZyJliHFF_-81HmRWgRsZT1yqnW6tc3i4Rjaoz1oUDgEZs4SWrGZb2nNCj0T30s0fuqzp8Kkb
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg8HXjjaCjhNfSlajkpmuy9FZyJliHFF_-81HmRWgRsZT1yqnW6tc3i4Rjaoz1oUDgEZs4SWrGZb2nNCj0T30s0fuqzp8Kk...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg5MTI2ODMyMjE3NTI4NzIwNzIyOQ%3D%3D&google_push=AZmPxg8HXjjaCjhNfSlajkpmuy9FZyJliHFF_-81HmRWgRsZT1yqnW6t...

170 B
188 B

28ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg5MTI2ODMyMjE3NTI4NzIwNzIyOQ%3D%3D&google_push=AZmPxg8HXjjaCjhNfSlajkpmuy9FZyJliHFF_-81HmRWgRsZT1yqnW6tc3i4Rjaoz1oUDgEZs4SWrGZb2nNCj0T30s0fuqzp8Kkb

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTg5MTI2ODMyMjE3NTI4NzIwNzIyOQ%3D%3D&google_push=AZmPxg8HXjjaCjhNfSlajkpmuy9FZyJliHFF_-81HmRWgRsZT1yqnW6tc3i4Rjaoz1oUDgEZs4SWrGZb2nNCj0T30s0fuqzp8Kkb
date: Thu, 27 Oct 2022 13:40:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EAA8 0
12 B 25ms
24ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4XEJr0RuBI950fkd4UBCRrYDoeVaeU6rFJHUFga-jcuXwYRTL0uhzCXTumc9yyEWPUNxC

Requested by

Host: 7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
URL: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DF1 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:34:37 GMT
expires: Fri, 27 Oct 2023 13:34:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FC5B 783 B
536 B 31ms
30ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af146be5b6b6ce9fe5ba3924017b25c7f3e8c13578cbd049742f12b693c630fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Z5fq7v8O3CCmVBE38SArw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bg.graphistik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-2Z5fq7v8O3CCmVBE38SArw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:40:06 GMT
expires: Thu, 27 Oct 2022 13:40:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4012 21 KB
21 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 21:03:58 GMT
x-content-type-options: nosniff
age: 146168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 21:03:58 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4012 20 KB
20 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 142038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 22:12:48 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DF1 36 KB
16 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:40:42 GMT

