www.gainrep.com Open in urlscan Pro
34.202.199.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://em.gainrepmail.com/CL0/https:%2F%2Fwww.gainrep.com%2FSignin%3Fa=0e670ee7-2026-4b8a-903f-b4f769c215a4%26i=9c62b58e-e...
Effective URL:
https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Submission: On April 18 via manual (April 18th 2023, 10:58:12 pm UTC) from US — Scanned from DE

Summary HTTP 88 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 16 domains to perform 88 HTTP transactions. The main IP is 34.202.199.147, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.gainrep.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 5th 2023. Valid for: a year.

This is the only time www.gainrep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:20e... 2600:9000:20e8:1e00:4:3da9:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
12	34.202.199.147 34.202.199.147	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:8200:5:8c2d:3a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:211... 2600:9000:211e:0:1:5bfd:c500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:d::14 2a02:2638:d::14	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	() ()
2	2a00:1450:400... 2a00:1450:4001:82f::2003	() ()
88	26

1 2600:9000:20e8:1e00:4:3da9:3240:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

em.gainrepmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.202.199.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-199-147.compute-1.amazonaws.com

www.gainrep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8200:5:8c2d:3a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

p.gainrep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:0:1:5bfd:c500:93a1 (United States)

ASN16509 (AMAZON-02, US)

front.nationofhearts.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:d::14 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	criteo.net static.criteo.net — Cisco Umbrella Rank: 763 pix.eu.criteo.net — Cisco Umbrella Rank: 8522 csm.eu.criteo.net — Cisco Umbrella Rank: 6433	422 KB
13	gainrep.com www.gainrep.com p.gainrep.com	116 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	210 KB
8	google.com accounts.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	124 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	386 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	16 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	44 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12727 ads.eu.criteo.com — Cisco Umbrella Rank: 6413 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8248	56 KB
3	nationofhearts.org front.nationofhearts.org	5 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	939 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	602 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3240	25 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	44 KB
1	gainrepmail.com 1 redirects em.gainrepmail.com	278 B
88	16

	Domain	Requested by
14	pix.eu.criteo.net	ads.eu.criteo.com
12	www.gainrep.com	www.gainrep.com
9	static.criteo.net	ads.eu.criteo.com
7	pagead2.googlesyndication.com	www.gainrep.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	www.google.com	www.gainrep.com tpc.googlesyndication.com cdnjs.cloudflare.com www.gstatic.com www.google.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	cdnjs.cloudflare.com	www.gainrep.com ads.eu.criteo.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	front.nationofhearts.org	www.gainrep.com front.nationofhearts.org
2	fonts.gstatic.com	www.google.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.gainrep.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	accounts.google.com	www.gainrep.com
1	stackpath.bootstrapcdn.com	www.gainrep.com
1	p.gainrep.com	www.gainrep.com
1	www.googletagmanager.com	www.gainrep.com
1	em.gainrepmail.com	1 redirects
88	27

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
www.facebook.com
www.nationofhearts.org

Subject Issuer	Validity	Valid
gainrep.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-05` - `2024-02-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
p.gainrep.com Amazon RSA 2048 M02	`2023-03-02` - `2024-02-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
front.nationofhearts.org Amazon RSA 2048 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Frame ID: F4A6C8CB0FA363BE685A3A1DDF0FAF3D
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html
Frame ID: 493C94D7E0F230D661374AF390CB5D00
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2648398126122025&output=html&adk=1812271804&adf=3025194257&lmt=1681858680&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fwww.gainrep.com%2FSignin%3Fa%3D0e670ee7-2026-4b8a-903f-b4f769c215a4%26i%3D9c62b58e-e870-4b48-85b0-9751aa439de9&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681858680099&bpp=3&bdt=236&idt=273&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6595060522178&frm=20&pv=2&ga_vid=219411174.1681858680&ga_sid=1681858680&ga_hid=234484921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=1271344360254500&tmod=1460532273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300
Frame ID: C7B6B6B90288FA2072D7CA840DEEA1A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2648398126122025&output=html&h=600&slotname=5773521457&adk=2114987940&adf=309374513&pi=t.ma~as.5773521457&w=270&fwrn=4&fwrnh=100&lmt=1681858680&rafmt=1&format=270x600&url=https%3A%2F%2Fwww.gainrep.com%2FSignin%3Fa%3D0e670ee7-2026-4b8a-903f-b4f769c215a4%26i%3D9c62b58e-e870-4b48-85b0-9751aa439de9&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681858680102&bpp=3&bdt=239&idt=303&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6595060522178&frm=20&pv=1&ga_vid=219411174.1681858680&ga_sid=1681858680&ga_hid=234484921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1027&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=1271344360254500&tmod=1460532273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTTh62HLP0&p=https%3A//www.gainrep.com&dtd=308
Frame ID: ADEE6D038B3977E72BE0250053A799F9
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZD8geAAG0bAKGdgCAAm14o8liHQ2i3Xp_oh4_A&u=%7CB8KiY3LC2FHEo3F%2F3P7WqGCsFcg9IBEYTFPZ8MtbKY8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-nO8EpTmD0s3mIOdQUg7Qit9FNZvJT8O_TpKx09c19pITUMOLZcT6Sa-LAUZTMqq6YSu9kn7wfuF1b7C_DhMPfgqcjrCIvnKT4ARd0Gk5A4khsHf1r7VEkLRlhr4FJkxXi90jjGiZDThEXNnr7CnrmAk77fj2M1O52wB8Ez4tggmorau64tCoplHATTIT-nWAdGMglYRINzIGTnVO50cZbbeM242qKhVabuIcuLtYLvxagj5926ZMYTpQrPQpOkDyP3CSpDbIX7KaZTR_RoDtxl8zE6EPw-8HuAGx3odoS2uRM63geOmRLfdPcVg2WFAsT0d9zUYwo7cszPyBdgobQPfiVQ_SnrjR9Eu50c85F1l2p-vx6gZKUizmPPesp1R-j_pAWGRxCN-aRd2fHl5ETs1W9xooAv963qh7APQjVZEJ3CpDUvNuctoLTJLw0f8s8dp1G5piB1ZsBgXTlWELNWnPpRoQqBa1L0VkWJVyh_NHr7a6IfwdNrcRltHmuXGGxg5o6JFtyPNyLtjcsNFk72M4DATjOrqDG3nYrIXqIJHfztJz1TvME&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPvBCeCA_ZLCjG4KwZ-LrpoADyZ7SsVzN8eLdiAHAjbcBEAEgAGCV-peCrAeCARdjYS1wdWItMjY0ODM5ODEyNjEyMjAyNcgBCakCgMtUH0Vpsj6oAwGqBKoCT9Dw8nIZUyNyr_-fodNZCRX8yA8Txm2fNtwialE7hYYnvFFkleyCWedcV02fHmrJXVLDM55OfD2zzISFfjvgKI79bdQpqBjdu7M1DVlxdrvlk3qHOngTO_Oqthgzs1zDJofZdqYq5Q-1y34OKQ2RmBMoV5o4s_N1LNrj1bMczA5bQE5kcZoM5cYZ35V5e6yUiKPIWDO9zkzfqshFsrsGigEnDZ7_KFIwlP5-AErMzUMKUSlKGDzPAHycZwqr6Nq7LMX8-MK3ibfu-Mz-lsRSTHIirSnKNaSuX7ze3z45y_jqKIViGMlzsDEjBgaCjEYrf8h38e7cFQF1im2AYHIbv6fMjPrcQ7Tg1qiR54XYOsKhz5IBVhJCkZfzAbLbC3BDz_4nUTFZUq6o5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1EPu0sxOesFQZzWAmouXUSz3L36g%26client%3Dca-pub-2648398126122025%26adurl%3D
Frame ID: F1BA9612785A2E1D422DFBE45A6D0087
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0EE9173375D0A9BC75285D869D7D6C75
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC38963C972124675E9A9BDBE9226E2B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsRMIUAAAAAKYLc6vCm20ceJ_WTl3l23pgm_NH&co=aHR0cHM6Ly93d3cuZ2FpbnJlcC5jb206NDQz&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=mqvfv0xjz3uq
Frame ID: FE3B381AB33B3A8157967A7DF179EEAE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gainrep - Invitation from Usman Mohd Binji

