krank.de Open in urlscan Pro
35.204.103.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.www.www.www.www.www.www.www.www.www.www.bella-skin.de/
Effective URL:
https://krank.de/produktcheck/bella-skin/
Submission Tags: phishingrod
Submission: On October 30 via api (October 30th 2023, 12:03:29 am UTC) from DE — Scanned from DE

Summary HTTP 161 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 31 domains to perform 161 HTTP transactions. The main IP is 35.204.103.237, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is krank.de.
TLS certificate: Issued by R3 on October 6th 2023. Valid for: 3 months.

This is the only time krank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	62.116.173.69 62.116.173.69	15456 (INTERNETX-AS) (INTERNETX-AS)
13	35.204.103.237 35.204.103.237	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1f::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	2a03:2880:f08... 2a03:2880:f083:6:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.57.206.211 52.57.206.211	16509 (AMAZON-02) (AMAZON-02)
2 15	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3 3	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
2 4	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
24	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	18.157.102.82 18.157.102.82	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
161	34

1 62.116.173.69 (Germany) 1 redirects

ASN15456 (INTERNETX-AS, DE)
PTR: lb-2.avenso.net

www.www.www.www.www.www.www.www.www.www.www.bella-skin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.204.103.237 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: word1.hyro.ag

krank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:6:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.206.211 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-206-211.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.212.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.91.62.186 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.243 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.32.185.35 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Mossingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.102.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-102-82.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	917 KB
24	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	61 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	254 KB
13	krank.de krank.de	774 KB
10	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3931	35 KB
9	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925	145 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 3113	119 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447	148 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	907 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	15 KB
3	exactag.com m.exactag.com — Cisco Umbrella Rank: 11905	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 599	2 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 795	2 KB
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	310 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	177 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	936 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
2	facebook.com web.facebook.com — Cisco Umbrella Rank: 209	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	171 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	588 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	610 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	600 B
1	bella-skin.de 1 redirects www.www.www.www.www.www.www.www.www.www.www.bella-skin.de	156 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
161	31

	Domain	Requested by
24	static.criteo.net	ads.eu.criteo.com
17	imageproxy.eu.criteo.net	ads.eu.criteo.com
15	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
13	krank.de	krank.de
10	static.addtoany.com	krank.de static.addtoany.com
9	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	pagead2.googlesyndication.com	krank.de pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.google.com	1 redirects www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	platform.twitter.com	static.addtoany.com platform.twitter.com
3	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	m.exactag.com	ads.eu.criteo.com
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	c1.adform.net	3 redirects
3	um.simpli.fi	3 redirects
3	dclk-match.dotomi.com	googleads.g.doubleclick.net
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	ads.travelaudience.com	2 redirects
2	pm.w55c.net	2 redirects
2	web.facebook.com	connect.facebook.net
2	syndication.twitter.com	platform.twitter.com
2	connect.facebook.net	static.addtoany.com connect.facebook.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	krank.de www.google-analytics.com
2	www.googletagmanager.com	krank.de www.google-analytics.com
1	x.bidswitch.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cse.google.com	krank.de
1	www.www.www.www.www.www.www.www.www.www.www.bella-skin.de	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
161	42

This site contains links to these domains. Also see Links.

Domain
www.bella-skin.de
bit.ly
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.addtoany.com

Subject Issuer	Validity	Valid
krank.de R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
static.addtoany.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-08` - `2023-11-06`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://krank.de/produktcheck/bella-skin/
Frame ID: E6B84F52FBB07BD4B82D956DAFD14B06
Requests: 44 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: B5EBED9F2EE43BD5E358AC7F00F9AE80
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html?hello=world
Frame ID: 5D368F1A4FEA8707A20389F7969D0A29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1698620604&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624204501&bpp=2&bdt=347&idt=105&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4407078390710&frm=20&pv=2&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=132
Frame ID: FCEA87AD07D7F65F77303CB106A7ABA4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fkrank.de
Frame ID: 15139E12CB70C270D202E9E2E5924FDE
Requests: 2 HTTP requests in this frame

Frame: https://web.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d953e9bc08194%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff1c1ebdd9a4d7d%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: 4296263153A165BE0BA875D3956BE08E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Frame ID: 2E3A691890251E7E2F1A9654862A77F7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22
Frame ID: F9E786F6B441854908178E59D9DE2AF6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88
Frame ID: FEB96FB5E13F6AE2FA4DD64F9680430B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94
Frame ID: 9134861F8A99FA2BA3E000FCCFB69DAD
Requests: 8 HTTP requests in this frame

Frame: https://web.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4bf986ee6645c%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff1c1ebdd9a4d7d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: C7961F7845066D9F2A6F50E44497C295
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQAAvMwH_Z8oAABKcpj_Ez4c05ER7E8bYg&u=%7C8UsDLm2ztabgCG6UvyCXULadf3glkB6KZFW3Iv5OkUY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v6b8Hii-U2EU24jWtQXwEQxnZeT5ciWawSLfTAHwQ4xmtrMk4vVfgD5x61rAhxzPhfRUiYdOe46vw5G6yj-4oPEGWd3oSqYTDtrZORpxEeKCEkbYbXxo2ywyaoeNqnjA7YXmg05ZyNkOvpwaVi2LCvTcXi9XXxeNHjlutPeikcay2ojTSK8oTJ9JRGZ7n8q4kTU-DO3OkK4k2axpPKVm4fy_1NNbqI2mEHZxLnmc_Vhc4XZIdPavnprlwS7xju-AhZDvFOlTWfR_3jTw8KvPvLN9OSofRjwgnHROUWTFCGyUhuLw6d5bnbxArNT_9nTVDLZ1LAQU_o203ctipzzx9TQ27WsNplFpR0mrfEGm1Nev8EnkqJojxsNf7FI-FGuCfNDVg2-cnLNhVAO4KUWV8Er8xHyVv-5YbLooBiSplLcSvLbLWCpqDu5x21HX-4JWs5espAh5TcwkcgR8dRE-PgMsP-qtVEdoF2gT2q6M4COPZOgFEI82oMXM8b7wuT5aMfNHi1IUwbQRrvvtHAbwjQY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtp_BzfI-Zcz5Aqi-9u8P8pSBuAnJntKxXKX8k_dwwI23ARABIABglZKfgrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_QV7St6GpVsOQ-MGZX7flQO1nDaO5JUBhzZXzhtdU31Sul-PRHojPBID5v2OzS2FFiY2vKowm0Asejpm86Hz9yVf2EgEYctXa04fXa73Ou3QT1__EZeQVauKDZItLP62KiorRWh6_anSDYMP0-dnTHPOmRFrGvIsBX6DvHVEcrLgn3sO11PeisUo4TmRoPmiknSL_n8jwq2ZKgPm2B4v-LUSCAxYn0WJIrL4j076ai_jmYc74nqaL31edQCqHcJIi_EGLcfZreDo04pFBDaWd1cdI8v7UhOymV5ktxnxXtskkaJ7f78DqwAYG1CWtTXQ3E-iqrGnTjx6oQ_Ni_q_rPW5Yj4IAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2pcLoAfOnWY-4b4DYBfew2OAdKtA%26client%3Dca-pub-7176323234405639%26adurl%3D
Frame ID: 9E95F9CF4B6A8B4BE4E69EF6B5EE3DC7
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2424797F8186D204F9D632E9F70F37F4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7BB37085587B5D6DBE1BE99287FB9CBE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44B38538166096C88E4DCCA4DA9AC445
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQADwgEH_ZOuAA6lb5ack5mmAA_ZCvlzXA&u=%7C8UsDLm2ztaay3G3%2BZEM18nrxbzMJ1Ny4fRvuGF0ZGY0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v233Yc6SehuHrq66kgea2lBRZFRkcA_AgXe4sHe2X2riIbsHEISOIyTec5Xlb9ARg4J03ZiK-FDAnV1eNNgbUOm1oiNgSjiP4GZUTgTdhxdVkm8U7bIsdHZKgWAT1vgK13ae1th_73XpjYK66a-hz7b-JDRj2ffMi2_Ok-DLUTNcS4MBNN9PuJaBIPV4h7IWaFpQ_pddpukldk16fTGnXUDEnaeLx9bwgNTWgl7-2s3uwX8i7Ttx7m0fkltR-i5sRspuWhc4sxkRmXEveizH6Ai1nNNVCtLBXLXo6hKhPMNlzYoHTt18p6-GfoO5IRz5_nJtWKa4kBLylShvL4O91fD9JFxAmDQu2cXeabowI0kTi43-ICuKUzKBaS4Eeuo2B3sfyIxH8w_dg2hCR0zQr8DEutwl-_hDArfBEbGOlX4ZioHsiKYJXjPfnlqteoqf6LUAEplA_XRsQghDyXJLevgUFh1jnSFwx5MlTdRcvzxC698-6jgW7PZJRfcyIW0QIh_q9CvlDeUasAiQ-ovYB3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeqknzfI-ZYGED66n9u8P78q6kAjJntKxXPWdmPdwwI23ARABIABglaqggrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_QQpf_i_QrbuZVfRvTYiddRDQNI2WC_q6crwhtTRxFP-baXF_j1OhSTzeFQ7iQAD2I6b3PBEQjRw0Ot2H8HXUo7gO5TVz95nWJ_0XOYzIElB0FYRIEv0zrVqzVff22u6oT1JU47ViuhDnSA7FcmD-uJxygKbNq1Cp1R-ISWwVc4HMolvTJsh4RGdYS0jM6ZuPEZ6Fs5xMQoiTnlIhZrm_57aim4lU98W3frtjlodiiE4TrYvGJM6JyfwPKPmlaQCfdocDEmVoaBBe2qFegvFfmMug275tv_2fcOy3oQb-Vgt7_S3U2Oy0l2jYxV8VFdtBudS6JIPR4tVk_k_T7rvGouiMr5oAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ycj0z3uF7kZhXw6FDkGZ-nTi-cw%26client%3Dca-pub-7176323234405639%26adurl%3D
Frame ID: 5A4CBBAB6DB9B919D175D400873F6E3D
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 70D64CCA64FB4D963C57146D9F965EE1
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQADysQH_ZPoAA368ybBjEr_DYZ4V1ZlWA&u=%7C8UsDLm2ztabh31VD9OQIe8VZk0qvllgjLHZ3bQK0jyo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v3fpKzA3HitlsCfuDXlP1arKvZZWdLPx2o6QCbWqAqWnIQLj_Z_6o0wLGKa4qfg76oXO1AP54nuAJSFGSz9KOy_r89plAuQZLyFTMhbVd4cOUJP0ovrEx2Em11fPxQtajQZfffGnntD498VKjjNyt_o8DHkwI4WrOoKoopOPXHoF2-TvQ0KS8yuvta_eYOyB5oUosbHHJKREbokZeD-7Ci3uxbSKZ-VZjpEoweg6QcECFpzAX1DJHjzO8aqYRWuXtzyxa_UNuW9CJON8jFWAJJXJkCPw4CNtaglUkEwaw8qIhQScuUB47CjHsf8tSi9Lw9WUz81nST_mqZfqAvlm-ejMX44iABDrx_zLN_DyLSoU1ZH-xTlsA_wM7C2v62f7raK4syLfQGlOUEYTxaXpVxP2OEfW1iztEp88Q3yOvniZeB5o0U2gvzu1xJXNDMMP91Z-4XhiyU9MC3ztFG3sEQTPRxhOlbxHPwhmgqni6Y5TVmOJHMGeCctIIXWvrtYj4MLGaUMEhxzilwoOSsDTejo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3s3NzfI-ZcSVD-in9u8P8_W36A_JntKxXKX8k_dwwI23ARABIABglZKfgrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_Q6Fd2jmOiiQ1lU6S61ZiHTvTZ0Gmo49s1EdzhGvQy6zWg6JudpFxI7bNopE0Pr-2a_9GWtIprPBL2AJJLq6kuqIkHUWTVdRVEqOTjwFeFH7COoQATnwq49uEd2I2gv4YNsMGp9j4UW6GhWYqILGE71tVe51-3WXsmLaZ-VHWVY1MJa_wh9lYuE36j8mRjoc_FoS5oNaubbE4NqurzwFtVWDJm0QKu_zQ0pATtFeieVX9Lca1rVDzBWG9OkLbxwo1NFykdWBdfWVqqpbyx8xrW_V4gzpJIZAhHJq7yhg71iAUJPx2I_YvwNGooGYv5tbvUzO7Z122uUuNgsEs6N2avqzgdsoAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16MBYIYruzrmJd51SSr4bqo4lsOA%26client%3Dca-pub-7176323234405639%26adurl%3D
Frame ID: F1792B6B330CF3815010D154666BE76F
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 91E6C4B202AE538CD3E3AAA32B7E2753
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bella Skin Produktcheck - Bewertung - Produkt im Test » Krank.de

Page URL History Show full URLs

https://www.www.www.www.www.www.www.www.www.www.www.bella-skin.de/ HTTP 307
https://krank.de/produktcheck/bella-skin/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

161
Requests

91 %
HTTPS

57 %
IPv6

31
Domains

42
Subdomains

34
IPs

8
Countries

2930 kB
Transfer

6938 kB
Size

22
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bella-skin.de/
Title: Bella-Skin.de

Search URL Search Domain Scan URL

URL: https://bit.ly/bella-skin
Title: Bella Skin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://krank.de/produktcheck/bella-skin/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Check%20out%20this%20article:%20Bella%20Skin%20-%20https://krank.de/produktcheck/bella-skin/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&media=https%3A%2F%2Fkrank.de%2Fwp-content%2Fuploads%2F2020%2F06%2FBella-Skin-2.jpg&description=Bella+Skin
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/krank.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Krank_de
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/krank.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.www.www.www.www.www.www.www.www.www.www.bella-skin.de/ HTTP 307
https://krank.de/produktcheck/bella-skin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei HTTP 301
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Request Chain 62