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0ACB 36 KB
16 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: bg.graphistik.com
URL: https://bg.graphistik.com/getting-touch-with-your-needs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 09:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 09:40:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FC5B 0
0 47ms
47ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221025&jk=3958024933254921&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8DF1 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G-DGXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 13:40:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F408 28 B
54 B 32ms
32ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64588dad/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Goog-Request-Time: 1666878006739
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9T8n4cTPNRU?modestbranding=1
X-YouTube-Client-Version: 1.20221025.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt6SHNKOHpLYUpncyi0lOqaBg%3D%3D
X-YouTube-Ad-Signals: dt=1666878004399&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C556%2C311&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 27 Oct 2022 13:40:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 Oct 2022 13:40:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221025&jk=3958024933254921&bg=!vL-lv_vNAAZPh4lnb4c7ACkAdvg8WvPt6w7BKNpjTPxhXDIWfM12U_dGdkuelrv_IGW3F6V0D3AWggIAAADdUgAAAARoAQeZAqfn6LwlBmTXz4iQ0lC5_juNrguoiPGNVDGt2M93L49NPvYGygFkvtfvQGILJTL2_LHINp7fbV00tlBM97jN-z_CXBt7PNO_ATVoQZcSqUzSwxp4WzeO6zJIoKe3dP-FvreRo7PkGSjUKsoa4p6fEV8vRPf18NA0gUdbhkYq85FQnnrBQ27z3rdMPCxzeurNGQu09ZVLs0trQsdtOMvFJsUnTlcvdJzBauzpRWTole-x8Vr76mVRJtPdTSf2fFujr7BdEqzpQK7an2ZW1jD8WKUDoHoHqCrZnOYhWRtm0zl_T6gvlNB-qoijCmm-3f-jALSv3xJtVN1nWV-WgRzYJhQkatgeUc8k3B_fofkKxReYh_G9RIxhp2iQ1UnJLCxkn97wETp1ugKDW_QPRCWJeDNsaN8GtdmXRCIWxaTu9sip7O4XTWqaptIbmjafZpCK95lGM7XETKTsQoqSBFmt4QDAU67wcp7s5PhpMPJfF4Oy84bnbi3HLs5wBJJKNFlY5XBTekM_loktSARq_wBdSma7ENjBGrNh8wSTt0yOoO9noDVh14rktk9NXLnQ4cYu_rcr_dLt8awRNwj_R50G7Fc47Gns9DPBYNJZnFLsGK3NGOzWfnYPdQv5sFUrL4Wbrsqm6179tFm6gYZS9skzeqbQUj972KvPjgXASPaCWxUcJ-_4MnF105SGqtXfEydcy_3RxwHFNwdUvj-yMTxLasWwqC_695uAZIYWnlLWWbCIgzna1Jz9Ir8pD83q8qLFFchYK_p8s3cvnHzOG_yEw0SDAnzVr8oczUkr4enfb3GJ3PqP6hD_bF4lRCisWsSoZFPzh5pLTd0j9_dS_ouZz8xYC4ETdTw6bqIjCK-g57NA3P-hw1a2tfB3kF_KKUCriDuXPA-9tZcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7491 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ04f8oc3DvP-Za9r2pRuXGpKtSuVxovjtlkqD-j-OjxuVKRfVPP7Vbg87BzOyOydIrqbJGUedYH-khn8Kvai4CwMqE_wLbDzk7Wm-0aL0FEydQgLz3pHqjpZXO_PfF2Nf6Vo1LY1crsFPc5gTXZRvKzy2Ir5SWObK&sai=AMfl-YRHgDXbvragvc0kSFkq4MdwGUJcOM_KVyGCvMBGQU5xoLefn-BPEiYbPAjWprv60VI-LVWA37ACuwJPTWxntOmuUi4iy2wGk1s2mBFdqnloTwpMduVAWmNdSZhMo6Y&sig=Cg0ArKJSzIkfrwr2e76lEAE&cid=CAASF-Ro2JBD5rIXRpR-qhiQTyFvtN32ulFF&id=lidar2&mcvt=1001&p=835,250,1135,1000&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1202500967&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666878005518&rpt=329&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4012 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLRFYUt-7YJH8Q8bs0yAzJ3v1nTB_co6R-fPG_bYCfigiKO4anOwvkNB0WBoMa14xdF8NSnOmuMleveo-ZT2fnb7unM3OAnJj3n68qkOZfcyi6NF9us62Gky7tLeSJaUu_CFlyGQ&sai=AMfl-YTLGv3_Ef4bv7IkffMoEsQ_UCHqaYrFzhFp-nyyNyGfhTmB1gicNt73zsj7b-m-FpsJPYKxlGsuPqCrHKjtTx1eL1OCvy8ByPaI0x5rp6mWOnsUXZ7kfEfecJrVkPM&sig=Cg0ArKJSzE4TBttl5malEAE&cid=CAASF-RoLy6OJ1o0z53n_1fuYpRVzY8affFk&id=lidar2&mcvt=1000&p=1100,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221026&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4230804918&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666878005877&rpt=194&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.graphistik.com%2F&domain=bg.graphistik.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=dCO0fnwyWUZxQzZGckM4d29iM1dSc2VuWUkzUG9FallSanFtVnM5N0Z5ZDFJQmw4TzQrN0NRS3lORHJoUWpqUmUzYUtNTVE4dHZhNkV1Tkoyc0x2eGMxeUpmeVpucGs5VWM1M0hUTFk5QVhYNFoyVHkvNWJGN2svYUcxV2...

357 B
644 B

42ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dCO0fnwyWUZxQzZGckM4d29iM1dSc2VuWUkzUG9FallSanFtVnM5N0Z5ZDFJQmw4TzQrN0NRS3lORHJoUWpqUmUzYUtNTVE4dHZhNkV1Tkoyc0x2eGMxeUpmeVpucGs5VWM1M0hUTFk5QVhYNFoyVHkvNWJGN2svYUcxV25EdE4vZ0NFYTJZUytML3QzcTB4QURvMnlSb1FXRGNJQjYrV24rZjRzNmtrUm1TNXBkOGFhMU94UmVYLy81Z2dodU1pOVNNaC9aSHp6eTJ0Y3JaRzdUMmF5MTBYbnUwdVp0ZFZjODNKeHVwOUNKVzRXYndMVHQ3RlNJMU1hTlVRMlJ4RzRQVi9afA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