Page URL History Show full URLs

https://em.gainrepmail.com/CL0/https:%2F%2Fwww.gainrep.com%2FSignin%3Fa=0e670ee7-2026-4b8a-903f-b4f769c... HTTP 302
https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

88
Requests

100 %
HTTPS

92 %
IPv6

16
Domains

27
Subdomains

26
IPs

4
Countries

1517 kB
Transfer

3395 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.google.com/o/oauth2/v2/auth?scope=profile%20email&include_granted_scopes=true&redirect_uri=https://www.gainrep.com/Signin&response_type=code&client_id=528701809626-nc22en9e4qck7v0t40t0d8cj5446i275.apps.googleusercontent.com
Title: Sign in with Gmail

Search URL Search Domain Scan URL

URL: https://www.facebook.com/v4.0/dialog/oauth/?client_id=1058610360995403&redirect_uri=https://www.gainrep.com/Signin&response_type=code&state=1&scope=email

Search URL Search Domain Scan URL

URL: https://www.nationofhearts.org/en/
Title: Help Ukraine to protect itself

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://em.gainrepmail.com/CL0/https:%2F%2Fwww.gainrep.com%2FSignin%3Fa=0e670ee7-2026-4b8a-903f-b4f769c215a4%26i=9c62b58e-e870-4b48-85b0-9751aa439de9/2/010001878a46f040-b2986afb-74f7-4b48-bc7f-25f6ab87b7f9-000000/D3J7uPgyTkPsJoXy88pAELSN8dsDzecvZIQKMYJyptQ=296 HTTP 302
https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Signin Show response
www.gainrep.com/
Redirect Chain

https://em.gainrepmail.com/CL0/https:%2F%2Fwww.gainrep.com%2FSignin%3Fa=0e670ee7-2026-4b8a-903f-b4f769c215a4%26i=9c62b58e-e870-4b48-85b0-9751aa439de9/2/010001878a46f040-b2986afb-74f7-4b48-bc7f-25f6...
https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

59 KB
19 KB

553ms
211ms

Document
text/html

34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7db8f68886c327f985997843386864f155dccb9600e4444e9565d32a2f02557c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 19361
content-type: text/html; charset=utf-8
date: Tue, 18 Apr 2023 22:57:58 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Redirect headers

content-length: 0
date: Tue, 18 Apr 2023 22:57:58 GMT
location: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc20.cloudfront.net (CloudFront)
x-amz-cf-id: CBnY8bTGMlR7So1wIZSQd2Rk9lPFxQmU4LWRA62pvxaTclxa3K_-fg==
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 42ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145308237-1

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44ad90727d445f5f2730eda428b6a9da804d68c7a24f93ee6554c0a3274580a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44681
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 22:15:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Apr 2023 22:57:59 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 29ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 105509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJp0ptP33Nia%2Fc3qyug3PL%2FJkNjex2XcmZZEIUbtPcJMOfXESX2a%2F30EqbV1M6mxN1sLsgrxIVmCXDHTk13S7JQJdAg7aTB2L7ngzHmEVyN6ylHIVDh3q6wFK961BLNfhX6cXULZF3DshtJt6ftvvtVO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ba0828d499b6919-FRA
expires: Sun, 07 Apr 2024 22:57:59 GMT

GET
H2 200 popper.js Show response
www.gainrep.com/js/ 18 KB
8 KB 103ms
103ms Script
application/javascript 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gainrep.com/js/popper.js
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4ba1b5211306735335bd115108c0b754275eb5f4ebc72ad5eed7a139337edbdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2018 02:32:46 GMT
server: Microsoft-IIS/10.0
etag: "0dbc399e0a2d31:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8221

GET
H2 200 bootstrap.min.js Show response
www.gainrep.com/js/ 50 KB
18 KB 108ms
107ms Script
application/javascript 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gainrep.com/js/bootstrap.min.js
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2017 10:51:48 GMT
server: Microsoft-IIS/10.0
etag: "07aa0156d51d31:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 18210

GET
H2 200 photo_min-5567c201-b575-4429-b3d9-09f3f891ede4.jpg
p.gainrep.com/4/3/1/ 4 KB
4 KB 636ms
394ms Image
image/jpeg 2600:9000:206f:8200:5:8c2d:3a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.gainrep.com/4/3/1/photo_min-5567c201-b575-4429-b3d9-09f3f891ede4.jpg
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:5:8c2d:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 183f2ab8324b869cc620abee18029719e2797f60816e0fe787356637a1838aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:01 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified: Tue, 30 Aug 2022 12:52:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "5273dc2b0730fe72b37b04ada499d1e7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 3704
x-amz-cf-id: 8NOsLGCUxRR87fNAxCw55fYLbDmH6FNIKcpl0yPapVAei9_p5x9eKQ==

GET
H2 200 google_login.png
www.gainrep.com/img/ 4 KB
4 KB 104ms
101ms Image
image/png 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gainrep.com/img/google_login.png
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe515e54d02cc23a3ba838b22ba28d85a81ab7753d4384bc34ac627ee8bd49c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
last-modified: Thu, 28 May 2020 16:03:56 GMT
server: Microsoft-IIS/10.0
etag: "03e1997935d61:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 4239

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 36ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 617, 617
age: 2551642
cdn-cachedat: 2021-06-08 14:20:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 812d9c16b348d2922e969814604cc8fe
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7ba0828df9839b69-FRA
cdn-requestpullsuccess: True

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
728 B 16ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14520952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSMI4vhY0JRPbMf32XgIKxaXnZWoregjHRXMHx0d87c%2BllP31yjZ7OARXhiVIlKH9fAQ8i2XQM%2B8KfdlnMHyR2mjhJ8RPpjjfOiVhjS2OYkhEF6FYxkgYy4jz000FMnWJ72vlB1Mzyyy4a7r2ailQdjY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ba0828dea0f6919-FRA
expires: Sun, 07 Apr 2024 22:57:59 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
971 B 16ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3469192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr2QACP6pVCvHPl5BkjdpFdydvHoNOaknCtV3bJp7r%2BZAbV6H2J6%2Bvc0VhAuoJBV20DVZTY292faB2ZJtpttC1UvnXfsXfPXtgDdenLnOvwZvC7G7Flf6C3EkPF2qSor6bC0Qj6AVIxCkjiv7ED9Jwqu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ba0828dea106919-FRA
expires: Sun, 07 Apr 2024 22:57:59 GMT

