urlscan.io logo urlscan.io
SecurityTrails logo

nets4.com Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
URL: https://nets4.com/domain/eminer.app
Submission: On March 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 10 countries across 58 domains to perform 434 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is nets4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.
This is the only time nets4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 2a06:98c1:312... 13335 (CLOUDFLAR...)
13 2606:4700::68... 13335 (CLOUDFLAR...)
3 143.204.98.40 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:27::... 8075 (MICROSOFT...)
5 20.85.30.134 8075 (MICROSOFT...)
28 34.227.128.233 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a04:4e42::649 54113 (FASTLY)
5 2a04:4e42:600... 54113 (FASTLY)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
24 142.250.185.130 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
43 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
41 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
3 2a02:2638::18 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 217.79.188.59 24961 (MYLOC-AS ...)
2 217.79.188.54 24961 (MYLOC-AS ...)
10 25 142.250.185.66 15169 (GOOGLE)
5 11 23.218.208.246 16625 (AKAMAI-AS)
5 8 185.33.221.50 29990 (ASN-APPNEX)
26 2a02:2638:1::3 44788 (ASN-CRITE...)
3 178.250.0.160 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
30 178.250.2.135 44788 (ASN-CRITE...)
5 178.250.0.162 44788 (ASN-CRITE...)
1 12 138.201.63.164 24940 (HETZNER-AS)
1 138.201.63.150 24940 (HETZNER-AS)
1 4 88.99.219.174 24940 (HETZNER-AS)
4 5 145.239.193.130 16276 (OVH)
3 88.198.250.30 24940 (HETZNER-AS)
4 46.236.13.147 12703 (PULSANT-AS)
2 4 142.250.185.166 15169 (GOOGLE)
2 2 94.23.99.218 16276 (OVH)
3 54.76.176.197 16509 (AMAZON-02)
2 3 104.111.239.217 16625 (AKAMAI-AS)
1 2600:9000:215... 16509 (AMAZON-02)
1 108.157.1.118 16509 (AMAZON-02)
3 151.139.128.11 20446 (STACKPATH...)
1 1 185.29.132.245 30419 (MEDIAMATH...)
1 34.96.105.8 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
5 5 18.184.212.115 16509 (AMAZON-02)
2 2 216.52.2.39 30282 (AS-INAPCD...)
2 2 13.248.245.213 16509 (AMAZON-02)
2 143.204.98.127 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 85.114.131.234 24961 (MYLOC-AS ...)
1 2 3.33.220.150 16509 (AMAZON-02)
3 46.4.10.47 24940 (HETZNER-AS)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.130.49 54113 (FASTLY)
2 2 213.155.156.165 1299 (TWELVE99 ...)
2 2 37.157.2.238 198622 (ADFORM)
1 1 69.173.144.165 26667 (RUBICONPR...)
4 5 213.19.147.45 3356 (LEVEL3)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.30.107.253 16509 (AMAZON-02)
2 51.89.7.205 16276 (OVH)
1 3 18.159.23.158 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 34.98.64.218 15169 (GOOGLE)
1 2 34.251.93.43 16509 (AMAZON-02)
1 35.158.47.202 16509 (AMAZON-02)
434 69
30    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
nets4.com
img.nets4.com
s0.nets4.com
13    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    143.204.98.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-40.fra50.r.cloudfront.net
cdn.purpleads.io
16    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:1ec:27::cafe:1846 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
28    34.227.128.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-128-233.compute-1.amazonaws.com
api.purpleads.io
2    2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
3    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
a.tile.openstreetmap.org
5    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
b.tile.openstreetmap.org
c.tile.openstreetmap.org
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
24    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
8    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
43    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
6f3bb8c6a59dda0a6715cd9ba37a37b7.safeframe.googlesyndication.com
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
9    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
41    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
3    2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
5    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ad13.adfarm1.adition.com
25    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
11    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
8    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
26    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
5    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
30    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
5    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
12    138.201.63.164 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de
hal9000.redintelligence.net
hal90006.redintelligence.net
1    138.201.63.150 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
ad.ad-srv.net
4    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
ad29.ad-srv.net
5    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
3    88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
4    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
4    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
3    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    2600:9000:2156:2c00:c:6264:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)
htlp.emp.de
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
3    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
static2.creative-serving.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
5    18.184.212.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-212-115.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    143.204.98.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-127.fra50.r.cloudfront.net
analytics.webgains.io
1    2600:9000:2156:c800:13:99a2:1280:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.acfrg.com
1    85.114.131.234 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de
cdn.contentspread.net
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
3    46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de
hal90002.redintelligence.net
1    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    167.233.14.134 (Eching, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
2    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    52.30.107.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
api.webgains.io
2    51.89.7.205 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p28.id5-sync.com
id5-sync.com
3    18.159.23.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-23-158.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    34.251.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-93-43.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    35.158.47.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-47-202.eu-central-1.compute.amazonaws.com
match.justpremium.com
Apex Domain
Subdomains		 Transfer
97 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
6f3bb8c6a59dda0a6715cd9ba37a37b7.safeframe.googlesyndication.com
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
493 KB
61 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
pix.eu.criteo.net — Cisco Umbrella Rank: 7328
csm.eu.criteo.net — Cisco Umbrella Rank: 7422
949 KB
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 71352
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 206017
1 MB
31 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 176762
api.purpleads.io — Cisco Umbrella Rank: 157725
46 KB
30 nets4.com
nets4.com
img.nets4.com
s0.nets4.com
225 KB
24 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 57
29 KB
15 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 28803
hal90006.redintelligence.net — Cisco Umbrella Rank: 202830
hal90002.redintelligence.net — Cisco Umbrella Rank: 204200
110 KB
13 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
281 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
10 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
561 KB
9 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341
ads.eu.criteo.com — Cisco Umbrella Rank: 7435
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702
145 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
8 KB
8 openstreetmap.org
a.tile.openstreetmap.org — Cisco Umbrella Rank: 13366
b.tile.openstreetmap.org — Cisco Umbrella Rank: 13554
c.tile.openstreetmap.org — Cisco Umbrella Rank: 13588
45 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 916
j.clarity.ms — Cisco Umbrella Rank: 1871
c.clarity.ms — Cisco Umbrella Rank: 547
25 KB
7 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 39406
medialead.de — Cisco Umbrella Rank: 38865
4 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18655
api.webgains.io — Cisco Umbrella Rank: 47350
102 KB
6 creative-serving.com
static2.creative-serving.com — Cisco Umbrella Rank: 63081
ads.creative-serving.com — Cisco Umbrella Rank: 3287
14 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
214 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
3 KB
5 ad-srv.net
ad.ad-srv.net — Cisco Umbrella Rank: 33086
ad29.ad-srv.net — Cisco Umbrella Rank: 197003
7 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 35662
8 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
2 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1439
insight.adsrvr.org — Cisco Umbrella Rank: 567
match.adsrvr.org — Cisco Umbrella Rank: 293
3 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13937
2 KB
3 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 64653
12 KB
3 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 39676
900 B
3 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 16139
ad13.adfarm1.adition.com — Cisco Umbrella Rank: 40145
11 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1207
cloudflareinsights.com — Cisco Umbrella Rank: 1193
5 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 488
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
976 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 524
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4364
718 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 697
s.tribalfusion.com — Cisco Umbrella Rank: 1995
1 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 162635
6 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 346
950 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
1 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3666
34 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 justpremium.com
match.justpremium.com — Cisco Umbrella Rank: 2600
325 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 323
274 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 554
492 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
32 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
457 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
538 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2666
104 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 292583
409 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 202756
931 B
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 45661
20 KB
1 acfrg.com
media.acfrg.com — Cisco Umbrella Rank: 179467
12 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 18240
524 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2593
173 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
861 B
1 emp.de
htlp.emp.de — Cisco Umbrella Rank: 159970
3 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
555 B
0 netmng.com Failed
google2waycm.netmng.com Failed
434 58
Domain Requested by
43 pagead2.googlesyndication.com securepubads.g.doubleclick.net
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
nets4.com
tpc.googlesyndication.com
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
googleads.g.doubleclick.net
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
www.googletagservices.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
41 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
googleads.g.doubleclick.net
nets4.com
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
30 pix.eu.criteo.net ads.eu.criteo.com
28 api.purpleads.io cdn.purpleads.io
26 static.criteo.net ads.eu.criteo.com
25 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
24 securepubads.g.doubleclick.net cdn.purpleads.io
securepubads.g.doubleclick.net
nets4.com
16 www.google.com nets4.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
16 img.nets4.com nets4.com
13 cdnjs.cloudflare.com nets4.com
cdnjs.cloudflare.com
ads.eu.criteo.com
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
11 nets4.com nets4.com
8 hal9000.redintelligence.net 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
hal90006.redintelligence.net
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
hal90002.redintelligence.net
8 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
8 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
6 googleads.g.doubleclick.net 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
nets4.com
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
6 www.googletagservices.com 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
6 adservice.google.de securepubads.g.doubleclick.net
5 x.bidswitch.net 5 redirects
5 pv.medialead.de 4 redirects ad29.ad-srv.net
5 csm.eu.criteo.net ads.eu.criteo.com
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com cdn.purpleads.io
cdnjs.cloudflare.com
hal90006.redintelligence.net
hal90002.redintelligence.net
5 www.gstatic.com www.google.com
5 j.clarity.ms www.clarity.ms
j.clarity.ms
4 api.webgains.io analytics.webgains.io
4 track.webgains.com nets4.com
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
4 ad29.ad-srv.net 1 redirects 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
ad29.ad-srv.net
4 hal90006.redintelligence.net 1 redirects 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
hal90006.redintelligence.net
3 ads.creative-serving.com 1 redirects
3 sync.1rx.io 3 redirects
3 hal90002.redintelligence.net hal9000.redintelligence.net
hal90002.redintelligence.net
3 static2.creative-serving.com ad29.ad-srv.net
static2.creative-serving.com
3 www.awin1.com 2 redirects 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
3 ad-server.eu 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
ad29.ad-srv.net
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
3 pb.media01.eu hal90006.redintelligence.net
pv.medialead.de
hal90002.redintelligence.net
3 cat.fr.eu.criteo.com ads.eu.criteo.com
3 ads.eu.criteo.com 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
3 c.tile.openstreetmap.org
3 a.tile.openstreetmap.org
3 cdn.purpleads.io nets4.com
3 s0.nets4.com nets4.com
2 dpm.demdex.net 1 redirects
2 id5-sync.com static2.creative-serving.com
2 sync.targeting.unrulymedia.com 1 redirects
2 c1.adform.net 2 redirects
2 d5p.de17a.com 2 redirects
2 8019191.fls.doubleclick.net 1 redirects nets4.com
2 cdn.retailads.net 1 redirects futalis.de
2 analytics.webgains.io track.webgains.com
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 medialead.de 2 redirects
2 5994599.fls.doubleclick.net 1 redirects nets4.com
2 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ad13.adfarm1.adition.com 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
ad13.adfarm1.adition.com
2 rtb.nl.eu.criteo.com nets4.com
2 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cloudflareinsights.com static.cloudflareinsights.com
2 c.clarity.ms 1 redirects
2 b.tile.openstreetmap.org
2 static.addtoany.com nets4.com
2 www.google-analytics.com nets4.com
www.google-analytics.com
1 match.justpremium.com
1 us-u.openx.net
1 simage2.pubmatic.com
1 www.googletagmanager.com adv.office-partner.de
1 pixel.rubiconproject.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
1 futalis.de hal90002.redintelligence.net
1 adv.office-partner.de hal90002.redintelligence.net
1 match.adsrvr.org js.adsrvr.org
1 insight.adsrvr.org 1 redirects
1 cdn.contentspread.net ad29.ad-srv.net
1 media.acfrg.com ad29.ad-srv.net
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 js.adsrvr.org ad29.ad-srv.net
1 htlp.emp.de ad29.ad-srv.net
1 ad.ad-srv.net nets4.com
1 imagesrv.adition.com 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com nets4.com
1 6f3bb8c6a59dda0a6715cd9ba37a37b7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c.bing.com 1 redirects
1 www.clarity.ms nets4.com
1 static.cloudflareinsights.com nets4.com
0 google2waycm.netmng.com Failed 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
434 95

This site contains links to these domains. Also see Links.