118d54da2ce5d7ab819701852bc0fbb4416d81d192ec2a463dd0a6e3d77541a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.graphistik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 568548
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 13:40:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=dCO0fnwyWUZxQzZGckM4d29iM1dSc2VuWUkzUG9FallSanFtVnM5N0Z5ZDFJQmw4TzQrN0NRS3lORHJoUWpqUmUzYUtNTVE4dHZhNkV1Tkoyc0x2eGMxeUpmeVpucGs5VWM1M0hUTFk5QVhYNFoyVHkvNWJGN2svYUcxV25EdE4vZ0NFYTJZUytML3QzcTB4QURvMnlSb1FXRGNJQjYrV24rZjRzNmtrUm1TNXBkOGFhMU94UmVYLy81Z2dodU1pOVNNaC9aSHp6eTJ0Y3JaRzdUMmF5MTBYbnUwdVp0ZFZjODNKeHVwOUNKVzRXYndMVHQ3RlNJMU1hTlVRMlJ4RzRQVi9afA&cppv=2
access-control-allow-origin: https://bg.graphistik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 440913
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 49ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.graphistik.com%2F&domain=bg.graphistik.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bg.graphistik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://bg.graphistik.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 27 Oct 2022 13:40:07 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 527740
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 63ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 27 Oct 2022 13:40:07 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 379110
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dr6.biz/	1970-01-20 07:44:30	Name: uuid Value: 879d4e41-9ef8-40bb-9f45-85fd7cb1454d
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: E5zwMNaAj84
.youtube.com/	1970-01-20 11:20:30	Name: VISITOR_INFO1_LIVE Value: zHsJ8zKaJgs
.graphistik.com/	1970-01-20 16:22:54	Name: __gpi Value: UID=0000089439b8d55c:T=1666878004:RT=1666878004:S=ALNI_MaKNsctTsEFr6PErPh7iVdNI_K5IA
bg.graphistik.com/	1970-01-20 07:44:30	Name: _pbjs_userid_consent_data Value: 6683316680106290
.prebid.a-mo.net/	1970-01-20 15:46:54	Name: __amc Value: 1_1666878004_1666878004
.graphistik.com/	1970-01-20 16:22:54	Name: __gads Value: ID=98ed07f076ff4844:T=1666878004:S=ALNI_Mb2dJSZE2plcNA20HnZ8CLgyT5zDQ
.casalemedia.com/	1970-01-20 15:46:54	Name: CMID Value: Y1qKNZgno9rJtm8CEJhdfgAA
.casalemedia.com/	1970-01-20 09:10:54	Name: CMPS Value: 5172
.casalemedia.com/	1970-01-20 09:10:54	Name: CMPRO Value: 5172
.simpli.fi/	1970-01-20 15:48:20	Name: suid Value: 401C09204EE3429DBB7CBA011CB40473
.1rx.io/	1970-01-20 15:46:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-16eb4e11-30c5-4a53-91a7-902537fdcc3f-003%22%7D
.doubleclick.net/	1970-01-20 16:22:54	Name: IDE Value: AHWqTUntLaCdqeIiYtoU3k9Aetx3z5zPI3576Q6NDXcl1JiHQ4h8jmDoqFf7L7O5jIs
.targeting.unrulymedia.com/	1970-01-20 15:46:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-16eb4e11-30c5-4a53-91a7-902537fdcc3f-003%22%7D
.casalemedia.com/	1970-01-20 09:10:54	Name: CMTS Value: 1208
.bidswitch.net/	1970-01-20 15:46:54	Name: tuuid Value: e4724b52-d479-4d77-b6ad-448262d613da
.bidswitch.net/	1970-01-20 15:46:54	Name: c Value: 1666878005
.bidswitch.net/	1970-01-20 15:46:54	Name: tuuid_lu Value: 1666878005
.3lift.com/	1970-01-20 09:10:54	Name: tluid Value: 1891268322175287207229
.adsby.bidtheatre.com/	1970-01-20 07:11:22	Name: __kuid Value: 174b6253-d557-479e-a797-c56e330d4030.436092006
.yahoo.com/	1970-01-20 15:47:15	Name: A3 Value: d=AQABBDaKWmMCEA0uIHF2LLTl8dUZoKQUpuIFEgEBAQHbW2NkYwAAAAAA_eMAAA&S=AQAAApR6s27dqWZN1i8xXeqh47Q
sync.srv.stackadapt.com/	1970-01-20 15:46:54	Name: sa-user-id Value: s%3A0-0b09b870-822d-4a1e-6c2a-46a8234cd2d4.W4B9qgfFZdQS03oyaJcmHUObU7u9ST9AJ2UAxUUbznE