GET
H2 200 style.css
www.gainrep.com/css/ 178 KB
42 KB 131ms
129ms Stylesheet
text/css 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gainrep.com/css/style.css?v=0412192522
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d2213ac71d2e34c48ba0f16d3c39208f2dd6238b839515818450e77d4107d06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 16:25:22 GMT
server: Microsoft-IIS/10.0
etag: "05f1605b6dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 42481

GET
H2 200 responsive.css
www.gainrep.com/css/ 18 KB
5 KB 107ms
105ms Stylesheet
text/css 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gainrep.com/css/responsive.css?v=0410220708
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c2768cbf49eebb25d9169f6abbb998cff92c40f808a10b508da729c24f83222c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 19:07:08 GMT
server: Microsoft-IIS/10.0
etag: "09657a5df6bd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5310

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145308237-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Apr 2023 22:11:32 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2788
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 19 Apr 2023 00:11:32 GMT

GET
H2 200 facebook_login.png
www.gainrep.com/img/ 1 KB
2 KB 105ms
102ms Image
image/png 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gainrep.com/img/facebook_login.png
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c76995c01e7b273a4105d43cd1b3ee06748f169c61c76f545a5eef5f3535595d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
last-modified: Thu, 28 May 2020 16:03:54 GMT
server: Microsoft-IIS/10.0
etag: "011e895935d61:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1523

GET
H2 200 logopreview.png
www.gainrep.com/img/ 9 KB
9 KB 105ms
102ms Image
image/png 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gainrep.com/img/logopreview.png
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a648dc1bb79edb3046d9596a7cb886e32ae0072d7d86dfca4fe5421d034364c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
last-modified: Fri, 02 Aug 2019 12:34:30 GMT
server: Microsoft-IIS/10.0
etag: "0cf40a12e49d51:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 9548

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 94ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2648398126122025

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a06231505d91c2088c4ea2375d1d3a31939a1ab30ff1ab45b65dd511a2eaa0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gainrep.com/
Origin: https://www.gainrep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47748
x-xss-protection: 0
server: cafe
etag: 15102999464698360013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 22:58:00 GMT

GET
H2 200 copy-icon.png
www.gainrep.com/img/ 1 KB
1 KB 105ms
102ms Image
image/png 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gainrep.com/img/copy-icon.png
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 44c8007c21615bbe8fe3c87382859d2e005af5d0a571e36ef498a1cf6270b495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
last-modified: Thu, 01 Mar 2018 22:19:36 GMT
server: Microsoft-IIS/10.0
etag: "0cab61abb1d31:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1197

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 15ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13235414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9564
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKha40s4hg6ME4jS7svKyuZ1J1LUFb7PjcyTyUTeKQIL6fplV3tDtfu250TljRc6GmfkyebohTKLSGO11YLedPVAzVoEgpivn81jYgXjg%2FaN9Dt%2BIR1E7XLy%2FfcaUWESeKcRBSTfbfJRHGNZ5yY%2BIDvi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ba0828dea0e6919-FRA
expires: Sun, 07 Apr 2024 22:57:59 GMT

GET
H2 200 script.js Show response
www.gainrep.com/js/ 14 KB
3 KB 106ms
104ms Script
application/javascript 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gainrep.com/js/script.js
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a6d85140ce65f53e9322d745dbacf70142103a7d6b7c55264e73744f3f66fdfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
content-encoding: gzip
last-modified: Mon, 10 Apr 2023 08:03:08 GMT
server: Microsoft-IIS/10.0
etag: "06dae2826bd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2795

GET
H2 200 front1.4.js Show response
front.nationofhearts.org/ 2 KB
3 KB 212ms
8ms Script
application/javascript 2600:9000:211e:0:1:5bfd:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://front.nationofhearts.org/front1.4.js
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:0:1:5bfd:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b06bf970ccc4c08e6d3ac0a62050d47727486d5dc21401528ea4b1570530ee8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 12:10:28 GMT
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 11:48:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 38853
etag: "1f4506b7f9b247c9384a31d6a2d67b6f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2402
x-amz-cf-id: MgaV4oZ1TBfXZaK9-ARX97RKdp7qbMAy9bBPdJpxwSFiu2JGqZudcg==

GET
H2 200 client Show response
accounts.google.com/gsi/ 195 KB
77 KB 92ms
59ms Script
application/javascript 2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e0b314b9b2882ef366a8d0c38bec7b26a5bbcc0356229f48fcc405c5ec06202

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-c9IH7mPmaB5zjVTb88G-7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-c9IH7mPmaB5zjVTb88G-7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 18 Apr 2023 22:58:00 GMT

GET
H2 200 bullet_red.png
www.gainrep.com/css/images/ 210 B
287 B 102ms
102ms Image
image/png 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gainrep.com/css/images/bullet_red.png
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a5294bd21ad80bb429a24461f68b0e51aaf9ab7d44cad9cc24892c5a4b9a85a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
last-modified: Tue, 07 Apr 2020 11:49:42 GMT
server: Microsoft-IIS/10.0
etag: "04ff09fd2cd61:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 210

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 14ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=234484921&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gainrep.com%2FSignin%3Fa%3D0e670ee7-2026-4b8a-903f-b4f769c215a4%26i%3D9c62b58e-e870-4b48-85b0-9751aa439de9&ul=en-us&de=UTF-8&dt=Gainrep%20-%20Invitation%20from%20Usman%20Mohd%20Binji&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=850002386&gjid=630092341&cid=219411174.1681858680&tid=UA-145308237-1&_gid=1551497803.1681858680&_r=1&gtm=457e34c0&jsscut=1&z=1750756502

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gainrep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 22:58:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gainrep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-145308237-1&cid=219411174.1681858680&jid=850002386&gjid=630092341&_gid=1551497803.1681858680&_u=YEBAAUAAAAAAACAAI~&z=512839187

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gainrep.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 18 Apr 2023 22:58:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gainrep.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 86ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2648398126122025&plah=www.gainrep.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2648398126122025

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0840aa9ee74ac8e13792cec19374f518e262c317c69f231775777ed543c29694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118930
x-xss-protection: 0
server: cafe
etag: 5118103109242478722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 22:58:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/ Frame 493C 10 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2648398126122025

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gainrep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 15:47:46 GMT
etag: 2378337311435320485
expires: Tue, 02 May 2023 15:47:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 40ms
18ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-145308237-1&cid=219411174.1681858680&jid=850002386&_u=YEBAAUAAAAAAACAAI~&z=465997121

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 22:58:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
17ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-145308237-1&cid=219411174.1681858680&jid=850002386&_u=YEBAAUAAAAAAACAAI~&z=465997121

Requested by

Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 22:58:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 front1.4.css
front.nationofhearts.org/ 964 B
1 KB 8ms
7ms Stylesheet
text/css 2600:9000:211e:0:1:5bfd:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://front.nationofhearts.org/front1.4.css
Requested by: Host: front.nationofhearts.org
URL: https://front.nationofhearts.org/front1.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:0:1:5bfd:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c32ed556c9e78e9cc9abdabad2898f0780b9156c48102706a33215b1637ebc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 12:10:31 GMT
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 11:48:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 38850
etag: "f99dcbdd9c1efc74d389721ba25bc5aa"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 964
x-amz-cf-id: MTOX5WtX91qakxCOWXC4cCEWNuYdrzivfwlRnV2nRKlE3Gj_utoP3g==