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP-6zbsoiqQowY9M3Iqyh9g&google_cver=1&google_push=AXcoOmRwMsp8jZUmYybq8EVtriEgPNGtoUl13XYWt2W_nKBFfvYGWu3cyHoSbgg0fK76T1k26qJYpFpTDSov49Q8ajkiXhXRxApvQ8qu HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP-6zbsoiqQowY9M3Iqyh9g&google_cver=1&google_push=AXcoOmRwMsp8jZUmYybq8EVtriEgPNGtoUl13XYWt2W_nKBFfvYGWu3cyHoSbgg0fK76T1k26qJYpFpTDSov49Q8ajkiXhXRxApvQ8qu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDU1UFJNYU0xUVhmS0I1&google_gid=CAESEP-6zbsoiqQowY9M3Iqyh9g&google_cver=1&google_push=AXcoOmRwMsp8jZUmYybq8EVtriEgPNGtoUl13XYWt2W_nKBFfvYGWu3cyHoSbgg0fK76T1k26qJYpFpTDSov49Q8ajkiXhXRxApvQ8qu

Request Chain 63

https://um.simpli.fi/gp_match?google_gid=CAESEJTBY60dZ5CVQ4eNylWplm4&google_cver=1&google_push=AXcoOmRrOMpJvRJpVb8aijJ8Yj3NTTW6KOw1a-oZWkPX9yphZoQ7lcbdD7X0hDE4XZZQ1eZrtoTNou13xDYpL5NlQvdRQm08ykerjT3v HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmRrOMpJvRJpVb8aijJ8Yj3NTTW6KOw1a-oZWkPX9yphZoQ7lcbdD7X0hDE4XZZQ1eZrtoTNou13xDYpL5NlQvdRQm08ykerjT3v

Request Chain 65

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM-Ruv-AefS4fWgO2l7g9MA&google_cver=1&google_push=AXcoOmRYSC8S042Cd3qQCAdRm7mFg6dPhiCtNHgrIIe0kBMzKP1BIaiUgPvT3Bv5pLan4eswQNJL6jpX6doblzCcKE8890q62kNe9oMt HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM-Ruv-AefS4fWgO2l7g9MA&google_cver=1&google_push=AXcoOmRYSC8S042Cd3qQCAdRm7mFg6dPhiCtNHgrIIe0kBMzKP1BIaiUgPvT3Bv5pLan4eswQNJL6jpX6doblzCcKE8890q62kNe9oMt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMzczNTkxMDQzMDI2MjE1MQ&google_push=AXcoOmRYSC8S042Cd3qQCAdRm7mFg6dPhiCtNHgrIIe0kBMzKP1BIaiUgPvT3Bv5pLan4eswQNJL6jpX6doblzCcKE8890q62kNe9oMt

Request Chain 67

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDSaRMZL9MveN5yFS9KuBJM&google_cver=1&google_push=AXcoOmRR9-pRWLGA0DmQFAqIJ3E_DUX1P4HGFkl4TjyIzMrpsSSc0w3fHqPl-x-zNwNORd3d6rnQKEMyVkVOJnSwpaC8McNLDrlTl9fsPQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRR9-pRWLGA0DmQFAqIJ3E_DUX1P4HGFkl4TjyIzMrpsSSc0w3fHqPl-x-zNwNORd3d6rnQKEMyVkVOJnSwpaC8McNLDrlTl9fsPQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 116

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKJjqQ6aXQzeByBvuFMvfco&google_cver=1&google_push=AXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tmEaA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tmEaA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKJjqQ6aXQzeByBvuFMvfco&google_cver=1&google_push=AXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tmEaA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tmEaA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 117

https://um.simpli.fi/gp_match?google_gid=CAESEPh34hq3t-YqGozT5TMrlao&google_cver=1&google_push=AXcoOmSqNAc4tTUD2LbhO1bE8dzOscEifap2v9oeZ7bnLhPskRJGq3S3XwaF8a9c7_qQ2pcqzuCioATTZ7UAxobkSNpSCSGig4ctXDBx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmSqNAc4tTUD2LbhO1bE8dzOscEifap2v9oeZ7bnLhPskRJGq3S3XwaF8a9c7_qQ2pcqzuCioATTZ7UAxobkSNpSCSGig4ctXDBx

Request Chain 118

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENVYpbnKQbbVLwYHa5ZuH4c&google_cver=1&google_push=AXcoOmRdoq6KQEarIav_yQ4Bvi4wXylqJROY6eiWyv2kgRv8SgOWmjYc7EqKoI7ckomZu5l7qnz1t5FI-KcS_XS12ISBi6s1mX3OCyM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRdoq6KQEarIav_yQ4Bvi4wXylqJROY6eiWyv2kgRv8SgOWmjYc7EqKoI7ckomZu5l7qnz1t5FI-KcS_XS12ISBi6s1mX3OCyM&google_hm=Dpdz7DwuSFKbzB1hJ7fLSI4

Request Chain 119

https://ads.travelaudience.com/google_pixel?google_gid=CAESEE84G2nLiHG1uOqUa-0pIuA&google_cver=1&google_push=AXcoOmTdObLZbuN6-QTq7Z5gDvEl-m3f3uysoJalpxxzxCNALn9m8nxTvFqaFOgJ6an0g6gYNSTYstXmRpj7dqzd_V4dqFRraeraMyor HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=EynoGXmBRDQyDHUs8LXg5A&google_push=AXcoOmTdObLZbuN6-QTq7Z5gDvEl-m3f3uysoJalpxxzxCNALn9m8nxTvFqaFOgJ6an0g6gYNSTYstXmRpj7dqzd_V4dqFRraeraMyor

Request Chain 120

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJCqO1XiGbGWM8PKt-yvYTA&google_cver=1&google_push=AXcoOmRhaY4JOl4sVynpYIRxoqxPs09zj0oBWRdOzLyOxNssFOfevo432NmW516tksO6WeZ1AKUv7NJ8ICEzDbnlA0FCEk0TPjQUAjmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMzczNTkxMDQzMDI2MjE1MQ&google_push=AXcoOmRhaY4JOl4sVynpYIRxoqxPs09zj0oBWRdOzLyOxNssFOfevo432NmW516tksO6WeZ1AKUv7NJ8ICEzDbnlA0FCEk0TPjQUAjmQ

Request Chain 123

https://um.simpli.fi/gp_match?google_gid=CAESEB3wGiTFlDuLbOeS3kE58WE&google_cver=1&google_push=AXcoOmQ1cbhIbzzLZYRD1gxaQmEabO6pQalh8p1cBaAWJUo7h862BqZ9friHN0-KcsfMDzdK1i1KuCLT4529UDCYBAcMhuM1kOrsHbTJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmQ1cbhIbzzLZYRD1gxaQmEabO6pQalh8p1cBaAWJUo7h862BqZ9friHN0-KcsfMDzdK1i1KuCLT4529UDCYBAcMhuM1kOrsHbTJ

Request Chain 125

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDN-WUV70rB04Ffl8v3fgtw&google_cver=1&google_push=AXcoOmTFzCHZPwwDxBZAdLccrK5NXEIoo8_XBjMIcZvY-HQDcGBDfwdyI0P-BGIxxcC6imgiX1PS87K5lZEL4YQllxZWfkkRn4U_Sh91 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NTUzNTQwODY4MDMzNTUxMg%3D%3D&google_push=AXcoOmTFzCHZPwwDxBZAdLccrK5NXEIoo8_XBjMIcZvY-HQDcGBDfwdyI0P-BGIxxcC6imgiX1PS87K5lZEL4YQllxZWfkkRn4U_Sh91

Request Chain 126

https://ads.travelaudience.com/google_pixel?google_gid=CAESELy1Vl8o1Au_-X03dP1MC5g&google_cver=1&google_push=AXcoOmTiQZx3wyZhHjfGSvmjxBAYWu-Vsfly-gcovQreGTRtIG5sZKWXxlLx61OpuNimYCbsqLdkU0tqV5CkH5KyrLRfDqzO18-L7w1V HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TeBfwjo7Qs4Oe6mGiTOzvA&google_push=AXcoOmTiQZx3wyZhHjfGSvmjxBAYWu-Vsfly-gcovQreGTRtIG5sZKWXxlLx61OpuNimYCbsqLdkU0tqV5CkH5KyrLRfDqzO18-L7w1V

Request Chain 128

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHQH0lx5ARU3kw1CLC16Oas&google_cver=1&google_push=AXcoOmTjV1-35tf508T0pQSoXSLBbJuShvwfRyqMqPEI_PnriUj__Abk0v-WL3v-UxOe_oNCjB-jpzp9fP9D5LCoWXFUk9Yi8mM_NzuzHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTjV1-35tf508T0pQSoXSLBbJuShvwfRyqMqPEI_PnriUj__Abk0v-WL3v-UxOe_oNCjB-jpzp9fP9D5LCoWXFUk9Yi8mM_NzuzHA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

161 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
krank.de/produktcheck/bella-skin/
Redirect Chain

https://www.www.www.www.www.www.www.www.www.www.www.bella-skin.de/
https://krank.de/produktcheck/bella-skin/

91 KB
25 KB

103ms
32ms

Document
text/html

35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

3dca9c3ce431b66f1c2c6f2fe7f8bd3fca02e82eb30dbf336aa0c7eaddabd540

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 30 Oct 2023 00:03:24 GMT
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding

Redirect headers

content-length: 77
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 00:03:24 GMT
location: https://krank.de/produktcheck/bella-skin/
x-redirector-id: c3793eccc2416b6d0f2c71c3b0b8a95c9aca6545000c88ec254de84b3f0def1e

GET
H2 200 autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
krank.de/wp-content/cache/autoptimize/css/ 2 MB
300 KB 20ms
19ms Stylesheet
text/css 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

34c2528db29af28ba40106ece5fa4b7a8f77885600c9d13f5c345f931d7346fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Sat, 20 May 2023 09:10:20 GMT
server: nginx
etag: W/"64688e7c-19417c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ebs_dynamic_css.php
krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ 0
274 B 94ms
93ms Stylesheet
text/css 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 58ms
19ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7336
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"d6aef456b9985966b12e7eb294a2b787"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHUF0G3mbV5035w9nbiBakefvdXzmC2ANGj9mLzmDNPNRStkDrll1X8EYNMwNvQ8DWkIvK8UAM%2Bzntu2OtHimK5Cf9iVXErzYMZza20VFtau5IiHdBBQwV6tgiffOVjgnxqG6cNJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 81df651cdefa8fca-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 68ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19f4b95f56d49fd9652c76ff1ba308dcc825bd2e8054e10c0f4cb0afa407a7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 00:03:24 GMT

GET
H2 200 krank-logo.gif
krank.de/wp-content/uploads/2017/09/ 5 KB
5 KB 53ms
52ms Image
image/gif 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2017/09/krank-logo.gif

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Tue, 19 Sep 2017 14:28:58 GMT
server: nginx
etag: "59c129aa-1523"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5411
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penci-holder.png
krank.de/wp-content/themes/soledad-theme/soledad/images/ 125 B
332 B 53ms
52ms Image
image/png 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/images/penci-holder.png

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-7d"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 125
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 84ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dc404644892469d302728d787921c0f1f691d4994fef8a0c7cda5e6d1a7624d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51458
x-xss-protection: 0
server: cafe
etag: 13994063056672643264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 00:03:24 GMT

GET
H2 200 copyscape-seal-blue-120x100.png
krank.de/wp-content/uploads/2017/02/ 4 KB
4 KB 22ms
19ms Image
image/png 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2017/02/copyscape-seal-blue-120x100.png

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Sun, 26 Feb 2017 20:32:54 GMT
server: nginx
etag: "58b33b76-101a"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4122
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js Show response
krank.de/wp-content/cache/autoptimize/js/ 370 KB
121 KB 19ms
19ms Script
application/javascript 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/cache/autoptimize/js/autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 15:24:24 GMT
server: nginx
etag: W/"63cab228-5c795"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 29 Oct 2023 23:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 712
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 30 Oct 2023 01:51:32 GMT

GET
H2 200 fontawesome-webfont.woff2
krank.de/wp-content/themes/soledad-theme/soledad/fonts/ 75 KB
76 KB 18ms
16ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-12d68"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 77160
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penciicon.ttf
krank.de/wp-content/themes/soledad-theme/soledad/fonts/ 33 KB
33 KB 19ms
16ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/penciicon.ttf

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-8370"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 33648
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 momizat.ttf
krank.de/wp-content/plugins/krank/fonts/icons/momizat/ 102 KB
102 KB 18ms
17ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/krank/fonts/icons/momizat/momizat.ttf

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2017 09:40:31 GMT
server: nginx
etag: "59dde70f-19748"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104264
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/ 18 KB
18 KB 19ms
18ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2017 09:40:40 GMT
server: nginx
etag: "59dde718-466c"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18028
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Bella-Skin-5-300x300.jpg
krank.de/wp-content/uploads/2020/06/ 41 KB
41 KB 17ms
17ms Image
image/jpeg 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2020/06/Bella-Skin-5-300x300.jpg