.srv.stackadapt.com/	1970-01-20 15:46:54	Name: sa-user-id-v2 Value: s%3ACwm4cIItSh5sKkaoI0zS1CU6OvY.ELyz00qe20N8oTkOQUAVMGQRh5E5cWKTewTtEcNyMmQ
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8520\|Y1qKO
.mathtag.com/	1970-01-20 16:27:13	Name: uuid Value: 27ec635a-8a36-4500-8b62-e523540ee835
.mathtag.com/	1970-01-20 07:44:30	Name: mt_mop Value: 4:1666878006
bg.graphistik.com/	1970-01-20 16:22:54	Name: cto_bundle Value: PWtMqV9YS0ZXUHE1UHo5RXp4M2pUamt6TmI4Slc1b011TTVCVnh6SVBZJTJCdG5FRDdxNFFBUXdZNVp6dzZGeHlqUU5VUFRxMnFpMmZvdmxZdXE4QjdQVVU5OGN1aUtqSEFTNkY1eURkRnclMkZLRnVxZHZReFhvSUZLRWtpN1hjRjB1JTJCZTFVNg
bg.graphistik.com/	1970-01-20 16:22:54	Name: cto_bidid Value: 7FLpg19ERW1idjRNSnNXQXVmU3pNbmNUbkRXVnp4d3pjUGdzbGllWEE0emIyQmhvelM4MmllJTJGd0F6OW5EMnZZaDNqdVlQVHhqT3NHRUdlaTVUNXclMkZScktXOGclM0QlM0Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062866992167421&output=html&h=280&slotname=8202029583&adk=1860288979&adf=4024887964&pi=t.ma~as.8202029583&w=705&fwrn=4&fwrnh=100&lmt=1666878004&rafmt=1&format=705x280&url=https%3A%2F%2Fbg.graphistik.com%2Fgetting-touch-with-your-needs&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666878004009&bpp=1&bdt=176&idt=348&shv=r20221025&mjsv=m202210180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8440485987196&frm=20&pv=1&ga_vid=75166952.1666878004&ga_sid=1666878004&ga_hid=61390052&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44774648%2C42531705%2C44769305%2C44774652%2C21066429%2C44775017&oid=2&pvsid=3958024933254921&tmod=379091335&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Js6lvdzJcL&p=https%3A//bg.graphistik.com&dtd=354 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7f6b16acb0103193d7792db1791143ec.safeframe.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
adx.adform.net
bg.graphistik.com
cat.fr.eu.criteo.com
cdn.jsdelivr.net
cm.g.doubleclick.net
csm.eu.criteo.net
dr6.biz
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
graphistik.com
gum.criteo.com
i.ytimg.com
ib.adnxs.com
jnn-pa.googleapis.com
match.adsby.bidtheatre.com
match.sharethrough.com
mug.criteo.com
onetag-sys.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r.skimresources.com
rtb.fr.eu.criteo.com
s.ad.smaato.net
s.skimresources.com
script.4dex.io
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.skimresources.com
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.18.19.126
142.250.181.226
147.75.85.234
151.139.128.11
159.65.197.210
178.250.0.160
178.250.2.146
185.177.92.30
185.184.8.90
185.29.132.245
213.19.147.45
2600:9000:21f3:bc00:11:a4de:2580:93a1
2600:9000:223f:fa00:1b:5138:8a40:93a1
2606:4700:20::681a:8a9
2606:4700:3033::ac43:b815
2606:4700::6810:5814
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2016
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a02:2638:1::17
2a02:2638:1::8
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a05:d018:d29:3602:1e36:6736:c41a:e1de
3.127.128.151
34.235.40.219
34.91.62.186
35.190.59.101
35.190.91.160
35.201.67.47
37.157.3.30
37.252.173.27
51.38.120.206
52.28.129.28
69.166.1.10
76.223.111.18
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
01f639fd4c4119503e72e2bf2eb9c8a5984f7c83c7683c82dd0350ee9f63b3fd
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b5922e6f213a15e56c72a5d0ad874ee559cdb07818c788cafa6a14fdbf9c3d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cf57bf741808d9693a8476af4766ea0682df20ad7aca2ae5a3726fd5f534fd7
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
115b3c1a9883b99ee5f309916a15c8c8513e68cd2813479a8ed49c41a747e1f1
118d54da2ce5d7ab819701852bc0fbb4416d81d192ec2a463dd0a6e3d77541a1
14b30a934e36cdfc5301709bf515adc31e060bd7275eb056964cf7d2ed6e7550