GET
H2 200 close.png
front.nationofhearts.org/ 319 B
672 B 8ms
8ms Image
image/png 2600:9000:211e:0:1:5bfd:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://front.nationofhearts.org/close.png
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/Signin?a=0e670ee7-2026-4b8a-903f-b4f769c215a4&i=9c62b58e-e870-4b48-85b0-9751aa439de9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:0:1:5bfd:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 142adec6fc678bbc4aefe3ff62c81f51dae20d63c271b6ff153adef8351de297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:07:53 GMT
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 09:38:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 42607
etag: "a9a2e33e2c18467eae6d297325e278f6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 319
x-amz-cf-id: T1PSvzVytP1S3k29NnaxtkT1yB7ekLu8eRkNdLyToLzLlft84_vmHw==

GET
H2 200 bullet_red_transparent.png
www.gainrep.com/css/images/ 162 B
239 B 100ms
99ms Image
image/png 34.202.199.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gainrep.com/css/images/bullet_red_transparent.png
Requested by: Host: www.gainrep.com
URL: https://www.gainrep.com/css/style.css?v=0412192522
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.202.199.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-199-147.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3b876ba308988408803e86d9baf4dc5084ed3b92bf0f7f280db1521e45f2a7f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/css/style.css?v=0412192522
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:57:59 GMT
last-modified: Wed, 02 Jun 2021 10:35:48 GMT
server: Microsoft-IIS/10.0
etag: "05afac9b57d71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 162

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 38ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.gainrep.com&callback=_gfp_s_&client=ca-pub-2648398126122025

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2648398126122025&plah=www.gainrep.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd58b3300836e8d3e7c2042eea86fb67bbe4830d0d645599520033dae94913f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 51ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gainrep.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 45ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gainrep.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7B6 0
188 B 131ms
129ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2648398126122025&output=html&adk=1812271804&adf=3025194257&lmt=1681858680&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fwww.gainrep.com%2FSignin%3Fa%3D0e670ee7-2026-4b8a-903f-b4f769c215a4%26i%3D9c62b58e-e870-4b48-85b0-9751aa439de9&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681858680099&bpp=3&bdt=236&idt=273&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6595060522178&frm=20&pv=2&ga_vid=219411174.1681858680&ga_sid=1681858680&ga_hid=234484921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=1271344360254500&tmod=1460532273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gainrep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 22:58:00 GMT
expires: Tue, 18 Apr 2023 22:58:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADEE 24 KB
10 KB 207ms
207ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2648398126122025&output=html&h=600&slotname=5773521457&adk=2114987940&adf=309374513&pi=t.ma~as.5773521457&w=270&fwrn=4&fwrnh=100&lmt=1681858680&rafmt=1&format=270x600&url=https%3A%2F%2Fwww.gainrep.com%2FSignin%3Fa%3D0e670ee7-2026-4b8a-903f-b4f769c215a4%26i%3D9c62b58e-e870-4b48-85b0-9751aa439de9&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681858680102&bpp=3&bdt=239&idt=303&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6595060522178&frm=20&pv=1&ga_vid=219411174.1681858680&ga_sid=1681858680&ga_hid=234484921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1027&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=1271344360254500&tmod=1460532273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTTh62HLP0&p=https%3A//www.gainrep.com&dtd=308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb8f2492bdd1766bac1875e720cdfed1f4165bb886492d0e9a40666626bae974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gainrep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10341
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 22:58:00 GMT
expires: Tue, 18 Apr 2023 22:58:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame ADEE 3 KB
2 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2648398126122025&output=html&h=600&slotname=5773521457&adk=2114987940&adf=309374513&pi=t.ma~as.5773521457&w=270&fwrn=4&fwrnh=100&lmt=1681858680&rafmt=1&format=270x600&url=https%3A%2F%2Fwww.gainrep.com%2FSignin%3Fa%3D0e670ee7-2026-4b8a-903f-b4f769c215a4%26i%3D9c62b58e-e870-4b48-85b0-9751aa439de9&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681858680102&bpp=3&bdt=239&idt=303&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6595060522178&frm=20&pv=1&ga_vid=219411174.1681858680&ga_sid=1681858680&ga_hid=234484921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1027&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=1271344360254500&tmod=1460532273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTTh62HLP0&p=https%3A//www.gainrep.com&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 21:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 21:46:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame ADEE 20 KB
8 KB 103ms
75ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 22:58:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADEE 159 KB
49 KB 56ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49673
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681775021301287"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 22:58:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ADEE 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWuz7eCA_ZLCjG4KwZ-LrpoADyZ7SsVzN8eLdiAHAjbcBEAEgAGCV-peCrAeCARdjYS1wdWItMjY0ODM5ODEyNjEyMjAyNcgBCakCgMtUH0Vpsj6oAwGqBKcCT9Dw8nIZUyNyr_-fodNZCRX8yA8Txm2fNtwialE7hYYnvFFkleyCWedcV02fHmrJXVLDM55OfD2zzISFfjvgKI79bdQpqBjdu7M1DVlxdrvlk3qHOngTO_Oqthgzs1zDJofZdqYq5Q-1y34OKQ2RmBMoV5o4s_N1LNrj1bMczA5bQE5kcZoM5cYZ35V5e6yUiKPIWDO9zkzfqshFsrsGigEnDZ7_KFIwlP5-AErMzUMKUSlKGDzPAHycZwqr6Nq7LMX8-MK3ibfu-Mz-lsRSTHIirSnKNaSuX7ze3z45y_jqKIViGMlzsDEjBgaCjEYrf8h38e7cFQF1im2AYHIbv6eOjttOxDt8xRcN8yYIB2RZxoYL4BhsiRVHyY99-c9d4-ai-7VK7YAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjY0ODM5ODEyNjEyMjAyNRgA&sigh=0pza_tHDb-U&uach_m=[UACH]&cid=CAQSGwBygQiD26mPBYLdfdwsuPyTfHQW4F_ZkxSOAhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2648398126122025&output=html&h=600&slotname=5773521457&adk=2114987940&adf=309374513&pi=t.ma~as.5773521457&w=270&fwrn=4&fwrnh=100&lmt=1681858680&rafmt=1&format=270x600&url=https%3A%2F%2Fwww.gainrep.com%2FSignin%3Fa%3D0e670ee7-2026-4b8a-903f-b4f769c215a4%26i%3D9c62b58e-e870-4b48-85b0-9751aa439de9&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681858680102&bpp=3&bdt=239&idt=303&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6595060522178&frm=20&pv=1&ga_vid=219411174.1681858680&ga_sid=1681858680&ga_hid=234484921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1027&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=1271344360254500&tmod=1460532273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTTh62HLP0&p=https%3A//www.gainrep.com&dtd=308
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Apr 2023 22:58:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Apr 2023 22:58:00 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame ADEE 0
0 40ms
13ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RI4C2ASdg2ICAgAAADmV2aeBrm94EHggP2Rw9ldrXvm_naL5AAASAAAKCkFRVUJBUUVCQVE&wp=ZD8geAAG0bAKGdgCAAm14o8liHQ2i3Xp_oh4_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 193041
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F1BA 185 KB
55 KB 207ms
86ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZD8geAAG0bAKGdgCAAm14o8liHQ2i3Xp_oh4_A&u=%7CB8KiY3LC2FHEo3F%2F3P7WqGCsFcg9IBEYTFPZ8MtbKY8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-nO8EpTmD0s3mIOdQUg7Qit9FNZvJT8O_TpKx09c19pITUMOLZcT6Sa-LAUZTMqq6YSu9kn7wfuF1b7C_DhMPfgqcjrCIvnKT4ARd0Gk5A4khsHf1r7VEkLRlhr4FJkxXi90jjGiZDThEXNnr7CnrmAk77fj2M1O52wB8Ez4tggmorau64tCoplHATTIT-nWAdGMglYRINzIGTnVO50cZbbeM242qKhVabuIcuLtYLvxagj5926ZMYTpQrPQpOkDyP3CSpDbIX7KaZTR_RoDtxl8zE6EPw-8HuAGx3odoS2uRM63geOmRLfdPcVg2WFAsT0d9zUYwo7cszPyBdgobQPfiVQ_SnrjR9Eu50c85F1l2p-vx6gZKUizmPPesp1R-j_pAWGRxCN-aRd2fHl5ETs1W9xooAv963qh7APQjVZEJ3CpDUvNuctoLTJLw0f8s8dp1G5piB1ZsBgXTlWELNWnPpRoQqBa1L0VkWJVyh_NHr7a6IfwdNrcRltHmuXGGxg5o6JFtyPNyLtjcsNFk72M4DATjOrqDG3nYrIXqIJHfztJz1TvME&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPvBCeCA_ZLCjG4KwZ-LrpoADyZ7SsVzN8eLdiAHAjbcBEAEgAGCV-peCrAeCARdjYS1wdWItMjY0ODM5ODEyNjEyMjAyNcgBCakCgMtUH0Vpsj6oAwGqBKoCT9Dw8nIZUyNyr_-fodNZCRX8yA8Txm2fNtwialE7hYYnvFFkleyCWedcV02fHmrJXVLDM55OfD2zzISFfjvgKI79bdQpqBjdu7M1DVlxdrvlk3qHOngTO_Oqthgzs1zDJofZdqYq5Q-1y34OKQ2RmBMoV5o4s_N1LNrj1bMczA5bQE5kcZoM5cYZ35V5e6yUiKPIWDO9zkzfqshFsrsGigEnDZ7_KFIwlP5-AErMzUMKUSlKGDzPAHycZwqr6Nq7LMX8-MK3ibfu-Mz-lsRSTHIirSnKNaSuX7ze3z45y_jqKIViGMlzsDEjBgaCjEYrf8h38e7cFQF1im2AYHIbv6fMjPrcQ7Tg1qiR54XYOsKhz5IBVhJCkZfzAbLbC3BDz_4nUTFZUq6o5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1EPu0sxOesFQZzWAmouXUSz3L36g%26client%3Dca-pub-2648398126122025%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