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

157203cbd07f5e85964e9432fc9a9d747e9ddf82dbbace58e00292fdebb49d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Thu, 04 Jun 2020 02:18:28 GMT
server: nginx
etag: "5ed859f4-a2af"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 41647
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame B5EB 677 B
708 B 18ms
18ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2536
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 81df651d5f398fca-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 00:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgy1Xiaq4hQulSjNWtvkr660JPfFR6xE4%2F8ro77ED4Bf0FLxHncljRoUKiHunNkCSNy4DpT95w55PeIeWAAvtrg6r789oil58%2BkRBurfVWvbEY9WgFGib1bURJwifCj3a7MfPZ3p"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.f4498a6a.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 36ms
23ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.f4498a6a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"0f93ad704884b933c81a014a08e47852"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsaIVIv7A4bv5Vn8O38pzxnVGXv2su1TIfGaQBATrGVZgi6d9mWTNdkmFKut6sofrcyGCCiXjQ7F9oKNM5mh3dKdGpM5XVy%2BKNDqec0U5V2YnJc%2Bu6lzHOvCWTgeMEGKyw6PEFhx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 81df651d6ad9692e-FRA

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

9 KB
4 KB

124ms
44ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

2e1227e2d3ccf143148712583ca16055a44c7de2fb6b3ab87b1d3fba6cfd5c1e

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-mLPoHgSYb4pwAcnHhOgsEQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-mLPoHgSYb4pwAcnHhOgsEQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Mon, 30 Oct 2023 00:03:24 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3014
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Mon, 30 Oct 2023 00:03:24 GMT

Redirect headers

date: Sun, 29 Oct 2023 23:46:14 GMT
x-content-type-options: nosniff
server: sffe
age: 1030
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
expires: Mon, 30 Oct 2023 00:16:14 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 47ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QVNJPTS5GE&gtm=45je3ap0v9100727719&_p=1584182159&gcd=11l1l1l1l1&cid=285549411.1698624204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698624204&sct=1&seg=0&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&dt=Bella%20Skin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
217 B 20ms
20ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1584182159&t=pageview&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&ul=en-us&de=UTF-8&dt=Bella%20Skin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1422553661&gjid=1236431378&cid=285549411.1698624204&tid=UA-75122288-1&_gid=344431165.1698624204&_r=1&_slc=1&z=735766432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9858aba970f31a0ffac37a23df86b15aac549d4ad87adc33a3d11becc8325e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Bella-Skin-4-300x300.jpg
krank.de/wp-content/uploads/2020/06/ 48 KB
48 KB 17ms
16ms Image
image/jpeg 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2020/06/Bella-Skin-4-300x300.jpg

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/bella-skin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

fe27f3957b829c084373f77e8282630f6a717401a43ca4d41fb2bae90b0c9983

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/bella-skin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=63072000
last-modified: Thu, 04 Jun 2020 02:18:29 GMT
server: nginx
etag: "5ed859f5-bec8"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 48840
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 395 KB
134 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7176323234405639&plah=krank.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5270abd95ad20909a9a9296aaf3aa5160d72e3ffa7f0cabc997a04bbe1f4e7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137230
x-xss-protection: 0
server: cafe
etag: 1715134408713533998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 00:03:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame 5D36 10 KB
5 KB 51ms
13ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 19:41:17 GMT
etag: 4569948109300706969
expires: Sun, 12 Nov 2023 19:41:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
341 B 64ms
19ms XHR
text/plain 2a00:1450:400c:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75122288-1&cid=285549411.1698624204&jid=1422553661&gjid=1236431378&_gid=344431165.1698624204&_u=IADAAEAAAAAAACAAI~&z=694699112

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Oct 2023 00:03:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N88Q73T6W9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab477a6015aae023ef3d19d5eafbf29be8b0cbb036536973d76387369de48195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 00:03:24 GMT

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 430 B
822 B 19ms
19ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"3c6ccaafe275b5b477d0400b5847bbce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB%2FUB0dBlDa0aUIYvOjvSYaudAaLmpNT3Q1BjBqKFWsrZ7CgKrffanDT7diWWixoXgc0wQR0zOSSD%2FWdtCfeQQduqnEYhhx1jNWLS4%2FocoDTrOAaVkajGXO1R9Pb7sb5eZoIrWtF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 81df651e3b56692e-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
937 B 17ms
17ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"31edccd311957616d32bbcad27fcf679"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpHIQjNpO8L1K9QtjHlIoLhyMqAt4zgZ7YxjgnFAlDkKyCg4s4XGujkq1wnysuCg1PFucGdCxvGoz3MTcP8PMsDRj231oWYJmWDvUjAlwY8KkD2c%2Fv4J8lXs%2BR%2F%2F3bc9TXwFzdIQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 81df651e3b58692e-FRA

GET
H3 200 pinterest.js Show response
static.addtoany.com/menu/svg/icons/ 803 B
988 B 21ms
21ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/pinterest.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee4cfa769b7416160f34ecbc48ddc2086388350baab9d29d30ea3f165b6fbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"621583f1ee1ea6dd2e6f8b3cdc64c491"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLRJuhsVqxw7gaCMKzVd%2F5WrstuMD6VeAkRktn4EVBSfIZHIquHkFlC1G1um8E%2FKQ0zAne8S5jzKiQSQoji0Jw%2FiZ6BeSH38U%2BO8ScagnDPsHlJhqZQ%2BVLzds4VkrU%2Fh1KNtBmjG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 81df651e3b59692e-FRA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"ff4901e8a09a77adbbbc9f16111b2a4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5C5dVQd3RrR%2B9hsL8yPd7PHNMJW0fBOCijaBY5kn8YEDyklf93lUjAacNYa6EtBUnWbFbwegI%2F3jbIjIyAz%2BkScMQREZ0tNvaLqq4qLpRgq0LoeNnZPIZhtxZGf3qJvYFUBSggI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 81df651e3b5a692e-FRA

GET
H3 200 facebook_messenger.js Show response
static.addtoany.com/menu/svg/icons/ 378 B
801 B 23ms
23ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook_messenger.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"a7acd011eeba6d8c34c891c7c795d4e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ts8uAuvZuPehr9B2n57R0cfO4npf90v2s2e1u%2BkHsYkEX3mNjlKFcA0IVRLpR4jBZ3kPhwVoz6GOg%2B8yFUlIn7S6OoYX%2BviCdKSc2QjBh17OFVxSJKvSBptHq4dk5LRJ52DGrO%2Fg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 81df651e3b5c692e-FRA

GET
H3 200 wordpress.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/wordpress.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c9e7e961c8ae48bc5c643637c1ca200f7b3752fb57419eec5cb51c78564aab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"fed705ff9e8985758014dc0e4aca605e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyBbvCE%2FlQhrH7IPrPqzeTdAK1jobjh6Ay14%2Bt8TOJtpPE2vdGroUJgCa%2FvQwcA6JGGUWeOhqNs5vlvoRtI%2FbEPAc9W7JIG08BEqb3M%2FXialLJ1O1p3GvBWaIJgPzWswl%2FsIOVJl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 81df651e3b5d692e-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 393 B
808 B 22ms
22ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"c4376363acc57ab93467c50d57ffd7b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAhUfHNjO8usL2Gk5d688ZRDv2xm6vFuYUhd8KBrk%2B3aYiJuYMtGnvaW9tg%2F7z%2B%2BKP%2FEnCg3sMizAaZsqkF7kIlV8plxDdsp6Exk83cwwHD55lpF8yACe1FbR7ZnEF8%2FyIjlpDEA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 81df651e3b5e692e-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15c2495c844e9d79aa6cbd66e91394491ac77874b2bb408eb7b2994e2c4475e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 00:03:24 GMT
content-md5: KPdG9wpVH5CLRX4PkqpUKA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: 1uZvV/9e3If8s5z6N9tzkCvtHYwvRN2SrZ0HqqMzuC3UHYl6x+MB7jspBaNX3U5fBmmCSe3myFFDObimmw6fNw==
x-fb-content-md5: 7f4354d71aee13773fb5230fa39cc549
cross-origin-opener-policy: same-origin-allow-popups
etag: "c6c893e445e690a0d5807ff8a8fc94e1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 30 Oct 2023 00:12:40 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 74ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.f4498a6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 00:03:24 GMT
Content-Encoding: gzip
Age: 637
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (frb/669F)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 296 KB
85 KB 33ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d440991073e3c17a2c719c8ff1badbee

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7625b70ab558d487a13f16de6a3fcc2fa51ab970af8c68fac23a607c44e2fd58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 00:03:24 GMT
content-md5: K3RtWnDAesRuW6BJtYUkWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86863
reporting-endpoints
x-fb-debug: 9YPOxLkzbpqp0J9h/wRqRaVJv6H4wjHIodRNIWJtZdr0kRLrrRSnhZgHK+YnH1dKJ/jB3loSHbZX0943BjIa0A==
x-fb-content-md5: 22213617bfc4628edbf56a61a74dcd9d
cross-origin-opener-policy: same-origin-allow-popups
etag: "5883e4e9f3a511a20bab3ea5ed5a887a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 28 Oct 2024 22:24:35 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N88Q73T6W9&gtm=45je3ap0v9135301576&_p=1584182159&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=285549411.1698624204&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&dt=Bella%20Skin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sid=1698624204&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N88Q73T6W9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
600 B 80ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=krank.de&callback=_gfp_s_&client=ca-pub-7176323234405639

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7176323234405639&plah=krank.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2efdd3ed532ea476822ccd23581ba499bc2bb621f82d9cbf198effd557923607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCEA 20 KB
6 KB 161ms
160ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1698620604&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624204501&bpp=2&bdt=347&idt=105&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4407078390710&frm=20&pv=2&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=132

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6178e78aec083de194707eeef849f9a72c50d32de40d324469f43e312dd9b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5543
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:03:24 GMT
expires: Mon, 30 Oct 2023 00:03:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 1513 319 KB
104 KB 8ms
8ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fkrank.de
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1740650
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Oct 2023 00:03:24 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/e992cd4de3c7044f/ 310 KB
103 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__de.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105519
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 30 Oct 2023 00:03:24 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 41 KB
9 KB 31ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 30 Oct 2023 00:03:24 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 30 Oct 2023 00:16:22 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1513 869 B
658 B 164ms
122ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=549082419c6d3523e55b7f263519c4c09dbbfe2b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fkrank.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 30 Oct 2023 00:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 30 Oct 2023 00:03:24 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: b3c2e5cdf5d0e429
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: d8700976bfe13e2a6b302e748735df4020e9dba010c34645c48c51a3dd01f21c
content-length: 337

GET
H/1.1 200
OK button.13c48d2966337fafa1c1eb5533fdf29d.js Show response
platform.twitter.com/js/ 8 KB
3 KB 7ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 00:03:24 GMT
Content-Encoding: gzip
Age: 1740652
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2617
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (frb/669F)
Etag: "def6f3052007521ae22a38b870dfd318+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 80ms
28ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231025&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

618ed86c2bb6c608a138655e336a0d7b45727fc8c2b3d63f0908083914ab1b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12119
x-xss-protection: 0

GET
H2 200 like.php Show response
web.facebook.com/v17.0/plugins/ Frame 4296 0
2 KB 264ms
202ms Document
text/html 2a03:2880:f083:6:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d953e9bc08194%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff1c1ebdd9a4d7d%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d440991073e3c17a2c719c8ff1badbee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:6:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 Oct 2023 00:03:25 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://web.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: k2hj0iGoOxsXdntBd8Izo2mn4BYrUe5cHaQzte/Fiwtbcwo0H/LTKONqZpjd9A92CHqoKXVVhrKUbHDjd7t4dg==
x-xss-protection: 0

GET
H/1.1 200
OK tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html Show response
platform.twitter.com/widgets/ Frame 2E3A 34 KB
13 KB 9ms
9ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1740650
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12585
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Oct 2023 00:03:24 GMT
Etag: "8c8e58156094069be7351386d79afb40+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
127 B 261ms
260ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Krank_de%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1698624204970%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=549082419c6d3523e55b7f263519c4c09dbbfe2b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 117
date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=631138519
last-modified: Mon, 30 Oct 2023 00:03:25 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 6a569783b56f55e3
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: d8700976bfe13e2a6b302e748735df4020e9dba010c34645c48c51a3dd01f21c
content-length: 43

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9E7 38 KB
16 KB 206ms
205ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03807ddd50a44ed1c7824f3f919f6f50376e5a1b52ebde1ad1faeb3fd6689a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16293
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:03:25 GMT
expires: Mon, 30 Oct 2023 00:03:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FEB9 38 KB
16 KB 291ms
291ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de6e664d7fb83706632f72dcd2dd8494d26c5f70d9bd422233e54d36497efa99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:03:25 GMT
expires: Mon, 30 Oct 2023 00:03:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9134 38 KB
16 KB 267ms
267ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ac3894d27fc22e42ed33074253429aec87e6e95dd6136a198ca14723603d479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:03:25 GMT
expires: Mon, 30 Oct 2023 00:03:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 171ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Oct 2023 00:03:25 GMT

GET
DATA 200
OK truncated
/ Frame 2E3A 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F9E7 3 KB
1 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 18:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 18:28:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame F9E7 20 KB
9 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 14:17:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F9E7 0
0 23ms
23ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSE_PYZIJ_znDqaxetn6VA47FakXxCx3bd_TFbYwskJi-9vi5fnsy9QOwqVKJ7WkXQcF1eb8hT-GvCaGCmxnngJRffQ-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9E7 187 KB
59 KB 80ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 00:03:25 GMT