Domain
blog.nets4.com
link.nets4.com
eminer.app
leafletjs.com
www.openstreetmap.org
www.addtoany.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-29 -
2022-04-28		 a year crt.sh
*.purpleads.io
Amazon		 2021-12-01 -
2022-12-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.tile.openstreetmap.org
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2021-04-15 -
2022-05-17		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
ad-srv.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
htlp.emp.de
Amazon		 2022-01-31 -
2023-03-01		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
static2.creative-serving.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-10 -
2022-09-10		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
pv.medialead.de
R3		 2022-02-20 -
2022-05-21		 3 months crt.sh
contentspread.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
ad-server.eu
R3		 2022-02-13 -
2022-05-14		 3 months crt.sh
adv.office-partner.de
R3		 2022-03-07 -
2022-06-05		 3 months crt.sh
*.futalis.de
R3		 2022-02-21 -
2022-05-22		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2021-07-17 -
2022-07-17		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
tracking.justpremium.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh

This page contains 61 frames:

Primary Page: https://nets4.com/domain/eminer.app
Frame ID: 6F85E85C3DC6B09F22BC1780B934B9A3
Requests: 81 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 68069EB55E0A5DDB85764BF2CFFEC2AF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=avnjuj7hje9l
Frame ID: FCC97C94A4B2F6D02E35EEF49B365374
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3A2424E11BF4B7C69D5C5B44A6B7F23F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 9EB8FF014BA1D8D932386CAA99135694
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 70186E8B6818579ABCAAAE37A74CF60F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 85766A777017F0863A96A3E5D9E41FCE
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0C97C017A41CA03525796CE55D6A946A
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Frame ID: 30EA24AC9437B98FBC8A7D1ECF9E0E36
Requests: 3 HTTP requests in this frame

Frame: https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 13D7E8AADE616611FB61FEAF944853AB
Requests: 1 HTTP requests in this frame

Frame: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 36756E06B5DCCD841F205C8E26DEEA5A
Requests: 1 HTTP requests in this frame

Frame: https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 046DBAAE008F322C8411263643B55F1C
Requests: 1 HTTP requests in this frame

Frame: https://6f3bb8c6a59dda0a6715cd9ba37a37b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D40143493184168F122F5AC1B32323C8
Requests: 1 HTTP requests in this frame

Frame: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0C06D4396519A2342CB9F34EACE2BBC8
Requests: 1 HTTP requests in this frame

Frame: https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E462B25CBC72117482083F7492D54990
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 62C24A03547ACCEFDCA7A30F59E196F0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D59E6BC22701F307F5B72B43DE6A8DE6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9FAA701272E55E329C2FEA14045C355
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE408CF073E44FD71A1D40EC280EE899
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF2C6E54A806D1CB181DFB46E84F2E2E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E10F936BC6E34CA72F7A209A0630FA7
Requests: 2 HTTP requests in this frame

Frame: https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 85CC6772350CC240ADD97E249D8F863D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64C811E9BA96C095A1C570501327B251
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4331ED25ABF50EC28D93C22E47D306A6
Requests: 2 HTTP requests in this frame

Frame: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1EAEDF4D086A7A2C5F2D4C0BF440AB9D
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Frame ID: D9E916849D01E56B8EB75112867A64EA
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8FAC0D9CBC0464A9FBFC7204FFA4BB7A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1527054350720EB491F85F7BAAA59BF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWYw_-JXAlieY3i2dkbYfXbBZOb36scprjoMmxYVv47coM-y3dSX4uJckG3B3oeMKvdK8AtVn3y61KRJKI3B-4r-JgQ94WPMkitQ3SP9M-TEMgVpI-7K7M-jHZTrr_k90xjcOTqUk6tBMZL7ZXBcpsRN3mxklRdPYfCWmVsRluuxr0Yh9A
Frame ID: 5ADD5836C43D87A612A9C346FFEE16B8
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Frame ID: CE2885371A9864BCFE6D7E4C760F2A83
Requests: 22 HTTP requests in this frame

Frame: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0542738B13655361911CD58824D346C7
Requests: 28 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: 07CC1BD4A73098EBE8B61B83FF0B1E64
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiW1rnFATAB&v=APEucNXLX-ZhGYMmnbFmXYymT_NPjhT1IuM6PxmbeGKsPngx8dtRIF62zjSyk5gkzvk5IJLvLb0l7cWkJPOPNiH01LCurGT3RhrAOEeSTgDCiTz7l4m2oPBXa-OjA73mk5BWplRwW-giAqf2uGNta9Yp-TFU9vJTHhkTimNPfMX6Hn-dCKipxrQ
Frame ID: 93B24435ADDF306D4778A59F15699152
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BF8B65860ED27FDC262CBCCF8F49B859
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D93FFF7818AC53AF90A56690468CFC9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE8FBC884465AF3D044E375E2952520A
Requests: 3 HTTP requests in this frame

Frame: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0970536BA4DE2A7BA11FA6862A332498
Requests: 1 HTTP requests in this frame

Frame: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 003D8FCB143F321F78C15B4338AF3D23
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44257800100180800710612011905006&actionid=981741&produktid=&dt_url=
Frame ID: EBA6A6493CED3046615E40EBDACDD00C
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041
Frame ID: D046D7F23F9FE131859D7C0515885D19
Requests: 2 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=44257800100180800710612011905006&a=f82d6bfe
Frame ID: 2DF3624E03B3A921AFAEBC2643746A64
Requests: 6 HTTP requests in this frame

Frame: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 997B7EF5B7530FE2E117155D826FD805
Requests: 9 HTTP requests in this frame

Frame: https://htlp.emp.de/
Frame ID: 030D6E9D76C88A6808D6895E369C49B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Frame ID: 47FD98D13388B03DB24F2BC7802A1A92
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 56050D3ECF7E037BD99E7E68E01E49D3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 92236D6C548A6ABF0BFA1C9BD9331EC9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0D1119A417B28CCA723A0C97947834E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E8494A30A0F737C74E6771078FDC925B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8F0C46AD8FE31ABBB9FB292C928E0E5A
Requests: 2 HTTP requests in this frame

Frame: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E8E706296374CF4FF4E04B7678DE6063
Requests: 17 HTTP requests in this frame

Frame: https://ad29.ad-srv.net/request_content.php?s=44408900105111600383830011905029&a=5570690e
Frame ID: D0E3C33BD1EE7B2FC560BD240992E90F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX6LQgfEBWCEpjcpmHQehQeJgKjRpHYPsgYXdjwWm1cLW23h-SXXKUBSI2urNhDt1MSqXVoGthH00LeHSPGJQ_E8gfVas-toozJ3wpOG0Y2oTCQJ2plst4vBceHvB7zr1HIPWd3GfO-y9ae-XWpgrcEVrrVpW_tKNtKvAuGvwU6ACSK3uU
Frame ID: 67053B82BB89874995E7A89E41CA32CD
Requests: 5 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=44408900105111600383830011905029&actionid=981741&produktid=&dt_url=
Frame ID: F5569DAF23BADAE147FE30B3D0C02AD1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EF5861F1516090266360693164028FB6
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
Frame ID: 86DF64CA18CBC19120A8DCF136A2B96F
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=89364000084992400710612011905002&actionid=981741&produktid=&dt_url=
Frame ID: CF681BD37CA2AD9FFA0BA407C24C0215
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 9DE371F1C13E93FAB1B5A5716541DF47
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1284527989
Frame ID: B04931489C337F81CEE3FFA1FB12D3E5
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031
Frame ID: 2A32F82AC87B20641712BE84AF90AB91
Requests: 2 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=89364000084992400710612011905002&a=64cd3ae2
Frame ID: 73CF22926D92758B7EB33AE78A1B4D77
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B839C2F0996964BC4673BE4D75118D26
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Eminer.app - EMiner - Automatic Leads Mining

Detected technologies

Overall confidence: 100%
Detected patterns
  • leaflet.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