48eebed6b70e5e84e5ed05de3e5bdf6c33e89f5eda3ffdd3f660d0d851aca9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 22:58:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5bI4bFu122Bo2tdoiYGt3NLLFVMQrmNw2iLcVUp_LAP_DAVfKUlbuqu4q0rBRL_3E9CJpz8SK3G_X-n1ZOhRD7yGkkGuonerxXiC6Sm-wyud2VvCyeLwy4X45d1sOjY_OD1HIt9DbnZYEAnrEe1x8ACcrggFLKQU8SM6Fy_7kty7WDALpHFPMLXpJgfcgOKNQw4wuiURNiyo-8EECqlI_4LEyxa5F5x67Uvt8Og3vUc-FnmX2q0r6OtEAwaNjbxgD0oNXA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 68141368
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame ADEE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 762db1420a8a65ea2090fd78be36550015df5aa7fc2ae927db8f490c23630f75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F1BA 2 KB
1 KB 41ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZD8geAAG0bAKGdgCAAm14o8liHQ2i3Xp_oh4_A&u=%7CB8KiY3LC2FHEo3F%2F3P7WqGCsFcg9IBEYTFPZ8MtbKY8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-nO8EpTmD0s3mIOdQUg7Qit9FNZvJT8O_TpKx09c19pITUMOLZcT6Sa-LAUZTMqq6YSu9kn7wfuF1b7C_DhMPfgqcjrCIvnKT4ARd0Gk5A4khsHf1r7VEkLRlhr4FJkxXi90jjGiZDThEXNnr7CnrmAk77fj2M1O52wB8Ez4tggmorau64tCoplHATTIT-nWAdGMglYRINzIGTnVO50cZbbeM242qKhVabuIcuLtYLvxagj5926ZMYTpQrPQpOkDyP3CSpDbIX7KaZTR_RoDtxl8zE6EPw-8HuAGx3odoS2uRM63geOmRLfdPcVg2WFAsT0d9zUYwo7cszPyBdgobQPfiVQ_SnrjR9Eu50c85F1l2p-vx6gZKUizmPPesp1R-j_pAWGRxCN-aRd2fHl5ETs1W9xooAv963qh7APQjVZEJ3CpDUvNuctoLTJLw0f8s8dp1G5piB1ZsBgXTlWELNWnPpRoQqBa1L0VkWJVyh_NHr7a6IfwdNrcRltHmuXGGxg5o6JFtyPNyLtjcsNFk72M4DATjOrqDG3nYrIXqIJHfztJz1TvME&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPvBCeCA_ZLCjG4KwZ-LrpoADyZ7SsVzN8eLdiAHAjbcBEAEgAGCV-peCrAeCARdjYS1wdWItMjY0ODM5ODEyNjEyMjAyNcgBCakCgMtUH0Vpsj6oAwGqBKoCT9Dw8nIZUyNyr_-fodNZCRX8yA8Txm2fNtwialE7hYYnvFFkleyCWedcV02fHmrJXVLDM55OfD2zzISFfjvgKI79bdQpqBjdu7M1DVlxdrvlk3qHOngTO_Oqthgzs1zDJofZdqYq5Q-1y34OKQ2RmBMoV5o4s_N1LNrj1bMczA5bQE5kcZoM5cYZ35V5e6yUiKPIWDO9zkzfqshFsrsGigEnDZ7_KFIwlP5-AErMzUMKUSlKGDzPAHycZwqr6Nq7LMX8-MK3ibfu-Mz-lsRSTHIirSnKNaSuX7ze3z45y_jqKIViGMlzsDEjBgaCjEYrf8h38e7cFQF1im2AYHIbv6fMjPrcQ7Tg1qiR54XYOsKhz5IBVhJCkZfzAbLbC3BDz_4nUTFZUq6o5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1EPu0sxOesFQZzWAmouXUSz3L36g%26client%3Dca-pub-2648398126122025%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F1BA 2 KB
1 KB 39ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F1BA 308 B
637 B 37ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F1BA 293 B
621 B 40ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame F1BA 43 B
348 B 322ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=G3B0h1pK7UNOzZVT8RZfYtdX4rCWsRx9LHeVfoFJ-Hwkx1_jQx5kQsXbERsS_C3D5MVHph2K1gy6uSedcJBq-qJDsOj6WdRViyDJLYiTxguXiyOYeMvY6z4CIWIt-99o0NDyGUFWwqOwO71iaoezQCeiZhJGt-KYWGlP2IPshgnp_CrOhwOD-HHe3zGQUY1rL87nayzSOsKAKQF2S85WKyTwwzXwQjOtGDyYMpVPk2kHvmRD2549x83iQGMa4UxgZ9T-kWpb-abfvvgSP56w619yK8E8Y6iyDZRXY2walUkZOcEut0hNz8_4xTHE7t639UkRhLcb6gSqmMJgqZK9qQYjbN6EW5qbUOVIvAJCREKK-Je2FoTPiTHp3ySZBlKV1wcT_p8raSTeoE0RZ56nQ9mV_eFnmZoSHzoplYJXnavQ7-Vp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1626479
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F1BA 12 KB
5 KB 15ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 524652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEFxfw5r5P9505G5jkgpWDApNMnzqd5jCrf2WepAVi5GYfrWhKlIq2pH9hB4KoI9h9ALRSQAInIr%2BqARawxQbAjAboX7G%2BGebgdHAS3hLOobYl8TphZK0R9W9sHHt8ZFEFr3aGIQPZKcg03B0M%2FN520%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ba082935a6b2c53-FRA
expires: Sun, 07 Apr 2024 22:58:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F1BA 12 KB
6 KB 24ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame F1BA 46 KB
46 KB 50ms
24ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame F1BA 38 KB
38 KB 55ms
29ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 6 KB
6 KB 278ms
17ms Image
image/png 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9764%2F230413%2F917351ee47c4413e8a80c13e50969936_logo_n_horizontal_4.png&v=3&w=536&s=FSwKR5NSGRW-uUQG7E0qw3yA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c2369c162a49b53d572cf8f0edc988850f85f899b4da27489465dac8fb5108bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30637777
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6100
expires: Sun, 07 Apr 2024 13:27:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 111 KB
111 KB 306ms
46ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9764%2F230413%2F11c5ae5fb140405681edaf76ceeb00d7_img_square_1.jpg&v=3&w=1200&s=TY00qbTzscYT9I-Q46fMWiyb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d51b25919a323fc2c25976593c810742e0d961f6e07234c748358077919fa47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30638029
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 113366
expires: Sun, 07 Apr 2024 13:31:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 11 KB
11 KB 305ms
45ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19349932-ZseJiX5S.jpg&v=3&w=400&s=bL6rHfLOrI8xR4MwhnKaBsfQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c3fbda5aaf08b79384354c91b5a7d8cd6196fb8a797afac0212181c6df0074bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=57342
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10766
expires: Wed, 19 Apr 2023 14:53:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 14 KB
14 KB 296ms
37ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17041017-VZvCE1KQ.jpg&v=3&w=400&s=mW6XNV8vFKvnOn1tBLy4NOUM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3997675a79e351ca1e4de3a43efa44d9d361f1f29741f07f9ad9b11fcd10fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=130109
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14094
expires: Thu, 20 Apr 2023 11:06:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 13 KB
13 KB 289ms
30ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1550221296%2F18248383-LYD7xIVt.jpg&v=3&w=400&s=5pnzBj_PzCPXf26Flktz0Y_c&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