GET
H2 200 like.php Show response
web.facebook.com/v17.0/plugins/ Frame C796 0
120 B 37ms
36ms Document
text/html 2a03:2880:f083:6:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4bf986ee6645c%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff1c1ebdd9a4d7d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d440991073e3c17a2c719c8ff1badbee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:6:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 30 Oct 2023 00:03:25 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://web.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: fy+zC1/bUSC7+fbDxfMVYP1fYdwHL+esYNzxF4ZxJsOHnKre0P0YTO+RTNLrztUP6JRpF3ig5MsDlHirNIGGuA==
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9E95 130 KB
46 KB 120ms
56ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQAAvMwH_Z8oAABKcpj_Ez4c05ER7E8bYg&u=%7C8UsDLm2ztabgCG6UvyCXULadf3glkB6KZFW3Iv5OkUY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v6b8Hii-U2EU24jWtQXwEQxnZeT5ciWawSLfTAHwQ4xmtrMk4vVfgD5x61rAhxzPhfRUiYdOe46vw5G6yj-4oPEGWd3oSqYTDtrZORpxEeKCEkbYbXxo2ywyaoeNqnjA7YXmg05ZyNkOvpwaVi2LCvTcXi9XXxeNHjlutPeikcay2ojTSK8oTJ9JRGZ7n8q4kTU-DO3OkK4k2axpPKVm4fy_1NNbqI2mEHZxLnmc_Vhc4XZIdPavnprlwS7xju-AhZDvFOlTWfR_3jTw8KvPvLN9OSofRjwgnHROUWTFCGyUhuLw6d5bnbxArNT_9nTVDLZ1LAQU_o203ctipzzx9TQ27WsNplFpR0mrfEGm1Nev8EnkqJojxsNf7FI-FGuCfNDVg2-cnLNhVAO4KUWV8Er8xHyVv-5YbLooBiSplLcSvLbLWCpqDu5x21HX-4JWs5espAh5TcwkcgR8dRE-PgMsP-qtVEdoF2gT2q6M4COPZOgFEI82oMXM8b7wuT5aMfNHi1IUwbQRrvvtHAbwjQY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtp_BzfI-Zcz5Aqi-9u8P8pSBuAnJntKxXKX8k_dwwI23ARABIABglZKfgrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_QV7St6GpVsOQ-MGZX7flQO1nDaO5JUBhzZXzhtdU31Sul-PRHojPBID5v2OzS2FFiY2vKowm0Asejpm86Hz9yVf2EgEYctXa04fXa73Ou3QT1__EZeQVauKDZItLP62KiorRWh6_anSDYMP0-dnTHPOmRFrGvIsBX6DvHVEcrLgn3sO11PeisUo4TmRoPmiknSL_n8jwq2ZKgPm2B4v-LUSCAxYn0WJIrL4j076ai_jmYc74nqaL31edQCqHcJIi_EGLcfZreDo04pFBDaWd1cdI8v7UhOymV5ktxnxXtskkaJ7f78DqwAYG1CWtTXQ3E-iqrGnTjx6oQ_Ni_q_rPW5Yj4IAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2pcLoAfOnWY-4b4DYBfew2OAdKtA%26client%3Dca-pub-7176323234405639%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3365804b92aa6e56d9c4e01b229bdf48d83d48bf3526da722d65a2cccafe73bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:03:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2-GgJ7FmlqacomGLkW6WQtyBpt6rW8KELVefqvTPftCkcwi8IQgJ3P5y5usvtpQAd-KWS4qOdxu0Lhdx36u92JtT80iDutVzauq5zfMazqATfWo5-6lfbTXjdR-orssoE6nmZ-7Pu50CTF0k-oqM8rz7Dayt75Tmk00Sr1hf61Ak8DxstcRO6DHJS7LenzUK9_CO6J4G7HJSa-DGU8gviFI5f9tVUE_0vru06duztAi0VdEdZC0kLUNvcPIMV4h0PUzsmQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 37226792
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2424 1 KB
643 B 24ms
18ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Mon, 30 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F9E7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3adf68fdef7361b310517eff0f8d20aea69e015c74a1bcedb879041d010db9ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2424 0
104 B 101ms
27ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJLGq47DpWz3gkw9VxxOkxc&google_cver=1&google_push=AXcoOmSzeTNKa2tgniFsli72xnk9njIfXcF3ralistuzzkHxdqzCaul2O3d6_RNaVcad5CDsV5PYT-W7WRzNVD3dRLAGeSKUctD9REw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2424
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP-6zbsoiqQowY9M3Iqyh9g&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP-6zbsoiqQowY9M3Iqyh9g&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDU1UFJNYU0xUVhmS0I1&google_gid=CAESEP-6zbsoiqQowY9M3Iqyh9g&google_cver=1&google_push=AXcoOmRwMsp8jZUmYybq8EVtriEgPNGtoUl13XYWt2W_nKB...

170 B
232 B

24ms
24ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDU1UFJNYU0xUVhmS0I1&google_gid=CAESEP-6zbsoiqQowY9M3Iqyh9g&google_cver=1&google_push=AXcoOmRwMsp8jZUmYybq8EVtriEgPNGtoUl13XYWt2W_nKBFfvYGWu3cyHoSbgg0fK76T1k26qJYpFpTDSov49Q8ajkiXhXRxApvQ8qu

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Oct 2023 00:03:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-791-gff05a1f#rel-ec2-master i-066d8784b19149d32@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aDU1UFJNYU0xUVhmS0I1&google_gid=CAESEP-6zbsoiqQowY9M3Iqyh9g&google_cver=1&google_push=AXcoOmRwMsp8jZUmYybq8EVtriEgPNGtoUl13XYWt2W_nKBFfvYGWu3cyHoSbgg0fK76T1k26qJYpFpTDSov49Q8ajkiXhXRxApvQ8qu
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2424
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJTBY60dZ5CVQ4eNylWplm4&google_cver=1&google_push=AXcoOmRrOMpJvRJpVb8aijJ8Yj3NTTW6KOw1a-oZWkPX9yphZoQ7lcbdD7X0hDE4XZZQ1eZrtoTNou13xDYpL5NlQvdRQm08ykerjT3v
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmRrOMpJvRJpVb8aijJ8Yj3NTTW6KOw1a-oZWkPX9yphZoQ7lcbdD7X0hDE4XZZQ1eZrtoTNou13xDYpL5N...

170 B
329 B

24ms
24ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmRrOMpJvRJpVb8aijJ8Yj3NTTW6KOw1a-oZWkPX9yphZoQ7lcbdD7X0hDE4XZZQ1eZrtoTNou13xDYpL5NlQvdRQm08ykerjT3v

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmRrOMpJvRJpVb8aijJ8Yj3NTTW6KOw1a-oZWkPX9yphZoQ7lcbdD7X0hDE4XZZQ1eZrtoTNou13xDYpL5NlQvdRQm08ykerjT3v
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 29 Oct 2023 00:03:25 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2424 70 B
149 B 113ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK95pQ6QipAoox8M1cHk0Hw&google_cver=1&google_push=AXcoOmR4ccM2ImrZ6ud3I94AfLfmEK0IFvx2oPJhh40tKGOGZV5snIM3Yyv-jMeh7zQ0ZscgfVjN9ranNIShHf8cfhuFJLmg9JrbFBzs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2424
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM-Ruv-AefS4fWgO2l7g9MA&google_cver=1&google_push=AXcoOmRYSC8S042Cd3qQCAdRm7mFg6dPhiCtNHgrIIe0kBMzKP1BIaiUgPvT3Bv5pLan4eswQNJL6jpX...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM-Ruv-AefS4fWgO2l7g9MA&google_cver=1&google_push=AXcoOmRYSC8S042Cd3qQCAdRm7mFg6dPhiCtNHgrIIe0kBMzKP1BIaiUgPvT3Bv5pLan4eswQNJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMzczNTkxMDQzMDI2MjE1MQ&google_push=AXcoOmRYSC8S042Cd3qQCAdRm7mFg6dPhiCtNHgrIIe0kBMzKP1BIaiUgPvT3Bv5pLan4eswQNJL6j...

170 B
188 B

25ms
24ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMzczNTkxMDQzMDI2MjE1MQ&google_push=AXcoOmRYSC8S042Cd3qQCAdRm7mFg6dPhiCtNHgrIIe0kBMzKP1BIaiUgPvT3Bv5pLan4eswQNJL6jpX6doblzCcKE8890q62kNe9oMt

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMzczNTkxMDQzMDI2MjE1MQ&google_push=AXcoOmRYSC8S042Cd3qQCAdRm7mFg6dPhiCtNHgrIIe0kBMzKP1BIaiUgPvT3Bv5pLan4eswQNJL6jpX6doblzCcKE8890q62kNe9oMt
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 2424 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 2424
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDSaRMZL9Mve...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRR9-pRWLGA0DmQFAqIJ3E_DUX1P4HGFkl4TjyIzMrpsSSc0w3fHqPl-x-zNwNORd3d6rnQKEMyVkVOJnSwpaC8McNLDrlTl9fsPQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