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
1779d47eee3d37f8fa3e10bea7a77736b1ed381d331d08b1835e373a942f6e48
17a72ab057cb91804a46bf5295522eb9cbe0402af589a1818771c7e8aeb409a9
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1b5471087dbb57ffc3d70587827a9d5abf09f6828217c94eeb4986e2453228f4
1c354b23d8d007c3e945d655805b9676bef7ac659bb1b650fdd8d8a227fd38e9
1c993254cd63a84c506c7b7a0b5d7d87971d91c3478399774b178b65e37d2c39
1f9871deb2852386fc1f11dcd8f7e76d071efd031366901c16fac4fa82310658
2509266225b4ffb958a903c16f4252867adb989b5b5156d1b9062e18970e264a
264ffe9589d2f8b8a16da8fac1a4a5a7286c6bb57173ae506ed7a437433601d3
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
29994a9eb5932e62c87802b3b690ad6ae91a223aa3b4f4a93959cb54211a1324
2dfe60618c72a8859f6e3ddceab04f2834d4d8f938b76e419bf59ea7504c6af5
30f4afce6fd298cc840c98c170e74c218f9fc1985bec37d0c00b5056f3b3ff2f
35715b0c31a27c526733550af019d9815eeed6c7ac0f629bf3d52d5940ac83b3
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
38e93e2d0130b75caa05136a516c440931b6c3f6a3d65acdae96e00beaabac22
39b8f0adeba6e06add4837f7e2bb140c904c98b22bb10f9b34b1376f24b58c0d
3a798ee773615b1fed3966228ecdf28fbc18315db2d06e67a89e23f44865de58
3c7c17459ec57867f6812625f1b95e2f878363ca728b92a5968d2fc8e60d9712
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
441e881c4c9390b16198285e9b3a705fbfe757db1b24c14ae7ee2af62c289950
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4c91619ce3fbb1027b88729a8250d3c489f78802efade94e57db7eb8593b4783
4d5bc92645660a6749189663c6b9c1b3625d6f6207e6b2e069db3cfe1046ea77
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2f25ebdb5ab38848e09da1f22b8ac40ff4c01f6ab44f4a15944734bb7f4df8
525ba420f42f72699e059e5c20dd3acd591da3d54d70a319b0e360369482dde8
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58aa85ce40075bd53c264e2191bdc7c08fa638281d8527c2b289e8ab496b20df
5a1a8253fdc9653996614a8f70e40ef32ffad24fe68dd23ac39695ad85b816b8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e87d6c017418a7099a9effa65b2a637575844684ab597db0bbfcfb62a46a3a4
6016bd5dfd9120716d82ab36e9d5c868a5757a039289a8e7991c01eee56d8770
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
619854bbaf5b0a7f6e4ea4322b0c10dc6c91ca94bb79ac69ff09954b6f36b032
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638ce63072bd8dc1342082011d95dd73989b1c2439424ac24fa82024a920e3d4
63aea9f3b55e3e96839c90e39390619b879ff87a2a34a007336cbe6c71551b98
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69dece5023c084e79b9d1acdc24be885814edff35d67b3526b1fee6527ad452e
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6c77ad2463a65b07ab16f6b13458b5d6480181fd01b307a1e9602dac63b25329
6dac0038ed60da6ee073fdf127d815e3404262b8d0d74642c0281d5d18aa4d73
71078d9d999c8e8f0e3903d5c84f0feae6d9f3d496f0ecc48f002393e5a337fe
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
721f4c021d879982d666e9b40589730f3174cea763c7641e1c9555b299944cd8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7547ede8d8e0f53e37fa616f0914553f56fe1ee7c97efedf53150b2da87e448d
76220f983ec2e88479da255ea753aac8c9f8f89607c1a30fe1e9709ab601fbc4
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
7d768cd6f3ca3abc77fd4f46b3fd16742855f926f0f253612f4d015f532ddf93
7d93f6e787c6ddda41074d169749f8fcd40f38c17427d3da9b54d008af70c1ff
7df4fcd5d701c5582c994a7a0d674d4765ce7bd90c44fe46409d6fda4837d2fd
7f72d7c846719e7517f1ff16bc203c5eba57e1fe637a0b1d021bb00e76211efc
85e009cef3636e7fae88a72c78801fb15055bfc806757929b890e623f26b51dd
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92a58e5f501c61ccdd74022483b7401255dd19b32909e47fc8063b18f474a59c