17e75ada74535f579a90eb81a0c95fa979bade0003c00c0f1cc76b1bda482b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=57377
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12948
expires: Wed, 19 Apr 2023 14:54:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 13 KB
13 KB 308ms
49ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1475740230%2F16209727-6wnyNe0i.jpg&v=3&w=400&s=iXwa8LSIVCjBKattIYfK37lu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1d7036cd7c27816006a31c726f89cb8358c2283e82f078ed8b3bb45b01af7d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=58283
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12968
expires: Wed, 19 Apr 2023 15:09:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 9 KB
9 KB 57ms
57ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1541573180%2F18316508-Fn21UoMR.jpg&v=3&w=400&s=PgMu1WiaOuh2y0iR0WGsjU0h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

12a083976f3a0590ab7eee8e6e802316df6e99feff92d591e810f1f29b09e630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=67160
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8820
expires: Wed, 19 Apr 2023 17:37:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 22 KB
22 KB 53ms
53ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16206153-821aWYsZ.jpg&v=3&w=400&s=Nz0zP0DQ01vDaf_9_eC-DQI7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2edd2196f2d7542578d997d3ed2d483ba69807a6847524da3e242d66f5027b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=60925
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22548
expires: Wed, 19 Apr 2023 15:53:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 22 KB
23 KB 58ms
57ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1675803601%2F23019443-zktdlh1F.jpg&v=3&w=400&s=-ady33AuRo_KM7EAW8oV3u4t&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9e48352be7ed4a3e73de8d505e2577bc8fba0586c2a32e7444ca0439f6853439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=293221
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22930
expires: Sat, 22 Apr 2023 08:25:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 36 KB
36 KB 59ms
59ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23038038-lcnXBaCu.jpg&v=3&w=400&s=gc1QFwvYYDz2E3aiSZqV_cHB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e14f530877c06b6031793cd705a8578b303246e5bb9fc261ff948681597b77f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=153422
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 36664
expires: Thu, 20 Apr 2023 17:35:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 10 KB
10 KB 62ms
62ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23019507-ISebh04n.jpg&v=3&w=400&s=wyETvMNev3FdGFx7sXWGQ8ka&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5e1ef1065ecb435c077e363f46615168c86402ee3660c0787a536cdabef65326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=289096
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10236
expires: Sat, 22 Apr 2023 07:16:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 13 KB
14 KB 61ms
60ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1582625411%2F20061215-7rHHvOBB.jpg&v=3&w=400&s=iOe9x-P4DqBuFqljy07zuIjB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1c7517b8465f944f167ada7529b244f9f5a4b32fa52861a534706320ef594525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=152670
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13694
expires: Thu, 20 Apr 2023 17:22:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 22 KB
22 KB 64ms
63ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1594983169%2F20117059-0kCtbvjw.jpg&v=3&w=400&s=exwaYeXg14suYKg5IDvuzZEz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ab6b374b50ba1f25ac83c25ac8be54ba6ea56643d4b4502ada68a2c5adcd03e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=57327
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22502
expires: Wed, 19 Apr 2023 14:53:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F1BA 21 KB
21 KB 63ms
63ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23018874-KbpIvyC8.jpg&v=3&w=400&s=Od5q71hoLegbm3VMt0BngvAX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

7cacb4b873c59ee8da189050a76a14a99edaf0bc4d30c05f12f7d36ea78dac17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=203152
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21088
expires: Fri, 21 Apr 2023 07:23:53 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F1BA 0
128 B 163ms
12ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5bI4bFu122Bo2tdoiYGt3NLLFVMQrmNw2iLcVUp_LAP_DAVfKUlbuqu4q0rBRL_3E9CJpz8SK3G_X-n1ZOhRD7yGkkGuonerxXiC6Sm-wyud2VvCyeLwy4X45d1sOjY_OD1HIt9DbnZYEAnrEe1x8ACcrggFLKQU8SM6Fy_7kty7WDALpHFPMLXpJgfcgOKNQw4wuiURNiyo-8EECqlI_4LEyxa5F5x67Uvt8Og3vUc-FnmX2q0r6OtEAwaNjbxgD0oNXA&sds=2&rev=85950&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 18 Apr 2023 22:58:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F1BA 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F1BA 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:58:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
58ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230413&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