33ms
32ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Mon, 30 Oct 2023 00:03:25 GMT
pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2424 0
130 B 59ms
22ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXMauKtVrQdhMPAkRJobDle3u0Vfm1pmIJ7Qn7ZZPlj8r_p_Vg_bv57wb9ynszDfbpo8J48QM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7BB3 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 19:24:32 GMT
expires: Mon, 28 Oct 2024 19:24:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 44B3 829 B
560 B 32ms
24ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3f73c5903a0c14bd5fedd4c1c5523d3d5640d7a8e15f7598d1363ba3a08d91d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DiB8OdSdUdXMvMqIPEyIbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DiB8OdSdUdXMvMqIPEyIbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:03:25 GMT
expires: Mon, 30 Oct 2023 00:03:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BB3 38 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 18:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 18:27:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 9134 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 18:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 18:28:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 9134 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 14:17:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9134 0
0 22ms
21ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5zXKt_Evi7O8N6M6lxIU96tvRjx9c55hJBA1PdjGm37CxbBwMAQhrvP8xJDw_GIU1vLsvdo63jKsCdZPVj48H1wzW1w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9134 187 KB
59 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 00:03:25 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9E95 2 KB
1 KB 49ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQAAvMwH_Z8oAABKcpj_Ez4c05ER7E8bYg&u=%7C8UsDLm2ztabgCG6UvyCXULadf3glkB6KZFW3Iv5OkUY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v6b8Hii-U2EU24jWtQXwEQxnZeT5ciWawSLfTAHwQ4xmtrMk4vVfgD5x61rAhxzPhfRUiYdOe46vw5G6yj-4oPEGWd3oSqYTDtrZORpxEeKCEkbYbXxo2ywyaoeNqnjA7YXmg05ZyNkOvpwaVi2LCvTcXi9XXxeNHjlutPeikcay2ojTSK8oTJ9JRGZ7n8q4kTU-DO3OkK4k2axpPKVm4fy_1NNbqI2mEHZxLnmc_Vhc4XZIdPavnprlwS7xju-AhZDvFOlTWfR_3jTw8KvPvLN9OSofRjwgnHROUWTFCGyUhuLw6d5bnbxArNT_9nTVDLZ1LAQU_o203ctipzzx9TQ27WsNplFpR0mrfEGm1Nev8EnkqJojxsNf7FI-FGuCfNDVg2-cnLNhVAO4KUWV8Er8xHyVv-5YbLooBiSplLcSvLbLWCpqDu5x21HX-4JWs5espAh5TcwkcgR8dRE-PgMsP-qtVEdoF2gT2q6M4COPZOgFEI82oMXM8b7wuT5aMfNHi1IUwbQRrvvtHAbwjQY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtp_BzfI-Zcz5Aqi-9u8P8pSBuAnJntKxXKX8k_dwwI23ARABIABglZKfgrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_QV7St6GpVsOQ-MGZX7flQO1nDaO5JUBhzZXzhtdU31Sul-PRHojPBID5v2OzS2FFiY2vKowm0Asejpm86Hz9yVf2EgEYctXa04fXa73Ou3QT1__EZeQVauKDZItLP62KiorRWh6_anSDYMP0-dnTHPOmRFrGvIsBX6DvHVEcrLgn3sO11PeisUo4TmRoPmiknSL_n8jwq2ZKgPm2B4v-LUSCAxYn0WJIrL4j076ai_jmYc74nqaL31edQCqHcJIi_EGLcfZreDo04pFBDaWd1cdI8v7UhOymV5ktxnxXtskkaJ7f78DqwAYG1CWtTXQ3E-iqrGnTjx6oQ_Ni_q_rPW5Yj4IAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2pcLoAfOnWY-4b4DYBfew2OAdKtA%26client%3Dca-pub-7176323234405639%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9E95 2 KB
1 KB 47ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9E95 308 B
636 B 27ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9E95 293 B
621 B 29ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9E95 43 B
348 B 94ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=x7wZuAppRPGR_vd8Azq2od9jglkpFdJezeWy8eW1805C0Rtx539hhqYAnJhiwJDvgcQC1eCh7XWjeMW4qKGowrNBPKTcclvQmIfGvQiYsQ2rWGa_SCl9OlyUPrDLl711X7bQXGjYiglBUKficMk1WemFP6vN6xnfjORnCzKacJW7SqCDCJeOHEMbnkd0p22PzNlD4TNtgDknEezWi6-jrvD2ueuSP1-L63m8wxBOGXpqSQ2ANgPJjXjNJSGmMQ87PPbJMENyGBmcoAFpSYw2_7-avvpOgIZzaOWLRsB_9dxd40-oRFv4eeXmk6P-e1BDDqf9uSrZbcM_zZ9RSLG3TUQKdRgxTR_JNOETL1QGuI85LHuRyK7GOWefF-U5_d6dShusR4KPIZ3zgnHr3gIjh9v3FiMTTi3MC_o7pA-4u21morVW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1669028
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 9E95 43 B
1015 B 115ms
20ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=653ef2cd119f0efe2539cd4fe161481f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Oct 2023 00:03:25 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 30 Okt 2023 12:03:25 GMT
X-ET-Code: 11
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ads.eu.criteo.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1051
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame FEB9 3 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 18:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 18:28:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame FEB9 20 KB
8 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 14:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Nov 2023 14:17:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FEB9 0
0 26ms
23ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuXTiXOQzDGpvmeGs5BpI6kmLkTd4HFsG_PSxsDpeL-_m2dcefl5rgBXLtC2twLp0qGUYeQ_jBzitD5yIriVb_0CpT3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEB9 187 KB
59 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 00:03:25 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5A4C 141 KB
49 KB 53ms
52ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQADwgEH_ZOuAA6lb5ack5mmAA_ZCvlzXA&u=%7C8UsDLm2ztaay3G3%2BZEM18nrxbzMJ1Ny4fRvuGF0ZGY0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v233Yc6SehuHrq66kgea2lBRZFRkcA_AgXe4sHe2X2riIbsHEISOIyTec5Xlb9ARg4J03ZiK-FDAnV1eNNgbUOm1oiNgSjiP4GZUTgTdhxdVkm8U7bIsdHZKgWAT1vgK13ae1th_73XpjYK66a-hz7b-JDRj2ffMi2_Ok-DLUTNcS4MBNN9PuJaBIPV4h7IWaFpQ_pddpukldk16fTGnXUDEnaeLx9bwgNTWgl7-2s3uwX8i7Ttx7m0fkltR-i5sRspuWhc4sxkRmXEveizH6Ai1nNNVCtLBXLXo6hKhPMNlzYoHTt18p6-GfoO5IRz5_nJtWKa4kBLylShvL4O91fD9JFxAmDQu2cXeabowI0kTi43-ICuKUzKBaS4Eeuo2B3sfyIxH8w_dg2hCR0zQr8DEutwl-_hDArfBEbGOlX4ZioHsiKYJXjPfnlqteoqf6LUAEplA_XRsQghDyXJLevgUFh1jnSFwx5MlTdRcvzxC698-6jgW7PZJRfcyIW0QIh_q9CvlDeUasAiQ-ovYB3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeqknzfI-ZYGED66n9u8P78q6kAjJntKxXPWdmPdwwI23ARABIABglaqggrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_QQpf_i_QrbuZVfRvTYiddRDQNI2WC_q6crwhtTRxFP-baXF_j1OhSTzeFQ7iQAD2I6b3PBEQjRw0Ot2H8HXUo7gO5TVz95nWJ_0XOYzIElB0FYRIEv0zrVqzVff22u6oT1JU47ViuhDnSA7FcmD-uJxygKbNq1Cp1R-ISWwVc4HMolvTJsh4RGdYS0jM6ZuPEZ6Fs5xMQoiTnlIhZrm_57aim4lU98W3frtjlodiiE4TrYvGJM6JyfwPKPmlaQCfdocDEmVoaBBe2qFegvFfmMug275tv_2fcOy3oQb-Vgt7_S3U2Oy0l2jYxV8VFdtBudS6JIPR4tVk_k_T7rvGouiMr5oAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ycj0z3uF7kZhXw6FDkGZ-nTi-cw%26client%3Dca-pub-7176323234405639%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1fd6102c4ac4cf0b3a9af2138e295fc277c58d3b1c6a71b454c9b59ec042aef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:03:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bblqBbFmlqacomGLxbQikw0Uh3u8pvrSNS5CemunkjtEWMwB7dYObWuqphoOmeJVEvgQ6Gh3scbhE9H0NZIy2WOUqhs1b49e8ODJSkD8sqMTb8XmuQd-DSGypswnqke_Fa_oNWscg2alEDECn_3mgkA_gzjX8mreH1VUhYwESQDL4LvyGDzHZMaj_MiP5EwdkKM9_NSEEz1yXdBDqK01wdJQtNqG_hgSfuLZMCcMyq0NXkS0QKomck2CKmt04X-UIcf73w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 37463542
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 70D6 1 KB
643 B 17ms
14ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Mon, 30 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9E95 12 KB
5 KB 36ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1739640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgyYeBrpVqp9aTHPvRLP9sXXWHVx2N9mA6Bn72uzfMDRst5ipiSVH1rBcU8jRrXmPzIEuZOEfh3R3m36EoxrRvfQ%2FWVmETdzsN8GD75aroAw7DRBiLOfO7fgiNfAU4GKoCdxXMONf%2BsVsll%2F0Mtdr8n1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81df65242a0e900a-FRA
expires: Sat, 19 Oct 2024 00:03:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9E95 12 KB
6 KB 30ms
23ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F179 140 KB
49 KB 57ms
55ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQADysQH_ZPoAA368ybBjEr_DYZ4V1ZlWA&u=%7C8UsDLm2ztabh31VD9OQIe8VZk0qvllgjLHZ3bQK0jyo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v3fpKzA3HitlsCfuDXlP1arKvZZWdLPx2o6QCbWqAqWnIQLj_Z_6o0wLGKa4qfg76oXO1AP54nuAJSFGSz9KOy_r89plAuQZLyFTMhbVd4cOUJP0ovrEx2Em11fPxQtajQZfffGnntD498VKjjNyt_o8DHkwI4WrOoKoopOPXHoF2-TvQ0KS8yuvta_eYOyB5oUosbHHJKREbokZeD-7Ci3uxbSKZ-VZjpEoweg6QcECFpzAX1DJHjzO8aqYRWuXtzyxa_UNuW9CJON8jFWAJJXJkCPw4CNtaglUkEwaw8qIhQScuUB47CjHsf8tSi9Lw9WUz81nST_mqZfqAvlm-ejMX44iABDrx_zLN_DyLSoU1ZH-xTlsA_wM7C2v62f7raK4syLfQGlOUEYTxaXpVxP2OEfW1iztEp88Q3yOvniZeB5o0U2gvzu1xJXNDMMP91Z-4XhiyU9MC3ztFG3sEQTPRxhOlbxHPwhmgqni6Y5TVmOJHMGeCctIIXWvrtYj4MLGaUMEhxzilwoOSsDTejo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3s3NzfI-ZcSVD-in9u8P8_W36A_JntKxXKX8k_dwwI23ARABIABglZKfgrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_Q6Fd2jmOiiQ1lU6S61ZiHTvTZ0Gmo49s1EdzhGvQy6zWg6JudpFxI7bNopE0Pr-2a_9GWtIprPBL2AJJLq6kuqIkHUWTVdRVEqOTjwFeFH7COoQATnwq49uEd2I2gv4YNsMGp9j4UW6GhWYqILGE71tVe51-3WXsmLaZ-VHWVY1MJa_wh9lYuE36j8mRjoc_FoS5oNaubbE4NqurzwFtVWDJm0QKu_zQ0pATtFeieVX9Lca1rVDzBWG9OkLbxwo1NFykdWBdfWVqqpbyx8xrW_V4gzpJIZAhHJq7yhg71iAUJPx2I_YvwNGooGYv5tbvUzO7Z122uUuNgsEs6N2avqzgdsoAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16MBYIYruzrmJd51SSr4bqo4lsOA%26client%3Dca-pub-7176323234405639%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6b82e32f83a83f6f4a6244f0acfd4c3b001ad6e42173df8b7e88d801332bf839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 00:03:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=M7tmR7FmlqacomGLAi9KWA-Y5IgTSbDxp_a4h_7Ex0rH8h5XDj2IQbLWv4fKxN4d6ytUdCrkW0F32y6t--zqXQO9AjwXx4dlrGSNEflIgQKJViQiK0GES34J_s5lLv0Cvw3bMqZ7vikCXQBxjRYHfjAEZiYimP922Gk2OmZy_0RDspPzrqX9iQYj0bNccz0Z6hE6zs0OpAYk8xbTvVZNQYLc5KrwCf7DOwbH0moW6Gpm3WOKgxwgb4afFbP0pmK3DDsFag"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 42283760
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 91E6 1 KB
643 B 15ms
13ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Mon, 30 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff
static.criteo.net/design/dt/ Frame 9E95 31 KB
31 KB 55ms
25ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 May 2018 05:53:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5af13b73-7bb4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9E95 9 KB
9 KB 76ms
16ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Ff72c9b427a974b29a26231c07646f1bb_breuninger_de_all.png&v=3&w=196&rid=4&s=jyIYUdS91Ep35I5llk9tH6DP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

353bacdd3c58907d45e2ea06973469dc44a9d416e95f698fdec7606283b5507a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9507
expires: Tue, 24 Sep 2024 04:28:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9E95 162 KB
162 KB 92ms
32ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F4938417%2F9c3f105d831947b7adb871dc42cdc695_img_horizontal_1.jpg&v=3&w=1200&rid=4&s=ojLMh5chhZWeNPYJ-GV2QbIA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c182b7f8bcc45ad194599120c4908124b6be53ab43e9278cb97db45e4842eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 165954
expires: Tue, 08 Oct 2024 06:22:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9E95 5 KB
5 KB 85ms
25ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F12%2F100140158419500_0_1670759205819.jpg&v=3&w=800&rid=4&s=lKJNsq_FtdMIBo2DvC5Y-EL1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0b3a4fdabd88b72211ccbb4b7dd14ad7f971d7d8356daed88334bb442d6f3854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 5254
expires: Sun, 07 Jan 2024 06:27:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9E95 0
128 B 60ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=2-GgJ7FmlqacomGLkW6WQtyBpt6rW8KELVefqvTPftCkcwi8IQgJ3P5y5usvtpQAd-KWS4qOdxu0Lhdx36u92JtT80iDutVzauq5zfMazqATfWo5-6lfbTXjdR-orssoE6nmZ-7Pu50CTF0k-oqM8rz7Dayt75Tmk00Sr1hf61Ak8DxstcRO6DHJS7LenzUK9_CO6J4G7HJSa-DGU8gviFI5f9tVUE_0vru06duztAi0VdEdZC0kLUNvcPIMV4h0PUzsmQ&sds=2&rev=89054&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9E95 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9E95 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 44B3 0
0 48ms
48ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231025&jk=2958395698853965&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5A4C 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQADwgEH_ZOuAA6lb5ack5mmAA_ZCvlzXA&u=%7C8UsDLm2ztaay3G3%2BZEM18nrxbzMJ1Ny4fRvuGF0ZGY0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v233Yc6SehuHrq66kgea2lBRZFRkcA_AgXe4sHe2X2riIbsHEISOIyTec5Xlb9ARg4J03ZiK-FDAnV1eNNgbUOm1oiNgSjiP4GZUTgTdhxdVkm8U7bIsdHZKgWAT1vgK13ae1th_73XpjYK66a-hz7b-JDRj2ffMi2_Ok-DLUTNcS4MBNN9PuJaBIPV4h7IWaFpQ_pddpukldk16fTGnXUDEnaeLx9bwgNTWgl7-2s3uwX8i7Ttx7m0fkltR-i5sRspuWhc4sxkRmXEveizH6Ai1nNNVCtLBXLXo6hKhPMNlzYoHTt18p6-GfoO5IRz5_nJtWKa4kBLylShvL4O91fD9JFxAmDQu2cXeabowI0kTi43-ICuKUzKBaS4Eeuo2B3sfyIxH8w_dg2hCR0zQr8DEutwl-_hDArfBEbGOlX4ZioHsiKYJXjPfnlqteoqf6LUAEplA_XRsQghDyXJLevgUFh1jnSFwx5MlTdRcvzxC698-6jgW7PZJRfcyIW0QIh_q9CvlDeUasAiQ-ovYB3Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeqknzfI-ZYGED66n9u8P78q6kAjJntKxXPWdmPdwwI23ARABIABglaqggrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_QQpf_i_QrbuZVfRvTYiddRDQNI2WC_q6crwhtTRxFP-baXF_j1OhSTzeFQ7iQAD2I6b3PBEQjRw0Ot2H8HXUo7gO5TVz95nWJ_0XOYzIElB0FYRIEv0zrVqzVff22u6oT1JU47ViuhDnSA7FcmD-uJxygKbNq1Cp1R-ISWwVc4HMolvTJsh4RGdYS0jM6ZuPEZ6Fs5xMQoiTnlIhZrm_57aim4lU98W3frtjlodiiE4TrYvGJM6JyfwPKPmlaQCfdocDEmVoaBBe2qFegvFfmMug275tv_2fcOy3oQb-Vgt7_S3U2Oy0l2jYxV8VFdtBudS6JIPR4tVk_k_T7rvGouiMr5oAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3ycj0z3uF7kZhXw6FDkGZ-nTi-cw%26client%3Dca-pub-7176323234405639%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5A4C 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5A4C 308 B
636 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5A4C 293 B
621 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5A4C 43 B
347 B 16ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=StsnUAppRPGR_vd8Azq2od9jglnx01JYI-W9NASYt2cZCPKoevJHAWdMmDV1vuRUCxcuO44tgqNkH1-26E72pDBoq4dKwKXShMeZTjCvrCsBTKTzqYMLVKnZkMsxrMTDaTT4dHk5Mji396tl3mmRQCOQ3oEToAYws4KijWC5AP5GkbkIjVMekzf7uePNlKxG2g46Qob3XT7AoHlzAvkRQRk2yyaXsVAxquOojWpTj5sBnH_yZmg03jP7oqQwpJV4rcC5SUJpDGAvXy9wxQAVoXDGyraGudPz8RO8mROta44erROQRdoTI5ugqo2ZBWFspbs3HaaLBOkdntveFeVoj4lzxZfG7-1FmsFKiwJsCkZMc77eVGznQDGrvq66SloyBfQsuJL_z5ixdN6VLwGQfwEUauKF_a3zNF3j-EM99RGS1R9CcG3OhUZvKlY8tohJEN6U_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1754270
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 5A4C 43 B
1015 B 84ms
20ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=653ef2cd3ec87f012c768f8bb197d75a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 30 Oct 2023 00:03:25 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 30 Okt 2023 12:03:25 GMT
X-ET-Code: 11
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ads.eu.criteo.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1051
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F179 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT7yzQADysQH_ZPoAA368ybBjEr_DYZ4V1ZlWA&u=%7C8UsDLm2ztabh31VD9OQIe8VZk0qvllgjLHZ3bQK0jyo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867rlYwxdnhh6fqlDbhOj2SNLaxWtQNX1v3fpKzA3HitlsCfuDXlP1arKvZZWdLPx2o6QCbWqAqWnIQLj_Z_6o0wLGKa4qfg76oXO1AP54nuAJSFGSz9KOy_r89plAuQZLyFTMhbVd4cOUJP0ovrEx2Em11fPxQtajQZfffGnntD498VKjjNyt_o8DHkwI4WrOoKoopOPXHoF2-TvQ0KS8yuvta_eYOyB5oUosbHHJKREbokZeD-7Ci3uxbSKZ-VZjpEoweg6QcECFpzAX1DJHjzO8aqYRWuXtzyxa_UNuW9CJON8jFWAJJXJkCPw4CNtaglUkEwaw8qIhQScuUB47CjHsf8tSi9Lw9WUz81nST_mqZfqAvlm-ejMX44iABDrx_zLN_DyLSoU1ZH-xTlsA_wM7C2v62f7raK4syLfQGlOUEYTxaXpVxP2OEfW1iztEp88Q3yOvniZeB5o0U2gvzu1xJXNDMMP91Z-4XhiyU9MC3ztFG3sEQTPRxhOlbxHPwhmgqni6Y5TVmOJHMGeCctIIXWvrtYj4MLGaUMEhxzilwoOSsDTejo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3s3NzfI-ZcSVD-in9u8P8_W36A_JntKxXKX8k_dwwI23ARABIABglZKfgrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSFAk_Q6Fd2jmOiiQ1lU6S61ZiHTvTZ0Gmo49s1EdzhGvQy6zWg6JudpFxI7bNopE0Pr-2a_9GWtIprPBL2AJJLq6kuqIkHUWTVdRVEqOTjwFeFH7COoQATnwq49uEd2I2gv4YNsMGp9j4UW6GhWYqILGE71tVe51-3WXsmLaZ-VHWVY1MJa_wh9lYuE36j8mRjoc_FoS5oNaubbE4NqurzwFtVWDJm0QKu_zQ0pATtFeieVX9Lca1rVDzBWG9OkLbxwo1NFykdWBdfWVqqpbyx8xrW_V4gzpJIZAhHJq7yhg71iAUJPx2I_YvwNGooGYv5tbvUzO7Z122uUuNgsEs6N2avqzgdsoAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_16MBYIYruzrmJd51SSr4bqo4lsOA%26client%3Dca-pub-7176323234405639%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F179 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F179 308 B
636 B 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F179 293 B
621 B 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame F179 43 B
347 B 19ms
17ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0TbSpQppRPGR_vd8Azq2od9jgll8Sn9mUkrHIdsPG9PrHBbNByByAOLdMZ7urYDSnLnwdGTDmlEHLtJyR-pCZhDCnwFgzXwS-t0ZlSRxOKgjV4bC7gBy7OuIWGuY_qxhoDZfhv1NugzPXtBZzxG5pN4NOXgSLWFIHaQOu8lJpw1wHfc8opK5z-veo8mHxpiKgPqjxgIZGwi0EtK722MCDwFiguGuz5BCpk1QaE2GLY8bqH9QEvLNY_oWl59dXQY9x1Ktszjh237hIio6Cbmb4qt48oLAV3985d0WC7Mt-OFuQitS0pEKZ7NRDQgyHEPSk-QgYEChax1Ha3GYuBZ1zfJpaTNI0tGlUYds7_UhfSDC8sMlspzltUPTtrWZwc1exw2BeZGeupUnXh7jJeBo2IZ8nyzVcgj_ktF7PH6x0JXQbhMXLhYwgOWHl-95fucIUFRW4w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1982331
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame F179 60 B
60 B 66ms
17ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=653ef2cd1c30ae64f160483fc246aa60