434
Requests

92 %
HTTPS

39 %
IPv6

58
Domains

95
Subdomains

69
IPs

10
Countries

4593 kB
Transfer

9857 kB
Size

65
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=BFEED5A676984728B807CADC30739DA1&RedC=c.clarity.ms&MXFR=3FC1B33860EB60972728A25664EB6E28 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=BFEED5A676984728B807CADC30739DA1&MUID=28C4BE0A7C3C6B262D67AF647DEE6ADE
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Request Chain 194
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjhkOpf8zZv1BkpaMl0qvwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
Request Chain 196
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Request Chain 203
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjhkOpf8zZv1BkpaMl0qvwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
Request Chain 205
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Request Chain 269
  • https://hal90006.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f069dee7ea&subid=&uid=731b1cbf2879c438&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtgveOWQ4YuKPGLHC7_UPlP6f8A-1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAjuymMe0jLI-qAMBqgTWAU_QzLZGZd2ILP8wV2JQTrID-e8cF09TjjAimWOce_ivLjtUlaDgCl6107zsGIyDyAnn4Sz3wX0QslVV3OinCq0UM5c5WF0XqayqMFVH33W9ydtFHIHG9ox7LwcgE89FtWysUzCmtZhuxsmm8X_LvvwyX0nm9NVuOx8TAwPq2f20_2dot8gAq5j7pmBbRXNX4miw6ro_-04U0n4rx_at-ZZRUYqXP4uU8UFZrGlXOr3EeajnHIaI9dc_v466OVW4rcEEt4_8vtKw1-yBrBzGTbODBaVax7LABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ%26sig%3DAOD64_196IRrviFX587nFfMdfNVbkavzTA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ChdBP9JUVMkmg8Vgw_oA_bqEyUV4_0qidm-vu6kOq2TRMZ6bTGwuBl0e_CjqE7qGEaA9JQUuizvq2JCd9Jup-8mbo129ZQZbHI5UAIZOOrGQEM9nbaouN-5OaE-M_LlTiSFK9yYaGUlpmiIkzrg3lx3tn3EA%26cry%3D1%26dbm_d%3DAKAmf-AdpWTAi2bdbGvOx-eC8PoI7Kzi9MV7H8szBi9EIeZiGwxluE03KyEAzTCw1lFaCRiH7eNv_OF-h4ZIOaxqyaN02DllsusSlZTcCxCZpet4X52rObeFMf3A6cHBme_EieXSl66bn0jfeUHUK-armYbfeC6wfhN1tEO1t06H_kdiy_uzJVmhn-lzJbWR0h4oeKwX8mrVmIsBe7MScp30qU-0zV_HtXc93OhotjAooQMVM8m8ax8GcpxwWM9R4BhB2QE-JWFg6HDGGoXhceexAoDosqzDBy7ogpMtPuWIvQPOr0c8Umv0JBFC-Tsa45tyAN4B7hoU3BCUu0r5ynGHPHoOe7ij9fARAPQSujQK-0vnZXC9mLoxPtDcpX8n2UoBz6gDfqOpkeg-InEMb-YbklPG8VgoPl6RbLed9QfA4WFCjDqIBXD5imrfRISr8ts8A1_7MzXSKgH17vySQGp9c9LIvhfcww%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3256013270552&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90006.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f069dee7ea&subid=&uid=731b1cbf2879c438&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtgveOWQ4YuKPGLHC7_UPlP6f8A-1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAjuymMe0jLI-qAMBqgTWAU_QzLZGZd2ILP8wV2JQTrID-e8cF09TjjAimWOce_ivLjtUlaDgCl6107zsGIyDyAnn4Sz3wX0QslVV3OinCq0UM5c5WF0XqayqMFVH33W9ydtFHIHG9ox7LwcgE89FtWysUzCmtZhuxsmm8X_LvvwyX0nm9NVuOx8TAwPq2f20_2dot8gAq5j7pmBbRXNX4miw6ro_-04U0n4rx_at-ZZRUYqXP4uU8UFZrGlXOr3EeajnHIaI9dc_v466OVW4rcEEt4_8vtKw1-yBrBzGTbODBaVax7LABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ%26sig%3DAOD64_196IRrviFX587nFfMdfNVbkavzTA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ChdBP9JUVMkmg8Vgw_oA_bqEyUV4_0qidm-vu6kOq2TRMZ6bTGwuBl0e_CjqE7qGEaA9JQUuizvq2JCd9Jup-8mbo129ZQZbHI5UAIZOOrGQEM9nbaouN-5OaE-M_LlTiSFK9yYaGUlpmiIkzrg3lx3tn3EA%26cry%3D1%26dbm_d%3DAKAmf-AdpWTAi2bdbGvOx-eC8PoI7Kzi9MV7H8szBi9EIeZiGwxluE03KyEAzTCw1lFaCRiH7eNv_OF-h4ZIOaxqyaN02DllsusSlZTcCxCZpet4X52rObeFMf3A6cHBme_EieXSl66bn0jfeUHUK-armYbfeC6wfhN1tEO1t06H_kdiy_uzJVmhn-lzJbWR0h4oeKwX8mrVmIsBe7MScp30qU-0zV_HtXc93OhotjAooQMVM8m8ax8GcpxwWM9R4BhB2QE-JWFg6HDGGoXhceexAoDosqzDBy7ogpMtPuWIvQPOr0c8Umv0JBFC-Tsa45tyAN4B7hoU3BCUu0r5ynGHPHoOe7ij9fARAPQSujQK-0vnZXC9mLoxPtDcpX8n2UoBz6gDfqOpkeg-InEMb-YbklPG8VgoPl6RbLed9QfA4WFCjDqIBXD5imrfRISr8ts8A1_7MzXSKgH17vySQGp9c9LIvhfcww%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3256013270552&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 275
  • https://ad29.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=1341611167430&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://ad29.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=1341611167430&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 286
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=44257800100180800710612011905006&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44257800100180800710612011905006&actionid=981741&produktid=&dt_url=
Request Chain 288
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041
Request Chain 290
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=44257800100180800710612011905006 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=44257800100180800710612011905006 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 302
  • https://www.awin1.com/cshow.php?s=2481850&v=14172&q=372911&r=473322&pv=1&pref1=44408900105111600383830011905029 HTTP 302
  • https://htlp.emp.de/
Request Chain 328
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO120yZmEXZRISacF9t1P_U&google_cver=1&google_push=AYg5qPLhcZcsgWTprbI27W1SihSpxoQOFtmGBi9UxDbKvI5gVgzFwUC2mUdgGf3PKqucPR993a5Qujj5-neGxS-blfld5IvGwBUK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLhcZcsgWTprbI27W1SihSpxoQOFtmGBi9UxDbKvI5gVgzFwUC2mUdgGf3PKqucPR993a5Qujj5-neGxS-blfld5IvGwBUK
Request Chain 330
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGky9pthmTyjB2hN7-7Ygi8&google_cver=1&google_push=AYg5qPLIpr8g-MhgWsOyW-CaDjfqTaJWlfDR2Sdx3hUT5tRHSeNnye-FyBvAyFK-fN1EgJmcCFDVrgGPdZJvd_jHD3biR997l80Wug HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=g5T63rekSfegczSaI_iN_Q2&google_push=AYg5qPLIpr8g-MhgWsOyW-CaDjfqTaJWlfDR2Sdx3hUT5tRHSeNnye-FyBvAyFK-fN1EgJmcCFDVrgGPdZJvd_jHD3biR997l80Wug
Request Chain 331
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHVoDc4PbHydFl-Etir-NXs&google_cver=1&google_push=AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKKpHQDqSwnHCQsqcpw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHVoDc4PbHydFl-Etir-NXs&google_cver=1&google_push=AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKKpHQDqSwnHCQsqcpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKKpHQDqSwnHCQsqcpw&google_hm=lQqvhbr7TXSC2z-VY2FVcA==
Request Chain 332
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMmYDmmtucn0DJmHHFHe0Ds&google_cver=1&google_push=AYg5qPKhV8jKkgJl5RodD9dVPhn-vLwevmpLX_Zt82jTxz523uZQ4MdOE0LKtWl9Ca94lcgJsh7PHlurnAIFe8nIUB8GaDp4l9k12A HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMmYDmmtucn0DJmHHFHe0Ds&google_cver=1&google_push=AYg5qPKhV8jKkgJl5RodD9dVPhn-vLwevmpLX_Zt82jTxz523uZQ4MdOE0LKtWl9Ca94lcgJsh7PHlurnAIFe8nIUB8GaDp4l9k12A&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKhV8jKkgJl5RodD9dVPhn-vLwevmpLX_Zt82jTxz523uZQ4MdOE0LKtWl9Ca94lcgJsh7PHlurnAIFe8nIUB8GaDp4l9k12A&google_hm=16f9783c7e0893c2225cef8f
Request Chain 333
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHTDp05DwrE1VHXvz24MQQQ&google_cver=1&google_push=AYg5qPIljug7mG8bL7S9raktGxoLCtL1_wplx8OEwzMUXCMyF79l-8swv1pJu55Dmep7cA4to-c9MfIJSkldHmSU28MTcj_DPqEv HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIljug7mG8bL7S9raktGxoLCtL1_wplx8OEwzMUXCMyF79l-8swv1pJu55Dmep7cA4to-c9MfIJSkldHmSU28MTcj_DPqEv&google_gid=CAESEHTDp05DwrE1VHXvz24MQQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE4MjU3MTg3NDM0OTAwNDEyMjk1MQ%3D%3D&google_push=AYg5qPIljug7mG8bL7S9raktGxoLCtL1_wplx8OEwzMUXCMyF79l-8swv1pJu55Dmep7cA4to-c9MfIJSkldHmSU28MTcj_DPqEv
Request Chain 367
  • https://www.awin1.com/cshow.php?s=2481855&v=14172&q=372905&r=473322&pref1=44408900105111600383830011905029 HTTP 302
  • https://media.acfrg.com/banner/Affilinet/Logo/EMP/140x180.png
Request Chain 373
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Request Chain 374
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjhkOpf8zZv1BkpaMl0qvwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
Request Chain 376
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Request Chain 388
  • https://insight.adsrvr.org/track/up?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
Request Chain 391
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=89364000084992400710612011905002&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=89364000084992400710612011905002&actionid=981741&produktid=&dt_url=
Request Chain 393
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=89364000084992400710612011905002&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1284527989
Request Chain 395
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031
Request Chain 397
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=89364000084992400710612011905002 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=89364000084992400710612011905002 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 406
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESED0MF4yFQZ3GVR_e9fHMZxQ&google_cver=1&google_push=AYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED0MF4yFQZ3GVR_e9fHMZxQ&google_cver=1&google_push=AYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 407
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEE6PwbrcSjU5NS4uGPxZBIg&google_cver=1&google_push=AYg5qPIt2aAfk2KOMXn4wQpD8VjOd9xxb3jBD9iZUrV8xkDlJXUV9nH_Gq32TWcdQPTRbQoGF_cZkvUbXA-LGCFBtmJ456amLdMe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE6PwbrcSjU5NS4uGPxZBIg&google_push=AYg5qPIt2aAfk2KOMXn4wQpD8VjOd9xxb3jBD9iZUrV8xkDlJXUV9nH_Gq32TWcdQPTRbQoGF_cZkvUbXA-LGCFBtmJ456amLdMe
Request Chain 408
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGT2k7o_qCm4EPtYnAheWss&google_cver=1&google_push=AYg5qPKUufe-Fufj1fl6OfmCZ8UWwbRjZwIpOyQRDYzlKTmW7Na1nTOnX7l0xTDqOkklCzQDz5tVZqd31bDQJc84eKEYhUzM_WU HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGT2k7o_qCm4EPtYnAheWss&google_cver=1&google_push=AYg5qPKUufe-Fufj1fl6OfmCZ8UWwbRjZwIpOyQRDYzlKTmW7Na1nTOnX7l0xTDqOkklCzQDz5tVZqd31bDQJc84eKEYhUzM_WU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKUufe-Fufj1fl6OfmCZ8UWwbRjZwIpOyQRDYzlKTmW7Na1nTOnX7l0xTDqOkklCzQDz5tVZqd31bDQJc84eKEYhUzM_WU
Request Chain 409
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBLkl92blgcEirHtVmOMyQA&google_cver=1&google_push=AYg5qPIhimLjHUXzoElFTLFcUG3WmbxA6JzfDzhZHCXve_sq1SYLUsaHSVRs_Mn4m8FgPXs7rBL0bSp1Fpx9GqnN_bFeBm1nLOq- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBLkl92blgcEirHtVmOMyQA&google_cver=1&google_push=AYg5qPIhimLjHUXzoElFTLFcUG3WmbxA6JzfDzhZHCXve_sq1SYLUsaHSVRs_Mn4m8FgPXs7rBL0bSp1Fpx9GqnN_bFeBm1nLOq- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMxNDYwNjUwNjU5MDY1OTE1MA&google_push=AYg5qPIhimLjHUXzoElFTLFcUG3WmbxA6JzfDzhZHCXve_sq1SYLUsaHSVRs_Mn4m8FgPXs7rBL0bSp1Fpx9GqnN_bFeBm1nLOq-
Request Chain 410
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGcIs7kIlaLF5hqY3TbmVRw&google_cver=1&google_push=AYg5qPIPcgFoNysxNeVAfsDbFvV3FRGBf4W6ZkxfgFFM87r4Ks9E2dzkeVu0drClVAmuIrahAsqnIFjx91UZzRDu_jge7zP3KUoC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwTVpOWTctNS1CRDVD&google_push=AYg5qPIPcgFoNysxNeVAfsDbFvV3FRGBf4W6ZkxfgFFM87r4Ks9E2dzkeVu0drClVAmuIrahAsqnIFjx91UZzRDu_jge7zP3KUoC
Request Chain 411
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGpe0_9nnZbcMU2vGLXQsOo&google_cver=1&google_push=AYg5qPKrTlbdbgVTok_zbWPh-jRKM2Ou14EDwit0iqBuwd-NLZsxOS7vzyEAbr6I-t4Jjugqg_8vwK6EfSvreSiVcg6EE8a9er0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKrTlbdbgVTok_zbWPh-jRKM2Ou14EDwit0iqBuwd-NLZsxOS7vzyEAbr6I-t4Jjugqg_8vwK6EfSvreSiVcg6EE8a9er0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1647862843924 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8be39b9-0c63-4557-84a6-6388033728ac-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKrTlbdbgVTok_zbWPh-jRKM2Ou14EDwit0iqBuwd-NLZsxOS7vzyEAbr6I-t4Jjugqg_8vwK6EfSvreSiVcg6EE8a9er0%26google_hm%3DA6i-ObkMY0VXhKZjiAM3KKw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKrTlbdbgVTok_zbWPh-jRKM2Ou14EDwit0iqBuwd-NLZsxOS7vzyEAbr6I-t4Jjugqg_8vwK6EfSvreSiVcg6EE8a9er0&google_hm=A6i-ObkMY0VXhKZjiAM3KKw
Request Chain 429
  • https://ads.creative-serving.com/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse HTTP 302
  • https://ads.creative-serving.com/ul_cb/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
Request Chain 431
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=54a292ee-c372-406c-a983-941673e305bf&ssp=&expires=5&user_group=4&cb=674 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=950aaf85-bafb-4d74-82db-3f9563615570&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 432
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=54a292ee-c372-406c-a983-941673e305bf&ssp=&expires=5&user_group=4&cb=308 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/950aaf85-bafb-4d74-82db-3f9563615570?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a8be39b9-0c63-4557-84a6-6388033728ac-003
Request Chain 433
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=54a292ee-c372-406c-a983-941673e305bf&ssp=&expires=5&user_group=4&cb=439 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=950aaf85-bafb-4d74-82db-3f9563615570&gdpr=&gdpr_consent=
Request Chain 435
  • https://dpm.demdex.net/ibs:dpid=393426&dpuuid=54a292ee-c372-406c-a983-941673e305bf HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=54a292ee-c372-406c-a983-941673e305bf
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc HTTP 302
  • https://ads.creative-serving.com/gcm?google_gid=CAESEJ1TFoHtxLyIHHGmlRCNLd0&google_cver=1