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
96344796f92cef0783c7bdca9c1f6f4c1ad38458f5bf79aac97dba5a8031b1e7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
9996702b9882e1d6749cfc4967e3d357880aba3c6496888dd2a04db1ce60e334
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9edd5cde889173f89d4b37eac9bfb6b6124356e0e0e71874e3c8d82163a62511
a0444c453c1b24834f4587805ad77555d2cb2ae56096999bf898f6d643d3fa90
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1454fe864e408060619f5cac9f05f47c84b74564fcdb2b90669ad8124796049
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a315394ef4f9bf1be0bb1f3c89379b73cd6d55f0387881c763fb46bf6098cd2a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab365546f095ce6e728d1a3d9ca5afade77a44e3deb192c8e2be522f793490f8
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af146be5b6b6ce9fe5ba3924017b25c7f3e8c13578cbd049742f12b693c630fe
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b17aa761d485107fbe0dc119b2518d2c70f58b0eff064f78b876ed5865f28ba7
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b3aee14d9bba42b87ad4f31feb241f862eb923d367c519b5fb72bde2455acb53
b44aca1eae3e39ba997248990086d3869b5c11e0b9061db488cc214e12d77b78
b7662ba99a132eafd0b7ccc8c3404c8ae442d97e7e6b73bb3ce0d4f11c28c98c
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
bf1b99bdb1e9ac3f93600da11399d4ef077bf2df73eac462a1eb3a75952ec1e5
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d
c2387fbb3d2f57892f981877d914c0fbda0bdef9c87f5593abaf69c6c3b2faf5
c6129bd3aeb079f5c310d2a9618478ba0d621992c1a5e5ef320917937dc2dbb7
c7fea7b0113ae6fdb085de4fda6c1c5d2920fc700be5fb52142a4d17b09c01f8
cbf07f8ad86e656ef138daeb30c2a73f218df235799ef88c4c52688a8383eb8d
ccd1eb4643bd5ac3e9c5279a93b67ddb2260c5bf40522eec5555919ae784cdfd
d1e153517d0b554200b12533eee9889bdf1c4666db4464e5f000b8ecfc2417a9
d20866ac54b17d2205264f37b531fbb71b6a6425d124f551bd4c97a949dd43bf
d49d3cff930d3a90432477f8fb875d17680761c3012ad9278d837258064a5f44
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dc50c9234e531dc0a85c496648772db66cc4d037ec385554305c65c99d85b526
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de0e3e13ac455201d77e111b8c417ddae1ea4689e4406203baaa78d0ff9532bf
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
dff20a84996ce1ebc8618195c994aebf8047cce24b9cf6dbb234beb35d355a7d
e17d22c941eed01ca1a6a1d67cb028e4f7030a313fb1925ee3c25bb743b400c5
e277655afc61ff30b8e6a2dff2e801288a861805f24bb05e70133989b8a95976
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ebf7b463e2889acb14a10275820b649cd94854066e8a29dc2cbdccba50c7add7
ec3b3c9e9614de1992dee92d143dc6231cd84929cc7cb8ca879c9b1c7a2d3fc5
ec6829494f76fee9af7524f7c93ca62dc4d49cae5c14c1613f3659ab06cb8384
ed3871a7cdd082cbc715537d7c18b41c05c8f228a10bf7ebda096f8e182997fb
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d94a9c7e4a5cfad4bc6bd7d2f85aaae12f2a78eac191374c89ff5a0301e27f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f856fd59d0e34b5bca7df38076f05bf9b9f6a4d1f8bdf0a11a4f2a545c59a9b1
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

bg.graphistik.com Open in urlscan Pro 2606:4700:3033::ac43:b815 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

224 Requests

93 %HTTPS

59 %IPv6

37 Domains

59 Subdomains

46 IPs

8 Countries

4638 kBTransfer

9665 kBSize

28 Cookies

1 Outgoing links

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bg.graphistik.com Open in urlscan Pro
2606:4700:3033::ac43:b815 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

93 %
HTTPS

59 %
IPv6

37
Domains

59
Subdomains

46
IPs

8
Countries

4638 kB
Transfer

9665 kB
Size

28
Cookies

224 HTTP transactions
6 data transactions