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 00:03:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 30 Okt 2023 12:03:25 GMT
X-ET-Code: 11
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1051
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5A4C 12 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1739640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVknXY7Ws%2FHtASExH0H4dh5vbfsGsORQpmKcIRBezZXGyPRVpcoZ%2F%2F9g3lOckLYVskvH4CjQn2aneCAxB5faVgY384osMev8o%2FSH%2B0o%2FPOXPfGREgq3L1aml5r%2BDHoJsYic7rEiI%2BtxJRMftVWElN1Zb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81df6524ca68900a-FRA
expires: Sat, 19 Oct 2024 00:03:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5A4C 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 70D6 35 B
463 B 61ms
9ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF1Ab2ZTCjzp0i_XqYzzDbE&google_cver=1&google_push=AXcoOmShROg02bxKy6p9Fb6xAXaQd98gP7nWl5nMqbgVcrtFKZABz4fJRgsEfugjGfGfZdIX4EAkfjnI30QUshcrZosqCQUShGBbRwLW

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 70D6 0
103 B 23ms
14ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF1lQwo1nJ2h1gHhdK2tEIg&google_cver=1&google_push=AXcoOmToebrIFKxWZausF8I8GR7t4_wBnXOHgLG2r_o-qriXKVZxbAVaLE-bsQlFR0_AHzRdjozch6_rmwW9q01t1nkdLHsyLidPTQEK
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 70D6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKJjqQ6aXQzeByBvuFMvfco&google_cver=1&google_push=AXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tm...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKJjqQ6aXQzeByBvuFMvfco&google_cver=1&google_push=AXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4...

43 B
424 B

197ms
196ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKJjqQ6aXQzeByBvuFMvfco&google_cver=1&google_push=AXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tmEaA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tmEaA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81df65263acd5bed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 621
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKJjqQ6aXQzeByBvuFMvfco&google_cver=1&google_push=AXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tmEaA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRJceQAZIfUxltrjBf8_99zWTRRSTcu7Ipl3UTGqNHTNEbiVAy76_IoeZW2yfd_kGTcgCY6vPIOLPrp3n_7DuYguCvx-t4tmEaA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81df65251a445bed-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 70D6
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPh34hq3t-YqGozT5TMrlao&google_cver=1&google_push=AXcoOmSqNAc4tTUD2LbhO1bE8dzOscEifap2v9oeZ7bnLhPskRJGq3S3XwaF8a9c7_qQ2pcqzuCioATTZ7UAxobkSNpSCSGig4ctXDBx
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmSqNAc4tTUD2LbhO1bE8dzOscEifap2v9oeZ7bnLhPskRJGq3S3XwaF8a9c7_qQ2pcqzuCioATTZ7UAxob...

170 B
188 B

25ms
24ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmSqNAc4tTUD2LbhO1bE8dzOscEifap2v9oeZ7bnLhPskRJGq3S3XwaF8a9c7_qQ2pcqzuCioATTZ7UAxobkSNpSCSGig4ctXDBx

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmSqNAc4tTUD2LbhO1bE8dzOscEifap2v9oeZ7bnLhPskRJGq3S3XwaF8a9c7_qQ2pcqzuCioATTZ7UAxobkSNpSCSGig4ctXDBx
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 29 Oct 2023 00:03:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 70D6
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENVYpbnKQbbVLwYHa5ZuH4c&google_cver=1&google_push=AXcoOmRdoq6KQEarIav_yQ4Bvi4wXylqJROY6eiWyv2kgRv8SgOWmjYc7EqKoI7ckomZu5l7qnz1t5FI-Kc...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRdoq6KQEarIav_yQ4Bvi4wXylqJROY6eiWyv2kgRv8SgOWmjYc7EqKoI7ckomZu5l7qnz1t5FI-KcS_XS12ISBi6s1mX3OCyM&google_hm=Dpdz7DwuSFKbzB1hJ...

170 B
188 B

27ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRdoq6KQEarIav_yQ4Bvi4wXylqJROY6eiWyv2kgRv8SgOWmjYc7EqKoI7ckomZu5l7qnz1t5FI-KcS_XS12ISBi6s1mX3OCyM&google_hm=Dpdz7DwuSFKbzB1hJ7fLSI4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRdoq6KQEarIav_yQ4Bvi4wXylqJROY6eiWyv2kgRv8SgOWmjYc7EqKoI7ckomZu5l7qnz1t5FI-KcS_XS12ISBi6s1mX3OCyM&google_hm=Dpdz7DwuSFKbzB1hJ7fLSI4
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 70D6
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEE84G2nLiHG1uOqUa-0pIuA&google_cver=1&google_push=AXcoOmTdObLZbuN6-QTq7Z5gDvEl-m3f3uysoJalpxxzxCNALn9m8nxTvFqaFOgJ6an0g6gYNSTYstXmRpj7dqzd...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=EynoGXmBRDQyDHUs8LXg5A&google_push=AXcoOmTdObLZbuN6-QTq7Z5gDvEl-m3f3uysoJalpxxzxCNALn9m8nxTvFqaFOgJ6an0g6gYNSTYstXmRpj7dqzd_V4dqFRraeraMyor

170 B
188 B

28ms
28ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=EynoGXmBRDQyDHUs8LXg5A&google_push=AXcoOmTdObLZbuN6-QTq7Z5gDvEl-m3f3uysoJalpxxzxCNALn9m8nxTvFqaFOgJ6an0g6gYNSTYstXmRpj7dqzd_V4dqFRraeraMyor

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Oct 2023 00:03:25 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=EynoGXmBRDQyDHUs8LXg5A&google_push=AXcoOmTdObLZbuN6-QTq7Z5gDvEl-m3f3uysoJalpxxzxCNALn9m8nxTvFqaFOgJ6an0g6gYNSTYstXmRpj7dqzd_V4dqFRraeraMyor
x-host: tde-deliveryengine-production-5bf79cd4ff-6ck6v
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 70D6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJCqO1XiGbGWM8PKt-yvYTA&google_cver=1&google_push=AXcoOmRhaY4JOl4sVynpYIRxoqxPs09zj0oBWRdOzLyOxNssFOfevo432NmW516tksO6WeZ1AKUv7NJ8...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMzczNTkxMDQzMDI2MjE1MQ&google_push=AXcoOmRhaY4JOl4sVynpYIRxoqxPs09zj0oBWRdOzLyOxNssFOfevo432NmW516tksO6WeZ1AKUv7N...

170 B
188 B

24ms
23ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMzczNTkxMDQzMDI2MjE1MQ&google_push=AXcoOmRhaY4JOl4sVynpYIRxoqxPs09zj0oBWRdOzLyOxNssFOfevo432NmW516tksO6WeZ1AKUv7NJ8ICEzDbnlA0FCEk0TPjQUAjmQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjAyMzczNTkxMDQzMDI2MjE1MQ&google_push=AXcoOmRhaY4JOl4sVynpYIRxoqxPs09zj0oBWRdOzLyOxNssFOfevo432NmW516tksO6WeZ1AKUv7NJ8ICEzDbnlA0FCEk0TPjQUAjmQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 70D6 0
12 B 41ms
35ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ly4eQGGThmGoBrRen1ZIQ6YldIJ8qnKB-BQultJrfQESnrm0J9wmYbho1pnIRaN3rcZGsP

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 91E6 0
103 B 38ms
32ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELfhoM0b6UJhtpcGI7B8Fo4&google_cver=1&google_push=AXcoOmRg-6P_MMhlH69ST_DmoxvQLb3o8EPA4dA9skLOuXkQlSaZSiavWfPvAXTzHceAdaov_nJlgUKc1Hs_5QSDIKAp6uPeBOWUNixN
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91E6
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB3wGiTFlDuLbOeS3kE58WE&google_cver=1&google_push=AXcoOmQ1cbhIbzzLZYRD1gxaQmEabO6pQalh8p1cBaAWJUo7h862BqZ9friHN0-KcsfMDzdK1i1KuCLT4529UDCYBAcMhuM1kOrsHbTJ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmQ1cbhIbzzLZYRD1gxaQmEabO6pQalh8p1cBaAWJUo7h862BqZ9friHN0-KcsfMDzdK1i1KuCLT4529UDC...

170 B
188 B

25ms
25ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmQ1cbhIbzzLZYRD1gxaQmEabO6pQalh8p1cBaAWJUo7h862BqZ9friHN0-KcsfMDzdK1i1KuCLT4529UDCYBAcMhuM1kOrsHbTJ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E48664C4E834456980E77494DA3F63BA&google_push=AXcoOmQ1cbhIbzzLZYRD1gxaQmEabO6pQalh8p1cBaAWJUo7h862BqZ9friHN0-KcsfMDzdK1i1KuCLT4529UDCYBAcMhuM1kOrsHbTJ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 29 Oct 2023 00:03:25 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 91E6 0
173 B 83ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIetIj913QZjyAp_xuQp88o&google_cver=1&google_push=AXcoOmT-w92KZYsGDQ3wWk4nJF3utj6EsarwZGms60K5QD4V7yCdVxseC7VgSdCUXDey3JJKLyROh74eiXArUXNUOwHThaMa5CnO8KA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91E6
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDN-WUV70rB04Ffl8v3fgtw&google_cver=1&google_push=AXcoOmTFzCHZPwwDxBZAdLccrK5NXEIoo8_XBjMIcZvY-HQDcGBDfwdyI0P-BGIxxcC6imgiX1PS87K5lZEL4Y...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NTUzNTQwODY4MDMzNTUxMg%3D%3D&google_push=AXcoOmTFzCHZPwwDxBZAdLccrK5NXEIoo8_XBjMIcZvY-HQDcGBDfwdyI0P-BGIxxcC6imgiX1PS87K5lZEL4YQllx...