434 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request eminer.app
nets4.com/domain/ 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fdf893519118f4c6ee34653a6f14eff463a94908af05c9fe958a83038d52b89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
content-type
text/html; charset=UTF-8
cf-ray
6ef669f189e59061-FRA
cache-control
public, max-age=86400, proxy-revalidate
last-modified
Mon, 21 Mar 2022 11:40:38 GMT
vary
Accept-Encoding
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eg8%2F1duVmKMDLmuIyQtKiIw%2B9umZR85N%2Fv0g6ixXwB8xRa26cpw8j6Rfg%2BHO67p7Nd7fRjJbHZt8TYd3L7tv%2FCUF6djbVQjErkNFAKElgm1XMD1F1hZDpBjTrJhBH%2FaQOqRI7VMS%2FjE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
awkqrI1qzYcE0gTfW6uXyLl_1bA.js
nets4.com/cdn-cgi/apps/head/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/eminer.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4768491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
BY6CAZDM09BG4BCW
x-amz-id-2
ehIXWVY/ZUF5Ooi83TSBV1+KlYYK1I/8tpZOmWF/sUwesuxopnAJy2SIiernsJLpc1vgoFVbpXM=
last-modified
Fri, 10 Dec 2021 11:06:12 GMT
server
cloudflare
etag
W/"e951628ea64bbeadb19c6d855ca98c7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ysa%2Fqct%2Bf%2FC6nwf1zAJorQngwpbdtWQAZwAdDZ6Queh%2FCl0Nwjo%2FOsxYHgJt8bVaEZrTY4QEk8KXgnb8zKiZOgN3Y11fHQHfPx6YMPXn4T46m7nWjpgW0amMi73dHOzxQcwpuqcptQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7KspX51u1Msx7FcOmJWweyW7FbGqzJNg
cf-ray
6ef669f5e8189061-FRA
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/ 		157 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/css/bootstrap.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1820140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17620
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-44d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GM2mhDLIut7%2FD5OxCTcfM84a2SjO6vRQvPTKPWg2Uhlfxui5b%2FD1bLobtEwhR4NMLBwnk0Tfg%2Fpe6psgmwLSqcXQyQeLp%2FuZWYFXWpA0pA0ilb7ijZi2%2B%2Fb8v4mUoehmzj81ydySTl7ZnN2NuJf%2FvwHv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f61eb06939-FRA
expires
Sat, 11 Mar 2023 11:40:38 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2036412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvIk8%2FoiMhUUiHcRP%2F2XPkmp%2FlI%2FaBVHDfhmq4%2FT4u5CDVM5Tee9jmt3zzxeC9ZECNgnSgqGBuMyTHMawXXImbkWbW3ouaLK65Aw1NsrKUSlqodZki%2BFGW4E8Lwtf26rqA1WosJzG0enTbGSHSoSAHFX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f61eb16939-FRA
expires
Sat, 11 Mar 2023 11:40:38 GMT
style.css
nets4.com/assets/css/ 		345 B
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nets4.com/assets/css/style.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/eminer.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Nov 2021 12:55:19 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"617fe3b7-1c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKShNyQRsjRchwUvl9D4mGgk%2B7lNXhW%2BRZ9Yrfadd0A9xQjkbLHZW4zH2bPYFt0EYk9wbr37O%2BUGrByDCZ3a%2Bo%2B5wREuqHc7yBeHiDmErDsnWND9Zk1AACNkKwQ2u4LoXSiGm0TTBzU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-polished
origSize=451
cf-ray
6ef669f5e81b9061-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
invisible.js
nets4.com/cdn-cgi/challenge-platform/h/b/scripts/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647860400
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
836bae9498e9db21675330bbb3fd34be2ad5b19fe20c751b2a7e83152db5e685