963e21bc2ee8d5f26c9a3b386862f7aae780f5c7f613b213a33869877940ea25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11221
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Apr 2023 22:58:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0EE9 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gainrep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 19:26:44 GMT
expires: Wed, 17 Apr 2024 19:26:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC38 783 B
970 B 19ms
18ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e52c9328382e298f6c413daa52f2a51a7a219fa5d60bfb500e580211a653b77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hZr4riCMIQx9V0iavKJ3tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gainrep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hZr4riCMIQx9V0iavKJ3tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 22:58:01 GMT
expires: Tue, 18 Apr 2023 22:58:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EE9 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 19:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 19:05:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC38 0
0 40ms
40ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230413&jk=1271344360254500&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0EE9 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?e7wP2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADEE 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscevP1QJcWU9O8AJfBmKeqfwQ_Y9amUHI2dDhLLo9jz92YG4HcC66Y_8GCci0n3z_zRfex_hWc2B8eNo3dSsOKfGMw&sig=Cg0ArKJSzImSZn8e-cjrEAE&id=lidar2&mcvt=1000&p=0,0,600,270&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230417&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=2114987940&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681858680411&rpt=355&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 22:58:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F1BA 0
127 B 13ms
12ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 18 Apr 2023 22:58:01 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230413&jk=1271344360254500&bg=!i4iliNzNAAZA7GLoYOw7ADkAdvg8WneMsdvYauXSzLsNool8JmuIuHtcUYeCiEsri7EZ48cALK0XmfwDOVGodqmQVgLLWshxJFwCAAAATVIAAAACaAEHCgB5h4wgTSFqJvjXOEYhKgeDvu5OVwJQQwfzYOLWnRHvq9gQ2acgrSe07VP0aeaNRKrznYfb319CnCad6eF1-gkCSKndATHoF2o3kV3EbAuPuvqd8DEEPUUPWwYFdH815kJ0RfCBqoic9OGgnAnVBiZ_P3RsOSdjm-A4FpkC86jR8cgoCuguKdFNgBGt4sdJgRTZL0RSmNHvDWC95nvwAvpWYA6uBtBUrNw0Ggd4BwE32swhdUvKIyh8GYbY9N6FZsQw99tQQEEywMqSpTO1n86MNlNWjqagwWxOC4dhH0htA_DV18KSiXpsCKhJo6gt45tpa2CBWJ_zdaMMoVmWZ0gq7B75sj4-5uCzGdBt4a7KjHU7s8P3TGgXuHJ3MrIHZupMLSOeL1T4R2Y9Ak6FlTWWNvdETeDkYfByrnigKr4kLzU4mjMqZrDEGQA1uJBSKfDriTTZp1uKzpSWDV8TxUnHA1o9ow_W-o13WmCf4Z4Ii7PoRfFi_elvLpnbLgetzIdeJNfNjxQ5p7umJvEknhXgn7e2FCvG1nKGkpn5Wlgds-hjgn2w1LlEEIL1E32jTZ4QlaEMDhpefI8YjKG9iX8akgIaDE8qUx1R0Z9mSP0ClNXLJ-bwTdLGMX2In6xIZxf7g8D1MGI8v6SWpq5Ay0e2rvUjNPVRnHp0oTUgO6OW8vdLtm1AMmmJuOzxtdDTTU2zDJsvgNEzwaanSemxK9RmoVVomogTHb5oqse8OaTgOOEYTFZ407KoF6y3ARxaWISHchVP_KkNW9E4NA-WGntjFlwuciEHax0TX9RtahLv9pmlTp7q9eCsu8rY84YUtX0LCRNhTsS7ysM7_HMLBRik2IdAOP1_64_Ar4f75Mr6nZhrVnSpPq8urrlZY0u3grc2a4LkrwLqQlJWcdj4WTO_9zdcqd5veAxdcHDxFP8h_5hO7XgUUHbkm7uOuPC-062jdqdMXf_7kEdajoy-tZut_xGmrK0k--LLxD3L3O327_WDZ85YTw6I3DAYk9EVzh92G9I452cOqm3-swBW40Kg1LuMdoe2f-MTrRqhB2tw763rJogCcXw-CCwuhe1VkztCxYn_yxiWBtuixrBsVD-yitFffgQ09o9MZ6whUqmPe2_P72Kz0ZkYtVsh-V98yJop9A3lArEX55AQXzBQVwkM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 950 B
631 B 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=6LcsRMIUAAAAAKYLc6vCm20ceJ_WTl3l23pgm_NH&_=1681858679907

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

246b40062319e430569f2bed7691a98ee309ab4b22552cba058d85f7e0120a18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gainrep.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 610
x-xss-protection: 1; mode=block
expires: Tue, 18 Apr 2023 22:58:06 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 409 KB
165 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaOnloadCallback&render=6LcsRMIUAAAAAKYLc6vCm20ceJ_WTl3l23pgm_NH&_=1681858679907

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gainrep.com/
Origin: https://www.gainrep.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 19:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 19:17:24 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FE3B 47 KB
25 KB 38ms
38ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsRMIUAAAAAKYLc6vCm20ceJ_WTl3l23pgm_NH&co=aHR0cHM6Ly93d3cuZ2FpbnJlcC5jb206NDQz&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=mqvfv0xjz3uq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09ff80bc33b6737dbf1413df56a4813901c943bfd24603aeb6198accfd519262

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZuvwGLymJ3GINO8RtVQVMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gainrep.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26003
content-security-policy: script-src 'report-sample' 'nonce-ZuvwGLymJ3GINO8RtVQVMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 22:58:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame FE3B 55 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsRMIUAAAAAKYLc6vCm20ceJ_WTl3l23pgm_NH&co=aHR0cHM6Ly93d3cuZ2FpbnJlcC5jb206NDQz&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=mqvfv0xjz3uq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 20:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:48:41 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame FE3B 409 KB
164 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 19:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 19:17:24 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FE3B 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 363175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 21 Apr 2023 18:05:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE3B 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:06 GMT
x-content-type-options: nosniff
age: 44821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE3B 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 44823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:04 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FE3B 102 B
134 B 17ms
17ms Other
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93df7036a797945783d64cc7cc90a3431ea14ad9e1886349addc7fb9d46296a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsRMIUAAAAAKYLc6vCm20ceJ_WTl3l23pgm_NH&co=aHR0cHM6Ly93d3cuZ2FpbnJlcC5jb206NDQz&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=mqvfv0xjz3uq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 22:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 18 Apr 2023 22:58:07 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame FE3B 32 KB
18 KB 72ms
72ms XHR
application/json 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcsRMIUAAAAAKYLc6vCm20ceJ_WTl3l23pgm_NH

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9eaaad73738bdca9cef4fc928d5162111b0e508051e11465e881edaecc465583

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcsRMIUAAAAAKYLc6vCm20ceJ_WTl3l23pgm_NH&co=aHR0cHM6Ly93d3cuZ2FpbnJlcC5jb206NDQz&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=mqvfv0xjz3uq
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 18 Apr 2023 22:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18765
x-xss-protection: 1; mode=block
expires: Tue, 18 Apr 2023 22:58:07 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gainrep.com/	1970-01-20 20:46:58	Name: ci Value: en-US
www.gainrep.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bquzybxjhbulj3kk1k0nnaly
www.gainrep.com/	1970-01-20 11:12:25	Name: addcontacts Value: on
www.gainrep.com/	1970-01-20 19:58:01	Name: inviter_code Value: 0e670ee7-2026-4b8a-903f-b4f769c215a4
www.gainrep.com/	1970-01-20 19:58:01	Name: inviter_id Value: 9c62b58e-e870-4b48-85b0-9751aa439de9
www.gainrep.com/	1970-01-20 11:12:25	Name: tz Value:
.gainrep.com/	1970-01-20 20:46:58	Name: _ga Value: GA1.2.219411174.1681858680
.gainrep.com/	1970-01-20 11:12:25	Name: _gid Value: GA1.2.1551497803.1681858680
.gainrep.com/	1970-01-20 11:10:58	Name: _gat_gtag_UA_145308237_1 Value: 1
.gainrep.com/	1970-01-20 20:32:34	Name: __gads Value: ID=2cd53425204cef08-224dec079edd0098:T=1681858680:RT=1681858680:S=ALNI_MZRk1WtthyeqF0m_mC5jhxmMqPGPA
.gainrep.com/	1970-01-20 20:32:34	Name: __gpi Value: UID=00000bd81995c1c2:T=1681858680:RT=1681858680:S=ALNI_MaDHcG5P-13abRKFqwgtAJje8GTkA
.doubleclick.net/	1970-01-20 20:32:34	Name: IDE Value: AHWqTUnzkeZhy2U75xTLgQ1KKBs_RLs3Zy7iuZ9ug-xdR_zF9Z1UAlMSKY00_RupXvI