170 B
188 B

26ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NTUzNTQwODY4MDMzNTUxMg%3D%3D&google_push=AXcoOmTFzCHZPwwDxBZAdLccrK5NXEIoo8_XBjMIcZvY-HQDcGBDfwdyI0P-BGIxxcC6imgiX1PS87K5lZEL4YQllxZWfkkRn4U_Sh91

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NTUzNTQwODY4MDMzNTUxMg%3D%3D&google_push=AXcoOmTFzCHZPwwDxBZAdLccrK5NXEIoo8_XBjMIcZvY-HQDcGBDfwdyI0P-BGIxxcC6imgiX1PS87K5lZEL4YQllxZWfkkRn4U_Sh91
Date: Mon, 30 Oct 2023 00:03:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91E6
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELy1Vl8o1Au_-X03dP1MC5g&google_cver=1&google_push=AXcoOmTiQZx3wyZhHjfGSvmjxBAYWu-Vsfly-gcovQreGTRtIG5sZKWXxlLx61OpuNimYCbsqLdkU0tqV5CkH5Ky...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TeBfwjo7Qs4Oe6mGiTOzvA&google_push=AXcoOmTiQZx3wyZhHjfGSvmjxBAYWu-Vsfly-gcovQreGTRtIG5sZKWXxlLx61OpuNimYCbsqLdkU0tqV5CkH5KyrLRfDqzO18-L7w1V

170 B
188 B

30ms
29ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TeBfwjo7Qs4Oe6mGiTOzvA&google_push=AXcoOmTiQZx3wyZhHjfGSvmjxBAYWu-Vsfly-gcovQreGTRtIG5sZKWXxlLx61OpuNimYCbsqLdkU0tqV5CkH5KyrLRfDqzO18-L7w1V

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Oct 2023 00:03:25 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=TeBfwjo7Qs4Oe6mGiTOzvA&google_push=AXcoOmTiQZx3wyZhHjfGSvmjxBAYWu-Vsfly-gcovQreGTRtIG5sZKWXxlLx61OpuNimYCbsqLdkU0tqV5CkH5KyrLRfDqzO18-L7w1V
x-host: tde-deliveryengine-production-5bf79cd4ff-knclq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 91E6 43 B
146 B 49ms
8ms Image
image/gif 18.157.102.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENttZzQTL7S4I2YVcU4Ad94&google_cver=1&google_push=AXcoOmSIl4CFUjaZ38WwYwo6GKty3f76qRi0OTyRdFOpToWlbepsCaFlWzoKnYvvFJWvsq1jQqWc9ot_FYCaTJ3UQPHn7vq2HKrcYhQI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.102.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-102-82.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

report
sync.teads.tv/um/ Frame 91E6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHQH0lx5ARU3...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTjV1-35tf508T0pQSoXSLBbJuShvwfRyqMqPEI_PnriUj__Abk0v-WL3v-UxOe_oNCjB-jpzp9fP9D5LCoWXFUk9Yi8mM_NzuzHA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

47ms
46ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Mon, 30 Oct 2023 00:03:25 GMT
pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 91E6 0
12 B 38ms
35ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfYjb5bX-p7HUvz1lXs35aGUi2FmEmakMPVjuhgYtSblM-ykI7pyG__m8OYJZr8DGVP8jr2g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F179 12 KB
5 KB 28ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8735451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stACQowj%2Fm3mqAgYnbNwUoJnxvfjxjOE6WLRrl14KUT1h%2Be74ljEiV4ehSsi4OZbGkivw9hRayykbQeVhVedSMUNd70g%2BBtQSKW9YtNcYBUkS4ZqFY%2FtrgCSnh61W7BHPEmzi1CZY2gxmpVhUjyKSRDt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81df6524fd7d2c59-FRA
expires: Sat, 19 Oct 2024 00:03:25 GMT

GET
H2 200 c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff
static.criteo.net/design/dt/ Frame F179 31 KB
31 KB 19ms
19ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 May 2018 05:53:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5af13b73-7bb4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff
static.criteo.net/design/dt/ Frame 5A4C 31 KB
31 KB 29ms
29ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 May 2018 05:53:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5af13b73-7bb4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
DATA 200
OK truncated
/ Frame 9134 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15a863e62e6ba392b1be75eca4766285a25006ddd15a996cde35c477f20e3919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FEB9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4da01e4a5552d0cdc90295b4110b979e712b9c256dbe38860d59376dfe7e633

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5A4C 9 KB
9 KB 15ms
15ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

353bacdd3c58907d45e2ea06973469dc44a9d416e95f698fdec7606283b5507a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9507
expires: Tue, 24 Sep 2024 04:28:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5A4C 162 KB
162 KB 20ms
20ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c182b7f8bcc45ad194599120c4908124b6be53ab43e9278cb97db45e4842eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 165954
expires: Tue, 08 Oct 2024 06:22:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5A4C 13 KB
13 KB 15ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F10%2F100153013413000_0_1696928482183.jpg&v=3&w=800&rid=4&s=1tstF5k4_XBte2Er94G0bStB&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d41225ee3b9b4fbbc4d65324cc4eb3bfc31b3126d5331c0826de7067cf75a802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 12834
expires: Tue, 09 Jan 2024 16:16:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5A4C 14 KB
14 KB 29ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c0dbb818475e41b8327a9c1b147e8944f56f6a200849f572463f29d4bf99f891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 14202
expires: Sun, 07 Jan 2024 06:27:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5A4C 14 KB
14 KB 28ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F8%2F100148591813000_0_1693468903559.jpg&v=3&w=800&rid=4&s=baQQ8gGrmpHTk0yXfT3gYU-N&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

674cf12e9dce40d92d338b9dbcb33be7fceb062c9e280995ed35ce6f44f712ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 14048
expires: Sat, 30 Dec 2023 16:33:23 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5A4C 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=bblqBbFmlqacomGLxbQikw0Uh3u8pvrSNS5CemunkjtEWMwB7dYObWuqphoOmeJVEvgQ6Gh3scbhE9H0NZIy2WOUqhs1b49e8ODJSkD8sqMTb8XmuQd-DSGypswnqke_Fa_oNWscg2alEDECn_3mgkA_gzjX8mreH1VUhYwESQDL4LvyGDzHZMaj_MiP5EwdkKM9_NSEEz1yXdBDqK01wdJQtNqG_hgSfuLZMCcMyq0NXkS0QKomck2CKmt04X-UIcf73w&sds=2&rev=89054&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5A4C 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5A4C 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9E95 9 KB
9 KB 25ms
24ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

353bacdd3c58907d45e2ea06973469dc44a9d416e95f698fdec7606283b5507a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9507
expires: Tue, 24 Sep 2024 04:28:15 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F179 12 KB
6 KB 19ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F179 9 KB
9 KB 14ms
14ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

353bacdd3c58907d45e2ea06973469dc44a9d416e95f698fdec7606283b5507a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9507
expires: Tue, 24 Sep 2024 04:28:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F179 162 KB
162 KB 16ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c182b7f8bcc45ad194599120c4908124b6be53ab43e9278cb97db45e4842eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 165954
expires: Tue, 08 Oct 2024 06:22:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F179 13 KB
13 KB 15ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F10%2F100153013413000_0_1696928482183.jpg&v=3&w=800&rid=4&s=1tstF5k4_XBte2Er94G0bStB&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d41225ee3b9b4fbbc4d65324cc4eb3bfc31b3126d5331c0826de7067cf75a802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 12834
expires: Tue, 09 Jan 2024 16:16:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F179 11 KB
11 KB 19ms
19ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F9%2F100145967513000_0_1695812552401.jpg&v=3&w=800&rid=4&s=TknE1QWBvfCexR3PbxhC29Bc&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

577eea1c89554e6cf28d599e4240f397a9e9d4269cdbe4eb8815fd3aa98e80c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 11344
expires: Thu, 04 Jan 2024 11:21:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame F179 6 KB
6 KB 19ms
18ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Ftradebyte%2F02%2Fmedia%2F3328%2F384289-645d2affb2276.jpg&v=3&w=800&rid=4&s=APk8FAnmLxP5hWzFTPtpGwQp&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

40e859957529ed642eb594c3415853a96c3d55e26e6532576b4876ff2c459e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 6088
expires: Sat, 20 Jan 2024 08:59:46 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F179 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=M7tmR7FmlqacomGLAi9KWA-Y5IgTSbDxp_a4h_7Ex0rH8h5XDj2IQbLWv4fKxN4d6ytUdCrkW0F32y6t--zqXQO9AjwXx4dlrGSNEflIgQKJViQiK0GES34J_s5lLv0Cvw3bMqZ7vikCXQBxjRYHfjAEZiYimP922Gk2OmZy_0RDspPzrqX9iQYj0bNccz0Z6hE6zs0OpAYk8xbTvVZNQYLc5KrwCf7DOwbH0moW6Gpm3WOKgxwgb4afFbP0pmK3DDsFag&sds=2&rev=89054&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F179 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F179 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Oct 2024 00:03:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5A4C 9 KB
10 KB 17ms
17ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

353bacdd3c58907d45e2ea06973469dc44a9d416e95f698fdec7606283b5507a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9507
expires: Tue, 24 Sep 2024 04:28:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5A4C 13 KB
13 KB 16ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F10%2F100153013413000_0_1696928482183.jpg&v=3&w=800&rid=4&s=1tstF5k4_XBte2Er94G0bStB&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d41225ee3b9b4fbbc4d65324cc4eb3bfc31b3126d5331c0826de7067cf75a802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 12834
expires: Tue, 09 Jan 2024 16:16:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5A4C 162 KB
162 KB 16ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c182b7f8bcc45ad194599120c4908124b6be53ab43e9278cb97db45e4842eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 165954
expires: Tue, 08 Oct 2024 06:22:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F9E7 0
19 B 61ms
60ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CejKozfI-Zcz5Aqi-9u8P8pSBuAnJntKxXKX8k_dwwI23ARABIABglZKfgrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSCAk_QV7St6GpVsOQ-MGZX7flQO1nDaO5JUBhzZXzhtdU31Sul-PRHojPBID5v2OzS2FFiY2vKowm0Asejpm86Hz9yVf2EgEYctXa04fXa73Ou3QT1__EZeQVauKDZItLP62KiorRWh6_anSDYMP0-dnTHPOmRFrGvIsBX6DvHVEcrLgn3sO11PeisUo4TmRoPmiknSL_n8jwq2ZKgPm2B4v-LUSCAxYn0WJIrL4j076ai_jmYc74nqaL31edQCqHcJIi_EGLcfZreDo04pFBDaWd1cdI8v7UhOymV5ksznTR_MtrKGhEr1-A8IWgRB0xZ6wfq4qgf0klFNRUO0MAnYW7vsoAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MTc2MzIzMjM0NDA1NjM5GAA&sigh=8JUwbRjK8kQ&uach_m=[UACH]&cid=CAQSOwDICaaN3m6quVjta67mmmuIH4cjvM_UV8NBaIF5uIDll9AEzrp-UZ0GnhuVKyX5WzX7pgs4M8c-cG0iGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 30 Oct 2023 00:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame F9E7 0
125 B 69ms
15ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kbKVEMz6RPQImAKdg2ICAgAAAPScWjJ9ld1duNpWtxDM8j5lRlL9qVn9YZmTxwAAEgAACgpBUVVCQVFFQkFR&wp=ZT7yzQAAvMwH_Z8oAABKcpj_Ez4c05ER7E8bYg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 163635
server: Kestrel
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7BB3 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?L_t0LQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FEB9 0
19 B 59ms
59ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbbDtzfI-ZcSVD-in9u8P8_W36A_JntKxXKX8k_dwwI23ARABIABglZKfgrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSCAk_Q6Fd2jmOiiQ1lU6S61ZiHTvTZ0Gmo49s1EdzhGvQy6zWg6JudpFxI7bNopE0Pr-2a_9GWtIprPBL2AJJLq6kuqIkHUWTVdRVEqOTjwFeFH7COoQATnwq49uEd2I2gv4YNsMGp9j4UW6GhWYqILGE71tVe51-3WXsmLaZ-VHWVY1MJa_wh9lYuE36j8mRjoc_FoS5oNaubbE4NqurzwFtVWDJm0QKu_zQ0pATtFeieVX9Lca1rVDzBWG9OkLbxwo1NFykdWBdfWVqqpbyx8xrW_V4gzpJIZAhHJq6whC9nCJbZArtY2lF8FIOMF6zzA7H61GxtH1AIoFx-nFOi_fKPQoAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MTc2MzIzMjM0NDA1NjM5GAA&sigh=2IlRc7YPBAc&uach_m=[UACH]&cid=CAQSOwDICaaNf5AWeEMTMjatM4RnieBybxV-sGHiJfn4f7JK0kAzmver47ZmwbeLNZank7s4gEt40u39eNNsGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 30 Oct 2023 00:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame FEB9 0
125 B 29ms
14ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kbKVEMz6RPQImAKdg2ICAgAAAPScWjJ9ld1duNpWtxDN8j5lPji6qCaQLk8ysAAAEgAACgpBUVVCQVFFQkFR&wp=ZT7yzQADysQH_ZPoAA368ybBjEr_DYZ4V1ZlWA&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2465423644&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280&nras=3&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=EvzpYtx4aT&p=https%3A//krank.de&dtd=88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 179426
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9134 0
19 B 56ms
56ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMdBJzfI-ZYGED66n9u8P78q6kAjJntKxXPWdmPdwwI23ARABIABglaqggrAHggEXY2EtcHViLTcxNzYzMjMyMzQ0MDU2MznIAQmpArTQghl_ubE-qAMByAMCqgSCAk_QQpf_i_QrbuZVfRvTYiddRDQNI2WC_q6crwhtTRxFP-baXF_j1OhSTzeFQ7iQAD2I6b3PBEQjRw0Ot2H8HXUo7gO5TVz95nWJ_0XOYzIElB0FYRIEv0zrVqzVff22u6oT1JU47ViuhDnSA7FcmD-uJxygKbNq1Cp1R-ISWwVc4HMolvTJsh4RGdYS0jM6ZuPEZ6Fs5xMQoiTnlIhZrm_57aim4lU98W3frtjlodiiE4TrYvGJM6JyfwPKPmlaQCfdocDEmVoaBBe2qFegvFfmMug275tv_2fcOy2qQ54HAk0vdtPmHPep-t-VWeJPwNpAbaw96MneR-Yhv-xjZGWIU4AGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MTc2MzIzMjM0NDA1NjM5GAA&sigh=g0SAO6v3fbQ&uach_m=[UACH]&cid=CAQSOwDICaaN8bsF9rT9m_gglX9OQ-vE28aECUA5i55Tr2wBoJDwHqqkfbGXxrZ8bfE6_Lryj7Lwk9YPFCFCGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 30 Oct 2023 00:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 9134 0
126 B 27ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kbKVEMz6RPQImAKdg2ICAgAAAPScWjJ9ld1duNpWtxDM8j5l4_UG5YLkZl6wlQAAEgAACgpBUVVCQVFFQkFR&wp=ZT7yzQADwgEH_ZOuAA6lb5ack5mmAA_ZCvlzXA&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=3450468410&pi=t.aa~a.3479421391~i.17~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=1&bdt=847&idt=1&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3369&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gHei271M8B&p=https%3A//krank.de&dtd=94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 00:03:25 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 178102
server: Kestrel
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231025&jk=2958395698853965&bg=!NTalNnnNAAbo5yKYyOc7ADQBe5WfOEVCN0_LUGyzGIYdN_EpPMDfRLQSbYbkBcVqI7FJP255grgsqhpyNv1QLhJ1fX_pAgAAAXhSAAAABGgBBwoANo_zq-Q0OZbHl33aMLnEue-9IN10dkLL9oE8QOIcVaS6xHQgxEKx4apXi0hNyZha5DHQ-t1mdpkCsywrbvUy1LSzgULLCorUVKEMB5A1XHUJQVguc0WQCbzj2Ple7izwBdOwBsitGGTqwtEo_YjzwqmKABV7s1fYKpcuXf_9vxnyd1rNhRH7iVpiPgmS8AK3T853cEyPTTBHgsrbcqWDsgBWFgYdgxjxSWeBN0g3LNrVmOhy3sRbzVU5ElRxVNJ5baXy5eyT2RHIvzAgKIe4JxoBay2GzAqZKv1jgE9b8dDG50EgjGNos-bNcczkqb5ySebocRj71ZIny3DdoWS9cjPQKErsPRSVtATNy9AntdjZ3dYIjr17LTA9aodAdoIaY3mmdB98BM79GRBfJTG0uW89v3YS2RMBkzHTd9DnaAMb4i7eADPFlUh3AXIFYQrapUkYhbBAWduB7hGwuQ84h3hcBphXAOWdZ99Yv1SHy2pVP5SrPiZJDZ41JabkzJMZ6TXO4sjHDK44VYBQno-aH-wha4NmEACMgkFqnVlXXEZHfFtmXi0lYv1q5GorPwjibitPl8FYmq6Ct1zBWK8-BKYCvwm0q7oo7VR8Y3Nzy3MD9CHAEhUvKAlR1Ox3Eg-sWEQOG9RuLf7I1orGvChcGh5uulivKLa7sjXwpdFHtuf2ms4v0eorx_K5ReDKTAd1VFQNLYOR8LqzNJzHG-gh5ASwsA-UooX0SCZLNvX74-iiBm9WtHc7Gaw-q_IVpOcz_b05W01fTabKRq9gldMzCN2nRZCEini_FrZgk1N39pODYqIiCxd2XrTrwK37qFiw-KfY2stzPoTd8pH9cT_JhPA1-mqGfP7ZsF5qQcTY7FvUYpm93AkJI5DHQgkmws84elDzJeCpZiwew6s24jHjgzAO__z8xglfuAbJcSFyk-EMDMlULCCezzGfYU0pNIvTVRFOmIZ1_d_9Vp3mTxrBxJ03t_c-sYsZL-W5Vzk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ3X_WBnFO5XXINFlmXrcnc&google_cver=1&google_push=AXcoOmQUEJSQfZ3PaXtuuBjveCIi8jw9bcboE5BZzTZRsE3ngZUAr1DC6lsNn1sL1vDGB7_jY86U-Rt24Veo2uzdJKuqng_p-UCGQFHvSQ