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/eminer.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52STlgxXI14FVMP9PVb2sd1KKxNZjH4t%2F2v5RncnihxVzksl%2BpxvH3IHVmybNnjJxnRdDNdpfGmkm%2BCGOYBvOECwUWFPa%2Fgg3%2Bxrbirk6AstUGY4YGzAKj%2BalBPU5GvHHiQrQIw8HWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ef669f6192c91ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Th69y9F.png
img.nets4.com/img/i.imgur.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/Th69y9F.png?w=120&h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4768346
cf-ray
6ef669f628799061-FRA
x-cache
MISS, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3395
x-served-by
cache-sea4480-SEA, cache-fra19175-FRA
server
cloudflare
x-timer
S1643094492.029969,VS0,VE283
etag
W/"6df89d86deba278d112332afb4bb100b1a6165842a7fdb7f78a5a70c7c7218aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FEWuYuxCr%2Fg%2FRbKN4SOsvYpsdA2bMjAD8ezHXbZqoONk6mLctN%2Bn3y4En7vWouP4Uial1bz7oh4Id9g0fhKWRDwmZvb0a%2FaRYQB0ut0y%2B6HtJTsNvAzkEO2aFcfJ8QS4iNV%2F7RMn%2FmulzaH"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Th69y9F.png>; rel="canonical"
access-control-expose-headers
*
58T3Wrl.png
img.nets4.com/img/i.imgur.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/58T3Wrl.png?w=20h=20&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4768346
cf-ray
6ef669f6287d9061-FRA
x-cache
MISS, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1117
x-served-by
cache-sea4474-SEA, cache-fra19183-FRA
server
cloudflare
x-timer
S1643094492.028983,VS0,VE1
etag
W/"86d32e1b83f7c87590ac6aad5f278dca67bb9675a7a7869ed47749c6cf91763d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=031gnMHe%2FP8BGKDsigWxqK2WAHoB3a4TqesngTXqlx5ieICrqTUe9JYfsPmoofN5xelhLZUXSn5kaj3PYWaDG0nwrYtGpE2aQraAHerXG%2B9i6DDnFdnC541rjgd0EKzXjWQ8CCsy%2FqPOIhKQ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/58T3Wrl.png>; rel="canonical"
access-control-expose-headers
*
leaflet.min.css
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4759100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2153
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:33 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e135-298f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMlBqt5Ld1EE%2FAVXppBMtdiJR7p73PBqueXQt%2F4LLnwsSdvg9FU7Zzmok748McRaL0dCMQPvIWAPH4idZJuEwfdEch1503uby6QxKapJZpJPP3juuNQSxLzMsdkTzQkQEjRVoZuSZzhN0P9P9Zo%2BJxom"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f689f992c5-FRA
expires
Sat, 11 Mar 2023 11:40:38 GMT
Zc4iwuj.png
img.nets4.com/img/i.imgur.com/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/Zc4iwuj.png?w=15h=15&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4768346
cf-ray
6ef669f678f09061-FRA
x-cache
MISS, MISS
x-cache-hits
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
814
x-served-by
cache-sea4422-SEA, cache-fra19147-FRA
server
cloudflare
x-timer
S1643094492.035927,VS0,VE269
etag
W/"ef5e715e8edc5303224592e859bd4f82e513e48ef6932a25dfb6f389dbaed4a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy4j6J4OpywR4GMQ86obhyjSBOFxcVYz6EEE6xPcesv83e6MDHyVB4whRbIZXStNlTwTDHD%2FvPvPxcRxkO5cbCEOHy%2BC8m6%2F0orE%2B1kRXR2YdUL94EQqZxq6x6%2BwWeVBrlYz29Zy0QfphloN"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/Zc4iwuj.png>; rel="canonical"
access-control-expose-headers
*
email-decode.min.js
nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/eminer.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 12:28:09 GMT
server
cloudflare
etag
W/"62332959-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFcBapdmbze9infUF20blx%2FvHFLXV9ABZz3Vx3KFIsdBbazIUpOIlYuUuyC4nWKrzW9vm7ofBvrsu9W%2FIGxF5%2BLIvcI64lhRQIVE5S4mlZRmeuVpf7H6yF%2Fyqd%2Fti%2B1p1PY20rOcPb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef669f75b8291ed-FRA
vary
Accept-Encoding
expires
Wed, 23 Mar 2022 11:40:38 GMT
rocket-loader.min.js
nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/eminer.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 12:28:09 GMT
server
cloudflare
etag
W/"62332959-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FsX2mSZg%2B%2F9t8gKdnfYOdwSA3Ph33NQ7QpD03B3SdgfzcKKkUbG2b0U4FWkUH%2Bn7euBTiLr1Omp0k9eLdL%2Fqrr8d6fQYM8VqGqcIMWf4YneHlAoIzxvUrApWWM9yVcQyJOkcLYarRg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ef669f75b8691ed-FRA
vary
Accept-Encoding
expires
Wed, 23 Mar 2022 11:40:38 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2039730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wh3EcpQYu%2BRMyNomlYuEso5dMs6GjCxi5hoDXfl4l6iizkgYz1k0lGgDR%2FvBEyXomuB7GWt6fXxyamOgLH2zymNhxd1scGkSRyT7v8C%2BS9lNbiV0Ti6yXpiwrGF5Q7eOhLJ2GoNxG%2Fgd6t4PzdjIP%2Fxx"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f80c1892c5-FRA
expires
Sat, 11 Mar 2023 11:40:39 GMT
W25b9ht.png
img.nets4.com/img/i.imgur.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/img/i.imgur.com/W25b9ht.png?w=40&h=40&f=auto
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4749397
cf-ray
6ef669f83d5891ed-FRA
x-cache
HIT, HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1574
x-served-by
cache-sea4420-SEA, cache-fra19178-FRA
server
cloudflare
x-timer
S1643113442.007739,VS0,VE1
etag
W/"ee80457266cef4b485c3668cbdd5f67e7ed204e94a46f041afd17fa27c93c945"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv9cvXRHqj7QEvP0Z79NqS2a1MaA2El9tBf%2FtiFlFbaUEoWiim0NyO9qV4dAcXYSOfTW%2Fw9lGsQBPARGbwsCFzgc3zOIaswgAaRa5Un3KJluc0ZunV6J6veEYw2rwk%2Ftt%2BjyiYk73sIP7tl3"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept, Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://img.nets4.com/image/W25b9ht.png>; rel="canonical"
access-control-expose-headers
*
7b14352f-543b-4f03-80f5-69bf2979765e.png
s0.nets4.com/s/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/s/7b14352f-543b-4f03-80f5-69bf2979765e.png?w=500
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
129d8ac5444c8d3b57b235122956eaa2866d7c3548c7e43fad08ada5087600a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63321
x-served-by
cache-sea4445-SEA
timing-allow-origin
*
server
cloudflare
etag
W/"e60c88fa21e42e65307eb958ba8d9bedc1561c9b126f102272068a703e777951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSTDwfgolzukGtdEsAE5604iEOA0m4lTLsDAKmipgllnJQvsU9CEaQThnON4QVPidwHwIz5pZCCRVeLsc5Mmq0DTqKiqIzBRMGts0u8%2Bb%2BLbSOkfhTdjZVEkCfsd82vdmAzpFIvynTe8OVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6ef669f84b8d9061-FRA
link
<https://urlscan.io/screenshots/7b14352f-543b-4f03-80f5-69bf2979765e.png>; rel="canonical"
access-control-expose-headers
*
eminer.app
img.nets4.com/favs/ 		768 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/eminer.app?size=32
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5976dbe797a12437bc9f8ac3b7df55f4ebe57b642e83d304ba5a5f5a041fe3d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
768
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 11:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DI6gLYghS3mGKdaxlnr5MycT0tAhOefRjAVBAWEESsyMir3X0wLceeFlPhxHrPMmyJEntUmW6vjuQqtXYhz10pyDuR2tAmfZ9gNxZcrufcaW8yD11MhZWEHLASUQPTkyNDTpoKujaSKKAk6V"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f83d5e91ed-FRA
eminer.app
img.nets4.com/favs/ 		423 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/eminer.app?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300df2b4fdd7daf4d9b291c810b0b4a881c8563ec7dff0695dd9b2d409f02ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
423
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 11:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCaKIAUrlpxuY85QjgtfRpGXg6DAAgYvBuK7N4wm%2BftUxhtcXPqmSgHf5gcX%2BHDXSUjuFFsC0EY%2BnS8Pa0ZqgCT2sHSs%2FqWXyaF98BoU7BIJbGYX9kgiYOIDWPSf8lmUOej1WO7DxogU8Lgo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f83d6491ed-FRA
backlinks-discovery-chart
s0.nets4.com/charts/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/charts/backlinks-discovery-chart?d=eminer.app&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1cd3feadbea9256e5be2495f1f8bc3af7f80eb0dfa1c86e2b4719d27c61d5bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33068
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PC77IgXyHSCFz8P%2BNHqeLpIB9o0gt05DIlWZE5%2BYxaf1tp86KmyI0nJ8xMH652PXdlgSVk16Iic%2F%2F5lwhTRXoWHv2QX%2BDT4OvqzD1lsxmg857A07a06lS0VEIuC3J1sJTaKf2XCs3Z4%2FRo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6ef669f87bd19061-FRA
expires
Mon, 28 Mar 2022 11:40:39 GMT
referring-domains-discovery
s0.nets4.com/charts/ 		31 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.nets4.com/charts/referring-domains-discovery?d=eminer.app&w=400&h=200&entries=12&ctype=2
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354250586e7d9cc8bf4ec0d55891b23913ad970f1ad32139d3b71fed215737ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://docs.google.com https://*.googleusercontent.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://docs.google.com
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' analytics.majesticseo.com analytics.majestic.com info.majestic.com https://www.googletagmanager.com www.google-analytics.com https://www.googleadservices.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://platform.twitter.com/;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;font-src 'none';object-src 'none';media-src 'none';frame-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;child-src www.openstreetmap.org www.youtube.com https://www.google.com/recaptcha/ https://platform.twitter.com/ https://syndication.twitter.com/;frame-ancestors https://docs.google.com https://*.googleusercontent.com;report-uri /csp/report
content-disposition
filename=BacklinkHistoryChart.png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32113
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
ALLOW-FROM https://docs.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Language, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rp29i7x%2BMw3Fpr9cColPj1dCdh9pwTJs7KlOxR%2BRvGWyHre5HO5Uw70yERBjAU5ZT9j6lgP0jJxSAJoKb9bw7H2riZ0UmC9z6CUdqfH2%2Fe2fBCUJ%2FAycCwHzqkNkQeLgDSMBxV3TKUXhMhc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
content-security-policy
frame-ancestors https://docs.google.com https://*.googleusercontent.com;
accept-ranges
bytes
cf-ray
6ef669f87bd39061-FRA
expires
Mon, 28 Mar 2022 11:40:39 GMT
easyessentialoils.co
img.nets4.com/favs/ 		324 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/easyessentialoils.co?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61f006e862de7376ac64823e987c351c10f6cc9fd1cfa8dad4780f47b477a8d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
324
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 11:40:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1s5zYLooXQWrHRVWi%2BNnheItw6bf4vZyXat9s%2BXmDW3CzhhCWT1Gm%2BD9R1gn03LLuOJJ9ZSuJI7XB5CcxEo5CqHTnsdDgDUtp7BmOMqxwI9wOky1dM81Pf3juz%2BTiwRV4SCINU%2BFWrPLbUz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f86db191ed-FRA
cuan88.net
img.nets4.com/favs/ 		831 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/cuan88.net?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16987e09d4faefed37d4634ba988a44ce14f9367ebe966833fed43e7ab6943f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
831
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 11:40:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJc0%2FyNZnmvZ5HMdGOiZh6vGD3i4S2V%2FFnzvJTQmTiAe54pzTWLbg%2BMKm4Rk0Rbr0bpZJW%2Fl8yMoPLzbypgJa39JETYm323vxfPIUb0V0Y1IIzHDmGk%2BU7Z%2F1YggzceX278hqnuV7qiNj8xh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dba91ed-FRA
vt4.cn
img.nets4.com/favs/ 		70 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/vt4.cn?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2700
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 10:55:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz9hE4zFEUNhk9po8SmX6xzGADM4i31TpvuAONWO2dxB1MafdYGP%2Ba1blS6eoyNmZj0YobYuKGpqQfwLrG18LKlZl37lqaoC7qnnA%2FzdLxi5XPP%2BwdXhZ%2FCSichK3CQxiEaJmVdkpubyftmu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dbd91ed-FRA
rom.org
img.nets4.com/favs/ 		70 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/rom.org?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 10:44:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fchdZlhR5tX7XkuR%2FJLddaHILnwLh2Hi6JhClQMPGs9rUW%2BjykQs9hi47ZcF4A5cKbqP0mt22u%2BEpBF71fM%2FcPIyGEOiFsA0jqwFUXaXxSnRgeClnuAjTGZW%2FDiMbzcpmJhzqrHWgxw%2FE47D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dc191ed-FRA
webhostingwhois.com
img.nets4.com/favs/ 		416 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/webhostingwhois.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9edc4098c6c3d05ddef466d5fb2ae4bc9e917c58c3e419de40945455b720dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
416
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 11:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INdc1HKEmi%2BzhRPs0W4TsS8%2BacoxA3qyc7JCFgaW3wVVF8lIwodNilSGHK06pBD5bgDIWQmYe2bmgN0Sa4bhY6XW0X%2F9PNq3ANdoy5qCNsI%2BlGlHwQ4TuofB%2FY06UpFhTHVZZvNu4bNbNvV1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dc391ed-FRA
g-education.com
img.nets4.com/favs/ 		555 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/g-education.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065fd7bf5982c6caca5f042871f953f9a4d6ec1598a53ec6690792a4c33bd9d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
555
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 11:40:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnwkg%2FmmMwCmTLTiwCycYtd5%2BGPFFRrtfALrgmoxdtXdB92svRvI6hg2HKKTizLwWMX7AP9ZLpQDgN%2Ff6dx9uvygDLQC7PPo2zrwtDmF3mFPymIGzeS2s%2FfUjZWWCAJXFHDiqvbe84tO3EoJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dc491ed-FRA
fmoviesgo.to
img.nets4.com/favs/ 		464 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/fmoviesgo.to?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3e76cc73aef3839907d88e63bcc89373746b5639e6563e03886f27ad9d708f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6604
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
464
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 09:50:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awmt4%2FJ0YdX7kTrkrTSHcVUJg7o46xOBG91r%2FP1sGE3g%2FZWCoC4EW76W2HJdkbANoyAPZBTPofrzKVDtMJuBYuo6UX889Z07agZj5JsEJOLmqHCKYtYP9bs%2BDvtZVyo%2F9CPAjFU13Ge%2FUi5J"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dc591ed-FRA
luhua.cn
img.nets4.com/favs/ 		70 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/luhua.cn?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6604
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 09:50:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft3%2FnASP%2F%2Bx%2FJCPd%2FJtvQh30xJ%2BuA190c4WqN914Ut7lW1YDnGNP3YUY7V%2FKgwFP4%2FbBcW2drfH2p1%2FIooqMD3byu0D8QNnW1%2Fa6H8MaQHq7Bssm1wIZoJHYDtrBxUqyl9wsv06goMag9rzg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dc791ed-FRA
serviciopyme.com
img.nets4.com/favs/ 		605 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/serviciopyme.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d115d2b09aa07cc6ba7bec52861c6699d021420e2a9d4a6e1077f639b7d178b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
605
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 11:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIzMSRJBPOXPms8m9HOBpUZiiDSu9vO2HyZkDSw03zflttj68qMs497H%2FCzyfkg2V4wFZNrf2vUuKMdjIYENLnY1iB7y8zyLLIsehhxynwD39a3Hn8K%2B13iLh1%2F0x82imSfzs7zXgCcIoRPR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dc991ed-FRA
bethebird.com
img.nets4.com/favs/ 		422 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.nets4.com/favs/bethebird.com?size=16
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e24eb7a4642d3f2f44d92d0fee0e2aca88ff4a66970bd7144fdb6a04077754fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
422
x-xss-protection
1; mode=block
last-modified
Mon, 21 Mar 2022 11:40:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U%2BQXYBBfjaMD5rtCDftxJV1NzQlhv%2BKgR4MpusZ0Qxk9r%2BouThAI1lsFGiai2k6KP0ty9xAs9WWk8IolQ19Ui8yYQqpdBe5Lf%2BTxYds%2B0YDBhM%2FP%2FmiO9kzn8OSArPmGvJtSArIXEaw%2BSC%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
6ef669f87dcd91ed-FRA
eminer.app
nets4.com/domain/ 		15 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nets4.com/domain/eminer.app
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://nets4.com/domain/eminer.app
ts-request-embed-key
d998f13e-a7e0-4e9f-9c20-855ceaecea6a:a74816a4d0d64de5741f9bc3e86c7293bbef4c03f66b1e763ed6886ded5381cf
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cadtrIgUQQZx0oz7DGpcGlFIiPkYMoSQJUJQHxAHNXyrcKUPMxphNGwqC81gkY88AMVEs6XOS5veFYCjVKTDz0mjWsFjzHuZiG6TRZ5fTFlngO%2BSMxXf3fl0mdUU6GwTy7FOQ6gazo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store
cf-ray
6ef669f87dd291ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
leaflet.js
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
65164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35659
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-22a75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQkI5XVX0go6uQMxI3ORaaHujFQF2VitUKZTRsXp4TrksI3d7mdavJ9D%2BAdVrFFF6YYJvewKC89C5BMLdytZXdpx7xJ0gkFhMmaxPMYrNPgKh5MDCCU%2BNmJIwc3wXhsVqVPr1S3oc7aD7qNIKfmduCax"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f87cc992c5-FRA
expires
Sat, 11 Mar 2023 11:40:39 GMT
agent.js
cdn.purpleads.io/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-40.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 21:51:32 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 09:36:51 GMT
server
AmazonS3
age
49748
etag
"6b17cf687f43a8f73178a58f89d7d60e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10487
x-amz-cf-id
aIdV1R_70B9ZIWeT2O2En4aKWYMvhzOEobaYol2gTBI4EaU5KDebxA==
sharebutton.js
nets4.com/assets/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/assets/js/sharebutton.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/eminer.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
712
cf-polished
origSize=120806
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 03 Jul 2021 07:08:27 GMT
server
cloudflare
etag
W/"60e00ceb-1d7e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgFNrwvDYVBlFaYjIBug7YS35pCLh3beD6fxIqZ2BuI7iiBZNuz7yvcildTZltU1ZOrDzek6E3BCrAb6sNTuBy9iY4ltwjhAw3Dla9bPM1mbd84Zx%2Bv1DAkszcpzskWmR7REVUEVZuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
6ef669f88dea91ed-FRA
cf-bgj
minify
load.js
cdn.purpleads.io/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-40.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 03:57:19 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 10:12:20 GMT
server
AmazonS3
age
27801
etag
"46df8e234dd4307137411d6b4887edad"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6702
x-amz-cf-id
c4BWIZB3P5-p1y8wjn0LsDtK4ZrB_qvVVDwJ98kcZ6OC6Rix7UUn5g==
api.js
www.google.com/recaptcha/ 		850 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
32a97e6497cd6c3a611286892f51f127409221715c0cb3f2795f8c480bc76de4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Mon, 21 Mar 2022 11:40:39 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
571597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13102
timing-allow-origin
*
last-modified
Tue, 20 Jul 2021 01:00:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60f6203f-332e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6gNz7nTFQtqu1dqg6m1l64g0oWQfEeq0yS%2B2ImevJe4cCwMMoswSrvCY23xia5O0pHyDEcl7BMwXYnEpasGcVjsqHK8bVv319vG39oVT5yetAbnuyL45LoDGwGSJpceFch9oVrfr5H9lobByFJT5ODq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f89b249a2a-FRA
expires
Sat, 11 Mar 2023 11:40:39 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.0/umd/popper.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2142806
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6107
timing-allow-origin
*
last-modified
Thu, 02 Sep 2021 17:01:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61310375-17db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agmsu0l2kAvhOffVFcqMr%2FgvgQygjaHEWulGtHnwMthaZNjWrUFfxQ0CEkb9nm2h2xgKgRGFe2NIogDXHVOioWKFD4miV%2BDYfZz4F74AN%2BS2LElj%2Fz4IICBHnrzvZymI4CNasVU%2FxTvhany2IZ1pmIvc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f89b279a2a-FRA
expires
Sat, 11 Mar 2023 11:40:39 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2738489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCPG6XvHRjlSBOzfx%2FVcCt7Pcs2Tk8eDVi7xEujEAO1vGxNrCHd8wU8lVZq43AnlZNW5F1Ap%2FafMdM3lOC282%2FzPg8HDzCTnFruic7i5vWRhwmI5fcRwD4JcR8KoTx6zj2umJGUK4h9hL1zJVnLl5XnN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f89b289a2a-FRA
expires
Sat, 11 Mar 2023 11:40:39 GMT
beacon.min.js
static.cloudflareinsights.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/apps/head/awkqrI1qzYcE0gTfW6uXyLl_1bA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6ef669f8cc9e9b58-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
349
date
Mon, 21 Mar 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 21 Mar 2022 13:34:50 GMT
s.js
nets4.com/cdn-cgi/zaraz/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyRW1pbmVyLmFwcCUyMC0lMjBFTWluZXIlMjAtJTIwQXV0b21hdGljJTIwTGVhZHMlMjBNaW5pbmclMjIlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRm5ldHM0LmNvbSUyRmRvbWFpbiUyRmVtaW5lci5hcHAlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlN0Q=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81da1c2333ea18b9649d21dd0dbb2a09141d43d18ef3e2eea1157f3e56d6277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/eminer.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://nets4.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9K0X%2Fy5ET6J%2Bs2PFz6JiHJk0DKHI8dHDlgIVPIkHhRip%2ByywlfM6y1zzrxvSSZz7xjt6OgAVKb97hjiaxZA1e1pr1sGxezk7eEBv%2B9shGJlaGYtGNT76mCd8HEcFYDknJep%2BLyA4fw%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
600
access-control-allow-credentials
true
cf-ray
6ef669f88dec91ed-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3041759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
timing-allow-origin
*
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-12bc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCIcRqQY30OS1UaWBO2y72SgN0K8OIuMzGCHWwj8Iw0Cwe6xIrKnbydZHUVxmPvjwSKM7miVz%2BpbMHbh9Iyvus%2BRQ5vRA6m1lVqYyYiV3LghvlKGbWAZC45JXJvoELhZbCeMr%2F5EW2oOEA9ch3EkqYve"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669f88cd692c5-FRA
expires
Sat, 11 Mar 2023 11:40:39 GMT
pica.js
nets4.com/cdn-cgi/challenge-platform/h/b/scripts/ 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8420c38c95a7d59c6438466cb6796daff1f607aef1ba95a153aa22459839286