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2648398126122025&output=html&h=600&slotname=5773521457&adk=2114987940&adf=309374513&pi=t.ma~as.5773521457&w=270&fwrn=4&fwrnh=100&lmt=1681858680&rafmt=1&format=270x600&url=https%3A%2F%2Fwww.gainrep.com%2FSignin%3Fa%3D0e670ee7-2026-4b8a-903f-b4f769c215a4%26i%3D9c62b58e-e870-4b48-85b0-9751aa439de9&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681858680102&bpp=3&bdt=239&idt=303&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6595060522178&frm=20&pv=1&ga_vid=219411174.1681858680&ga_sid=1681858680&ga_hid=234484921&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1027&ady=608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=1271344360254500&tmod=1460532273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTTh62HLP0&p=https%3A//www.gainrep.com&dtd=308 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
em.gainrepmail.com
fonts.gstatic.com
front.nationofhearts.org
googleads.g.doubleclick.net
p.gainrep.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl3.eu.criteo.com
stackpath.bootstrapcdn.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.gainrep.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
178.250.1.6
2600:9000:206f:8200:5:8c2d:3a40:93a1
2600:9000:20e8:1e00:4:3da9:3240:93a1
2600:9000:211e:0:1:5bfd:c500:93a1
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::200d
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c03::9a
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::14
34.202.199.147
0840aa9ee74ac8e13792cec19374f518e262c317c69f231775777ed543c29694
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09ff80bc33b6737dbf1413df56a4813901c943bfd24603aeb6198accfd519262
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
12a083976f3a0590ab7eee8e6e802316df6e99feff92d591e810f1f29b09e630
142adec6fc678bbc4aefe3ff62c81f51dae20d63c271b6ff153adef8351de297
17e75ada74535f579a90eb81a0c95fa979bade0003c00c0f1cc76b1bda482b87
183f2ab8324b869cc620abee18029719e2797f60816e0fe787356637a1838aa4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c7517b8465f944f167ada7529b244f9f5a4b32fa52861a534706320ef594525
1d7036cd7c27816006a31c726f89cb8358c2283e82f078ed8b3bb45b01af7d29
246b40062319e430569f2bed7691a98ee309ab4b22552cba058d85f7e0120a18
2c32ed556c9e78e9cc9abdabad2898f0780b9156c48102706a33215b1637ebc9
2edd2196f2d7542578d997d3ed2d483ba69807a6847524da3e242d66f5027b7d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3b876ba308988408803e86d9baf4dc5084ed3b92bf0f7f280db1521e45f2a7f4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44ad90727d445f5f2730eda428b6a9da804d68c7a24f93ee6554c0a3274580a9
44c8007c21615bbe8fe3c87382859d2e005af5d0a571e36ef498a1cf6270b495
48eebed6b70e5e84e5ed05de3e5bdf6c33e89f5eda3ffdd3f660d0d851aca9b7
4ba1b5211306735335bd115108c0b754275eb5f4ebc72ad5eed7a139337edbdd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e1ef1065ecb435c077e363f46615168c86402ee3660c0787a536cdabef65326
5e52c9328382e298f6c413daa52f2a51a7a219fa5d60bfb500e580211a653b77
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
762db1420a8a65ea2090fd78be36550015df5aa7fc2ae927db8f490c23630f75
7cacb4b873c59ee8da189050a76a14a99edaf0bc4d30c05f12f7d36ea78dac17
7db8f68886c327f985997843386864f155dccb9600e4444e9565d32a2f02557c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a648dc1bb79edb3046d9596a7cb886e32ae0072d7d86dfca4fe5421d034364c
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8e0b314b9b2882ef366a8d0c38bec7b26a5bbcc0356229f48fcc405c5ec06202
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
93df7036a797945783d64cc7cc90a3431ea14ad9e1886349addc7fb9d46296a2
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
963e21bc2ee8d5f26c9a3b386862f7aae780f5c7f613b213a33869877940ea25
9e48352be7ed4a3e73de8d505e2577bc8fba0586c2a32e7444ca0439f6853439
9eaaad73738bdca9cef4fc928d5162111b0e508051e11465e881edaecc465583
a06231505d91c2088c4ea2375d1d3a31939a1ab30ff1ab45b65dd511a2eaa0c4
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5294bd21ad80bb429a24461f68b0e51aaf9ab7d44cad9cc24892c5a4b9a85a3
a6d85140ce65f53e9322d745dbacf70142103a7d6b7c55264e73744f3f66fdfb
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab6b374b50ba1f25ac83c25ac8be54ba6ea56643d4b4502ada68a2c5adcd03e2
b06bf970ccc4c08e6d3ac0a62050d47727486d5dc21401528ea4b1570530ee8a
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
c2369c162a49b53d572cf8f0edc988850f85f899b4da27489465dac8fb5108bb
c2768cbf49eebb25d9169f6abbb998cff92c40f808a10b508da729c24f83222c
c3fbda5aaf08b79384354c91b5a7d8cd6196fb8a797afac0212181c6df0074bb
c76995c01e7b273a4105d43cd1b3ee06748f169c61c76f545a5eef5f3535595d
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb8f2492bdd1766bac1875e720cdfed1f4165bb886492d0e9a40666626bae974
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d2213ac71d2e34c48ba0f16d3c39208f2dd6238b839515818450e77d4107d06a
d51b25919a323fc2c25976593c810742e0d961f6e07234c748358077919fa47f
dd58b3300836e8d3e7c2042eea86fb67bbe4830d0d645599520033dae94913f7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14f530877c06b6031793cd705a8578b303246e5bb9fc261ff948681597b77f4
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3997675a79e351ca1e4de3a43efa44d9d361f1f29741f07f9ad9b11fcd10fcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcba6d68321742b971eda8d36254297a368c6a5dba5486f36076f25d66891d9c
fe515e54d02cc23a3ba838b22ba28d85a81ab7753d4384bc34ac627ee8bd49c2

www.gainrep.com Open in urlscan Pro 34.202.199.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

92 %IPv6

16 Domains

27 Subdomains

26 IPs

4 Countries

1517 kBTransfer

3395 kBSize

12 Cookies

3 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gainrep.com Open in urlscan Pro
34.202.199.147 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

92 %
IPv6

16
Domains

27
Subdomains

26
IPs

4
Countries

1517 kB
Transfer

3395 kB
Size

12
Cookies

88 HTTP transactions
1 data transactions