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
krank.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: gpcebfgl1gi3a8vjjqi222bqvt
.krank.de/	1970-01-21 01:26:24	Name: _ga_QVNJPTS5GE Value: GS1.1.1698624204.1.0.1698624204.0.0.0
.krank.de/	1970-01-21 01:26:24	Name: _ga Value: GA1.2.285549411.1698624204
.krank.de/	1970-01-20 15:51:50	Name: _gid Value: GA1.2.344431165.1698624204
.krank.de/	1970-01-20 15:50:24	Name: _gat Value: 1
.krank.de/	1970-01-21 01:26:24	Name: _ga_N88Q73T6W9 Value: GS1.2.1698624204.1.0.1698624204.0.0.0
.krank.de/	1970-01-21 01:12:00	Name: __gads Value: ID=3ba836e6d6e21f59-224c2af81ae30059:T=1698624204:RT=1698624204:S=ALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ
.krank.de/	1970-01-21 01:12:00	Name: __gpi Value: UID=00000cad7c2a0e98:T=1698624204:RT=1698624204:S=ALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q
.w55c.net/	1970-01-21 01:22:05	Name: wfivefivec Value: h55PRMaM1QXfKB5
.simpli.fi/	1970-01-21 00:37:26	Name: suid Value: E48664C4E834456980E77494DA3F63BA
.doubleclick.net/	1970-01-21 01:12:00	Name: IDE Value: AHWqTUnHhAFag7lSqYF_S3ocF9xeNJd9snjTbJA_Le3Soobqz_CrKGCU8GuWwTJKX0k
.adform.net/	1970-01-20 16:35:02	Name: C Value: 1
.w55c.net/	1970-01-20 16:33:36	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 17:16:48	Name: uid Value: 6023735910430262151
.quantserve.com/	1970-01-20 18:00:00	Name: d Value: EBUBCQGnKoEA
.quantserve.com/	1970-01-21 01:20:38	Name: mc Value: 653ef2cd-9ab70-812b6-060c9
.adfarm1.adition.com/	1970-01-20 18:00:00	Name: UserID1 Value: 7295535408680335512
.ctnsnet.com/	1970-01-21 00:36:00	Name: cid_0e9773ec3c2e48529bcc1d6127b7cb48 Value: 1
.ctnsnet.com/	1970-01-21 00:36:00	Name: gid_CAESENVYpbnKQbbVLwYHa5ZuH4c Value: 1
.blismedia.com/	1970-01-21 00:36:04	Name: b Value: 653EF2CD891EF530965A31BBBLIS
.travelaudience.com/	1970-01-21 01:22:05	Name: _tracker Value: %7B%22UUID%22%3A%224DE05FC2-3A3B-42CE-0E7B-A9868933B3BC%22%7D
.tribalfusion.com/	1970-01-20 18:00:00	Name: ANON_ID Value: aSntuJN3IdaSIdwFTkVREOcXYZcBsn2LbytDwCZaUVUpKcjaYDgXwdiPtdfZaZbfr2fhNsNJpQYGLYTVJKMTM6TE2B1A

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1324517473&adf=2914436572&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1698620605&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fbella-skin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698624205001&bpp=2&bdt=847&idt=-M&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ba836e6d6e21f59-224c2af81ae30059%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_Mb-mHGRc4KXWW9yNIc5W2H78arKnQ&gpic=UID%3D00000cad7c2a0e98%3AT%3D1698624204%3ART%3D1698624204%3AS%3DALNI_MbfWE7UxFPliUGQ-KMJdbU_ZrJF9Q&prev_fmts=0x0&nras=2&correlator=4407078390710&frm=20&pv=1&ga_vid=285549411.1698624204&ga_sid=1698624205&ga_hid=1584182159&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44804683%2C44805933%2C44806738%2C31078301&oid=2&pvsid=2958395698853965&tmod=1853418529&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iDDp8tfpXv&p=https%3A//krank.de&dtd=22 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.eu.criteo.com
ads.travelaudience.com
c1.adform.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cse.google.com
csm.eu.criteo.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
imageproxy.eu.criteo.net
krank.de
m.exactag.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pm.w55c.net
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s.tribalfusion.com
static.addtoany.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
syndication.twitter.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
web.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.www.www.www.www.www.www.www.www.www.www.bella-skin.de
x.bidswitch.net
googlecm.hit.gemius.pl
104.244.42.200
15.197.193.217
178.250.1.6
18.157.102.82
2001:4860:4802:32::36
213.202.235.9
216.58.212.162
23.32.185.35
2606:4700:10::ac43:2794
2606:4700::6811:180e
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
2a00:1450:400c:c1f::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:fa8:8806:12::1370
2a03:2880:f083:6:face:b00c:0:2
2a03:2880:f084:d:face:b00c:0:3
34.91.62.186
34.96.105.8
35.186.193.173
35.190.0.66
35.204.103.237
37.157.6.243
52.57.206.211
62.116.173.69
85.114.159.118
93.184.220.66
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b3a4fdabd88b72211ccbb4b7dd14ad7f971d7d8356daed88334bb442d6f3854
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50
157203cbd07f5e85964e9432fc9a9d747e9ddf82dbbace58e00292fdebb49d92
15a863e62e6ba392b1be75eca4766285a25006ddd15a996cde35c477f20e3919
15c2495c844e9d79aa6cbd66e91394491ac77874b2bb408eb7b2994e2c4475e6
19f4b95f56d49fd9652c76ff1ba308dcc825bd2e8054e10c0f4cb0afa407a7b5
1ac3894d27fc22e42ed33074253429aec87e6e95dd6136a198ca14723603d479
1fd6102c4ac4cf0b3a9af2138e295fc277c58d3b1c6a71b454c9b59ec042aef9
267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f
2e1227e2d3ccf143148712583ca16055a44c7de2fb6b3ab87b1d3fba6cfd5c1e
2efdd3ed532ea476822ccd23581ba499bc2bb621f82d9cbf198effd557923607
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3365804b92aa6e56d9c4e01b229bdf48d83d48bf3526da722d65a2cccafe73bc
34c2528db29af28ba40106ece5fa4b7a8f77885600c9d13f5c345f931d7346fa
353bacdd3c58907d45e2ea06973469dc44a9d416e95f698fdec7606283b5507a
3adf68fdef7361b310517eff0f8d20aea69e015c74a1bcedb879041d010db9ca
3c9e7e961c8ae48bc5c643637c1ca200f7b3752fb57419eec5cb51c78564aab3
3dca9c3ce431b66f1c2c6f2fe7f8bd3fca02e82eb30dbf336aa0c7eaddabd540
40e859957529ed642eb594c3415853a96c3d55e26e6532576b4876ff2c459e16
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869
5270abd95ad20909a9a9296aaf3aa5160d72e3ffa7f0cabc997a04bbe1f4e7c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577eea1c89554e6cf28d599e4240f397a9e9d4269cdbe4eb8815fd3aa98e80c7
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5dc404644892469d302728d787921c0f1f691d4994fef8a0c7cda5e6d1a7624d
618ed86c2bb6c608a138655e336a0d7b45727fc8c2b3d63f0908083914ab1b38
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
674cf12e9dce40d92d338b9dbcb33be7fceb062c9e280995ed35ce6f44f712ed
6b82e32f83a83f6f4a6244f0acfd4c3b001ad6e42173df8b7e88d801332bf839
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
7625b70ab558d487a13f16de6a3fcc2fa51ab970af8c68fac23a607c44e2fd58
7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77
856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
96840bd7cc7d8edd1d1ffaff60d7f335fd866cd9a6132c8524d620482f4df64a
9858aba970f31a0ffac37a23df86b15aac549d4ad87adc33a3d11becc8325e67
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1
ab477a6015aae023ef3d19d5eafbf29be8b0cbb036536973d76387369de48195
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b3f73c5903a0c14bd5fedd4c1c5523d3d5640d7a8e15f7598d1363ba3a08d91d
b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c0dbb818475e41b8327a9c1b147e8944f56f6a200849f572463f29d4bf99f891
c182b7f8bcc45ad194599120c4908124b6be53ab43e9278cb97db45e4842eba6
c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
d03807ddd50a44ed1c7824f3f919f6f50376e5a1b52ebde1ad1faeb3fd6689a1
d41225ee3b9b4fbbc4d65324cc4eb3bfc31b3126d5331c0826de7067cf75a802
d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6e664d7fb83706632f72dcd2dd8494d26c5f70d9bd422233e54d36497efa99
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4da01e4a5552d0cdc90295b4110b979e712b9c256dbe38860d59376dfe7e633
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eee4cfa769b7416160f34ecbc48ddc2086388350baab9d29d30ea3f165b6fbab
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6178e78aec083de194707eeef849f9a72c50d32de40d324469f43e312dd9b1b
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe27f3957b829c084373f77e8282630f6a717401a43ca4d41fb2bae90b0c9983

krank.de Open in urlscan Pro 35.204.103.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

91 %HTTPS

57 %IPv6

31 Domains

42 Subdomains

34 IPs

8 Countries

2930 kBTransfer

6938 kBSize

22 Cookies

9 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

krank.de Open in urlscan Pro
35.204.103.237 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

91 %
HTTPS

57 %
IPv6

31
Domains

42
Subdomains

34
IPs

8
Countries

2930 kB
Transfer

6938 kB
Size

22
Cookies

161 HTTP transactions
4 data transactions