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/domain/eminer.app
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34yq2dH1JVmJ8m261N%2By0gZ0w7rMf%2Fgz7UCI2qYZPIQ4zymadoZUlaekA5P40zPgs%2FBR9AjyywyEDQwlBMOJw%2FN0WovrfargELpqhhxpPVkcB%2FmsBOmBbBlIS5fYmAGaJPpAid5h%2FXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6ef669f8ae3791ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
550j6zn5gn
www.clarity.ms/tag/ 		730 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/550j6zn5gn
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1846 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5ad4775e1fe1f79812db4a03e8a5385a2b542639587bbadfed3f6fe83752f8b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:38 GMT
x-powered-by
ASP.NET
x-azure-ref
0N2Q4YgAAAAA93Edso3zES6JtVv2AYvhpTVVDMzBFREdFMDMxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
content-length
730
expires
-1
6ef669f189e59061
nets4.com/cdn-cgi/challenge-platform/h/b/cv/result/ 		2 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nets4.com/cdn-cgi/challenge-platform/h/b/cv/result/6ef669f189e59061
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1647860400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://nets4.com/domain/eminer.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ef669fa89b191ed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZJbx66RLoNfGRxBmXX4ob56gzHHJtqrEiXhduxSINxwLVOfOletCG5Oy3Sjvf%2FqfzqQ8NUfXQWeng9SoLfESHbxyQIXMELp7QtNf9UPKjbqdb5z4q2oxyNLiKFbwIqaDpPHwV5e0sA%3D"}],"group":"cf-nel","max_age":604800}
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=947731333&t=pageview&_s=1&dl=https%3A%2F%2Fnets4.com%2Fdomain%2Feminer.app&ul=en-us&de=UTF-8&dt=Eminer.app%20-%20EMiner%20-%20Automatic%20Leads%20Mining&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1175661146&gjid=66415099&cid=688344210.1647862839&tid=UA-123511935-10&_gid=1407191915.1647862839&_r=1&_slc=1&z=1310593190
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nets4.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
j.clarity.ms/s/0.6.32/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/550j6zn5gn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
etag
"1d839f818e84f90"
last-modified
Thu, 17 Mar 2022 12:11:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
/
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1647862839914
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
46c99570-e6f8-4648-b50f-7a8bc5bc149f
/
api.purpleads.io/x/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/?ts=1647862839914
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
c2885456121d4d87bd6653a7f2d2415f26a51dd05ff983b9ed37977752a8f8a4

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
etag
W/"117d-RlHYqec07OSFuTSFRQa8NWYhRM4"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
47c59a1e-d03c-4f91-8a3e-ee7c13d42338
agent.js
cdn.purpleads.io/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Requested by
Host: nets4.com
URL: https://nets4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-40.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 21:51:32 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 09:36:51 GMT
server
AmazonS3
age
49748
etag
"6b17cf687f43a8f73178a58f89d7d60e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10487
x-amz-cf-id
ilgNUKIfKwFPpUZHzeFUfytny7TrfkYqwc0mrkJbCAudjS0VJX-rJw==
sm.22.html
static.addtoany.com/menu/ Frame 6806 		278 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.22.html
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-type
text/html; charset=utf-8
via
e3s
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified
Tue, 28 Sep 2021 21:02:23 GMT
etag
W/"116-5cd1487afaaea"
cache-control
max-age=315360000, immutable
vary
Accept-Encoding
cf-cache-status
HIT
age
2339877
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6ef669fdac6f91db-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1647862839950
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
3ac17df6-58eb-4ec2-8d46-2317caf1bfde
init
api.purpleads.io/x/ 		68 B
358 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1647862839950
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
etag
W/"44-Pm5SJt3t2KI5gMvsRd3GV+dxT2U"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
content-length
68
x-request-id
aadc0347-0eb4-4d57-811e-84a43c913f2f
marker-icon.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-icon.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/leaflet.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1820033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1470
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-5ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZHTNIOO%2BXMn1AJiFkLKYBq0nfFYMiTiY6ZqEnd%2B9yatK4TTFkDX7J0i6RNuleFmjny3TLsIkC%2F09411an7Of5omJOm3w9U1P9Ld733WAotA6tAclulcuMMBcuqxfZGoq4mqJOqdLnXh2M%2BX5GzqdHlC"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669fde9a49a2a-FRA
expires
Sat, 11 Mar 2023 11:40:39 GMT
2.png
a.tile.openstreetmap.org/3/1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/1/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"cb5643e63f3bc4f3e5c38d2017293c13"
age
302088
x-cache
HIT
x-cache-hits
161
content-length
8528
x-served-by
cache-hhn4075-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647862840.301871,VS0,VE0
date
Mon, 21 Mar 2022 11:40:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=329213, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 19:12:45 GMT
2.png
b.tile.openstreetmap.org/3/2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.tile.openstreetmap.org/3/2/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c7b1ee252c1accd2fea964a71de354de"
age
296637
x-cache
HIT
x-cache-hits
316
content-length
11092
x-served-by
cache-hhn4020-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647862840.296077,VS0,VE0
date
Mon, 21 Mar 2022 11:40:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=330995, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 21:13:17 GMT
3.png
b.tile.openstreetmap.org/3/1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.tile.openstreetmap.org/3/1/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"bc52a0f704ebee39a8cb5a58715363ce"
age
74463
x-cache
HIT
x-cache-hits
255
content-length
3910
x-served-by
cache-hhn4020-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647862840.296136,VS0,VE0
date
Mon, 21 Mar 2022 11:40:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=314314, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sun, 20 Mar 2022 14:59:34 GMT
3.png
c.tile.openstreetmap.org/3/2/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/2/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"7c25652ac6639939d717ee7de6a8d342"
age
303110
x-cache
HIT
x-cache-hits
754
content-length
5621
x-served-by
cache-hhn4080-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647862840.299462,VS0,VE0
date
Mon, 21 Mar 2022 11:40:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=334588, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 20:25:18 GMT
2.png
c.tile.openstreetmap.org/3/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/0/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"a97b0ae3a1c931b59d9503c0fb773d21"
age
297978
x-cache
HIT
x-cache-hits
176
content-length
4699
x-served-by
cache-hhn4080-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647862840.299532,VS0,VE0
date
Mon, 21 Mar 2022 11:40:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=338513, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 22:56:14 GMT
2.png
c.tile.openstreetmap.org/3/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tile.openstreetmap.org/3/3/2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"9a69d3f3c4dff9f5588aaa850c1c6140"
age
71698
x-cache
HIT
x-cache-hits
1052
content-length
4828
x-served-by
cache-hhn4080-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647862840.299579,VS0,VE0
date
Mon, 21 Mar 2022 11:40:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=314056, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sun, 20 Mar 2022 15:45:40 GMT
3.png
a.tile.openstreetmap.org/3/0/ 		249 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/0/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"07a14efdf923d78dad7320032b8d412c"
age
298072
x-cache
HIT
x-cache-hits
114
content-length
249
x-served-by
cache-hhn4075-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647862840.301958,VS0,VE0
date
Mon, 21 Mar 2022 11:40:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
odin.openstreetmap.org
cache-control
max-age=332277, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Mon, 21 Mar 2022 21:10:45 GMT
3.png
a.tile.openstreetmap.org/3/3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tile.openstreetmap.org/3/3/3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish
etag
"c947e22ac6e5f0475ad3445622a32d51"
age
74939
x-cache
HIT
x-cache-hits
1070
content-length
4834
x-served-by
cache-hhn4075-HHN
server
Apache/2.4.41 (Ubuntu)
x-timer
S1647862840.301996,VS0,VE0
date
Mon, 21 Mar 2022 11:40:40 GMT
expect-ct
max-age=0
content-type
image/png
access-control-allow-origin
*
x-tilerender
nidhogg.openstreetmap.org
cache-control
max-age=314802, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
expires
Sun, 20 Mar 2022 14:51:39 GMT
marker-shadow.png
cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/ 		618 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.7.1/images/marker-shadow.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1684090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
622
timing-allow-origin
*
last-modified
Thu, 03 Sep 2020 12:27:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f50e115-26a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvzmpZWP9Me6hijlEu8d6o4kQ5G0a5HpwstEBgLSmEHFrfbzd%2FYYLizy4bzrPAktydL790WrsY%2BsgIyQQfLg%2B5MQmGoL1Ha97Gw3Mdum3XzQiN%2FX57q73XoCaO0YZUwylOMJ3tFhB3k%2FYSzVWnGBXaaD"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef669fe19fa9a2a-FRA
expires
Sat, 11 Mar 2023 11:40:40 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=BFEED5A676984728B807CADC30739DA1&RedC=c.clarity.ms&MXFR=3FC1B33860EB60972728A25664EB6E28
  • https://c.clarity.ms/c.gif?CtsSyncId=BFEED5A676984728B807CADC30739DA1&MUID=28C4BE0A7C3C6B262D67AF647DEE6ADE
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=BFEED5A676984728B807CADC30739DA1&MUID=28C4BE0A7C3C6B262D67AF647DEE6ADE
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:39 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E0946C752CC94F0EB45B73360763F83E Ref B: FRAEDGE1315 Ref C: 2022-03-21T11:40:40Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=BFEED5A676984728B807CADC30739DA1&MUID=28C4BE0A7C3C6B262D67AF647DEE6ADE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
icons.29.svg.js
static.addtoany.com/menu/svg/ 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: nets4.com
URL: https://nets4.com/assets/js/sharebutton.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
1803598
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
6ef669ffd990913a-FRA
cf-bgj
minify
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 		360 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nets4.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 11:38:57 GMT
collect
j.clarity.ms/ 		0
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:40 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
rum
cloudflareinsights.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6ef669fffec36925-FRA
vary
Origin
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=87a6c221-1da3-40a5-b5da-96915c8c947c&ts=1647862840167
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
711ebe8c725a2944bf95e92c7e939b6723df6efe1b6923e0353c29b355f2df2f

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
etag
W/"232c-9LSes4Zh3lZnSUsIJlngLHA0Ssw"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
3ebe5a7e-d559-460d-b66b-3169ecd040fb
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=853a9bc4-c768-4b9c-a4d0-cdea1b02cc87&ts=1647862840167
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
d7e9eb19d45155e233a826620d29f729101625bbf965484c25008bd72d996846

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
etag
W/"2294-WPasbcaR2aq6U7wO6qH1KEfSA3E"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
e1698004-9299-4279-89e1-6b07a1aa47a7
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=848e15c6-9786-401b-9cab-5788e6e774cd&ts=1647862840168
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
de7e81afabff7b3149ffcf6e174b4f91be625d6816204f265233951797c4d352

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
etag
W/"232c-FVEdEavn8cU994Jfru1FB+VhQzc"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
c26f5ce9-c43a-4963-abf7-a9ec942fec85
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=49018087-5cd3-4a28-a6d1-ce5d99bd1587&ts=1647862840168
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
8b098d6fdce955fd509d960d01a9e2bd6eb1e1a374d808ceebb95fa2bcda3029

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
etag
W/"232c-hJNjsds7vcpp/Ze7q0MLA826j18"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
a1ba9f6f-4902-4d52-8498-1f6ace0453f0
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=2742c73e-a6d4-4e33-9407-40477695ee75&ts=1647862840168
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e488f59eb48880c37d0c071f011eb19d1df68b5de804e20797dffb0c0fa7e439

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
etag
W/"2283-xf1Sda5zoAjpNTrVJyU/w/291TY"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
0ae4c915-0435-4ccc-8a02-7b59e2414f60
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-type
text/plain
access-control-allow-origin
https://nets4.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
6ef669ffde876925-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=87a6c221-1da3-40a5-b5da-96915c8c947c&ts=1647862840167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
bc954567-51ad-450e-974a-da55ada3edd5
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=853a9bc4-c768-4b9c-a4d0-cdea1b02cc87&ts=1647862840167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
b59e151f-673e-4ed3-9f8a-951dc9c5f4cf
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=848e15c6-9786-401b-9cab-5788e6e774cd&ts=1647862840168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
72e8a633-cc74-4f23-88e0-bc4ac1d8715e
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=49018087-5cd3-4a28-a6d1-ce5d99bd1587&ts=1647862840168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
327c36a3-93c7-46c8-a78d-946042edd283
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[160,600],[120,600],[200,200],[250,250]]&slotid=2742c73e-a6d4-4e33-9407-40477695ee75&ts=1647862840168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
3d281fad-c4db-415a-94a1-e7572e13c0de
anchor
www.google.com/recaptcha/api2/ Frame FCC9 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=avnjuj7hje9l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3c03c1806aaf39197764436ff012cb0828851863170e7928a49e8e3f40097e62
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VErwJsMitgIjjCFPTMUN+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 21 Mar 2022 11:40:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-VErwJsMitgIjjCFPTMUN+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22649
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame FCC9 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=avnjuj7hje9l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 11:38:58 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame FCC9 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=avnjuj7hje9l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 11:38:57 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3A24 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4964deabbe43777aca99c7e19c2908ab9b14723b346a22aa42ed06830bce2635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27829
x-xss-protection
0
server
sffe
etag
"1164 / 503 of 1000 / last-modified: 1647861046"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:40:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9EB8 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
69c0a8d5284b247bd724d3c3742bdb8d61c5cd8cc5df7fe1144679ec3531d7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27819
x-xss-protection
0
server
sffe
etag
"1164 / 885 of 1000 / last-modified: 1647861146"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:40:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7018 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
c0424bf17c093260bb3019ccb6e24448532bcbf6b96aea97c039058af67bce54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27829
x-xss-protection
0
server
sffe
etag
"1164 / 838 of 1000 / last-modified: 1647861146"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:40:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8576 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
a4654e7e10214b521a74dfa0ba9de3b97190c8769245452b4393bd628a36661d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27820
x-xss-protection
0
server
sffe
etag
"1164 / 220 of 1000 / last-modified: 1647861146"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:40:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0C97 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
1415e79e90a9d44842a47430fbf3be51f06c4d44d3f1dbf548f7adca3a0a6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27791
x-xss-protection
0
server
sffe
etag
"1164 / 406 of 1000 / last-modified: 1647861146"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:40:40 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame FCC9 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=avnjuj7hje9l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD&co=aHR0cHM6Ly9uZXRzNC5jb206NDQz&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=avnjuj7hje9l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 21 Mar 2022 11:40:40 GMT
bframe
www.google.com/recaptcha/api2/ Frame 30EA 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7a47ad3ec622ef014b2417c3e084660e37c71e38d44b44e6529086a3c08c294
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-udiAiUcqmZO9a+rtNnvDdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 21 Mar 2022 11:40:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-udiAiUcqmZO9a+rtNnvDdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1111
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 3A24 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 11:33:57 GMT
pubads_impl_2022030901.js
securepubads.g.doubleclick.net/gpt/ Frame 0C97 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123713
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 09:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 11:19:30 GMT
pubads_impl_2022031501.js
securepubads.g.doubleclick.net/gpt/ Frame 9EB8 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 14:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126660
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 08:35:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 20 Mar 2023 14:23:37 GMT
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame 7018 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 11:18:47 GMT
pubads_impl_2022031501.js
securepubads.g.doubleclick.net/gpt/ Frame 8576 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126660
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 08:35:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 10:48:38 GMT
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:41 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 30EA 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 11:38:58 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 30EA 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdBUMUZAAAAAK9sWAfAA-Kd5C0Y4AGlWbDlHXpD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145350
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 04:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 11:38:57 GMT
integrator.js
adservice.google.de/adsid/ Frame 7018 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7018 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7018 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3442312406334637&correlator=2307945168843879&eid=31065672%2C31063246%2C31065657&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=1944610241&sfv=1-0-38&ecs=20220321&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647862841296&dlt=1647862840807&idt=466&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=507&oid=2&ucis=8qav4u3rprnc&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Feminer.app&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=688344210.1647862839&ga_sid=1647862841&ga_hid=1264640585&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1ceb05f5f74e286cca62b90b21a91368222e900ddd0357df6b1d5d88ba618440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9848
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7018 		13 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
056579895d708974dbf56de4ce37da8762ee657fdfb0544a342cb0a405fcda34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10329
x-xss-protection
0
container.html
81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 13D7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 3A24 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3A24 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3A24 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4007856695887032&correlator=1553298829695548&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220321&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647862841345&dlt=1647862840754&idt=569&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=1350&oid=2&ucis=iw1vwh2dlpbm&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Feminer.app&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=688344210.1647862839&ga_sid=1647862841&ga_hid=9061067&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
23b98bc774ec832603abe91bba58e4eeb33660e208bf8b623d5ca4c81b258b2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8943
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3A24 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbfb5b3502c0b7d66a6dcec87db859e7a08f9eb601093d610fa17b92d4b7f587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10435
x-xss-protection
0
container.html
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3675 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ Frame 9EB8 		22 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3417211512221841&correlator=1614689798485866&eid=31060438%2C31065673&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=1944610241&sfv=1-0-38&ecs=20220321&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647862841390&dlt=1647862840791&idt=574&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=1855&oid=2&ucis=qcwwmefitqhq&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Feminer.app&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=688344210.1647862839&ga_sid=1647862841&ga_hid=1574507835&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
6d863e02e4dba282053a441dbc266f4f25fcad271a974cd3c464b162b46f07b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9EB8 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f83a93fc84060cd64a1ffdae24119f3395f51f54e1b82ad07bea31a73166765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10449
x-xss-protection
0
container.html
035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 046D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 8576 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8576 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8576 		518 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2207901815628976&correlator=3154848868549868&eid=31063377%2C31065690&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=1944610241&sfv=1-0-38&ecs=20220321&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647862841435&dlt=1647862840821&idt=588&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=4778&oid=2&ucis=z520x81jbm46&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Feminer.app&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=688344210.1647862839&ga_sid=1647862841&ga_hid=1981626268&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4e44c88ea55c8d17867c766ddfcb743cc879dda55999ba0ff9982c37ee5d9cc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8576 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
797da9d06297d00d2d867b3457f2165102f2da1cfb5388cc9a08e5441d4ac069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10561
x-xss-protection
0
container.html
6f3bb8c6a59dda0a6715cd9ba37a37b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D401 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6f3bb8c6a59dda0a6715cd9ba37a37b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 0C97 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0C97 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0C97 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2160141634947513&correlator=4255860512957187&eid=31064905%2C31065681%2C31065728%2C31065658&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600%7C200x200%7C250x250&ifi=1&adks=113378651&sfv=1-0-38&ecs=20220321&fsapi=false&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1647862841484&dlt=1647862840834&idt=621&biw=1600&bih=1200&isw=160&ish=600&oid=2&adxs=1148&adys=1298&ucis=8jmmrhdw2wut&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Feminer.app&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x0&msz=160x0&fws=256&ohw=0&ea=0&ga_vid=688344210.1647862839&ga_sid=1647862841&ga_hid=332840623&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5c34b3b59e11b70ed4bfc261aef303c82a5a9709636dd60fb29106f1fc405aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8890
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0C97 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2bc8cfbf80f6a8f18a4eebffa392003613a70bd924d7b8d323ac3313781572f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10539
x-xss-protection
0
container.html
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C06 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7018 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3A24 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9EB8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8576 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065690
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0C97 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
container.html
81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E462 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/a91bbaac24cba3b90dcc9b06b7d87f03:06a58cb1ddf220dea119d7def172721e0787b1fe3c8b8f1e1a34c6bdceb1c19291e12864036c672f1109d8fa3a004f19470ef0954fce22d5c01c1abd4e25ef8d222ad66e1277520... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/a91bbaac24cba3b90dcc9b06b7d87f03:06a58cb1ddf220dea119d7def172721e0787b1fe3c8b8f1e1a34c6bdceb1c19291e12864036c672f1109d8fa3a004f19470ef0954fce22d5c01c1abd4e25ef8d222ad66e127752069136340850f3de144d60dd946f467a60f741f3194e07c0c79a62f43d9816e887379c4007d9f7bf7db134dfc489652fd903e384d83ef2af116758dd4bde1b9cd3ea9d13c23b6809c77095bae15195834fe7d30cb0fda6924e/i?id=3ebe5a7e-d559-460d-b66b-3169ecd040fb&ts=1647862841607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
858e571b-0227-422a-938a-ecb02081e2b0
i
api.purpleads.io/x/a/a91bbaac24cba3b90dcc9b06b7d87f03:06a58cb1ddf220dea119d7def172721e0787b1fe3c8b8f1e1a34c6bdceb1c19291e12864036c672f1109d8fa3a004f19470ef0954fce22d5c01c1abd4e25ef8d222ad66e1277520... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/a91bbaac24cba3b90dcc9b06b7d87f03:06a58cb1ddf220dea119d7def172721e0787b1fe3c8b8f1e1a34c6bdceb1c19291e12864036c672f1109d8fa3a004f19470ef0954fce22d5c01c1abd4e25ef8d222ad66e127752069136340850f3de144d60dd946f467a60f741f3194e07c0c79a62f43d9816e887379c4007d9f7bf7db134dfc489652fd903e384d83ef2af116758dd4bde1b9cd3ea9d13c23b6809c77095bae15195834fe7d30cb0fda6924e/i?id=3ebe5a7e-d559-460d-b66b-3169ecd040fb&ts=1647862841607
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:41 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
bce4c55a-0eb8-45e9-802d-79d937969267
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 62C2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D59E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6fb5a0222f604b6096c3cf7c93e9d5fa47059e8c5d227735285e0863c63de31e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q/oNmI/c4kwCaHkbwZBT+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:40:41 GMT
date
Mon, 21 Mar 2022 11:40:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Q/oNmI/c4kwCaHkbwZBT+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A9FA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EE40 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f7ea54f9d61d984b5750bf54b282231b154b5649116a8df9eec82dfcb8eafeb7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/fWlF0mq6Zw51X2QipLMog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:40:41 GMT
date
Mon, 21 Mar 2022 11:40:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-/fWlF0mq6Zw51X2QipLMog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF2C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9E10 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d75e52b4da9ad1860a394aa703089360cc41d85577c709ab8cec30f9d6c64615
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V+k6t8R4Ob540AydV5VKtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:40:41 GMT
date
Mon, 21 Mar 2022 11:40:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-V+k6t8R4Ob540AydV5VKtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85CC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/e6e8d3a47f23666e87f085accbb76fec:d74365521129ea40a8b5367e28377e0773ce2ee65da82807b08e670732a9ed69f5365f146ccda85116caa4ff5a047a23263a535695efb05c7e3fa71d4582ba1adba7c4c48345a45... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/e6e8d3a47f23666e87f085accbb76fec:d74365521129ea40a8b5367e28377e0773ce2ee65da82807b08e670732a9ed69f5365f146ccda85116caa4ff5a047a23263a535695efb05c7e3fa71d4582ba1adba7c4c48345a45c8e43608efed0cf1064a53fed3cad3546aebd496345cc8b10391d90d266f4c459f4aeda096313b99ee73596583e991db6d8f85227355a920f57276b4bd5f5c767bf5d08ccc151fe60ca816feb5e4815e152f797fb483ff10f/i?id=c26f5ce9-c43a-4963-abf7-a9ec942fec85&ts=1647862841686
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
4eda53f1-8306-480b-8ac9-746891b31851
i
api.purpleads.io/x/a/e6e8d3a47f23666e87f085accbb76fec:d74365521129ea40a8b5367e28377e0773ce2ee65da82807b08e670732a9ed69f5365f146ccda85116caa4ff5a047a23263a535695efb05c7e3fa71d4582ba1adba7c4c48345a45... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/e6e8d3a47f23666e87f085accbb76fec:d74365521129ea40a8b5367e28377e0773ce2ee65da82807b08e670732a9ed69f5365f146ccda85116caa4ff5a047a23263a535695efb05c7e3fa71d4582ba1adba7c4c48345a45c8e43608efed0cf1064a53fed3cad3546aebd496345cc8b10391d90d266f4c459f4aeda096313b99ee73596583e991db6d8f85227355a920f57276b4bd5f5c767bf5d08ccc151fe60ca816feb5e4815e152f797fb483ff10f/i?id=c26f5ce9-c43a-4963-abf7-a9ec942fec85&ts=1647862841686
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:41 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
00b45265-6319-4f68-9492-8e4aa83f259b
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64C8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4331 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ce39ef00d17505611658006a2744c5693bcd76caebdf3802599775eb4163cb05
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u7TBkOPYqsm+5qQ+mLdjYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:40:41 GMT
date
Mon, 21 Mar 2022 11:40:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-u7TBkOPYqsm+5qQ+mLdjYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1EAE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/40721309cfb6706eb191bccf81dff478:c117f71b5e57fe4f94080ab01f5b9167d321fa861843ffaceba8ec5c05bc744a3b48cabfd15a0ff20bece326fe6c324d3b888929d8ff5d7b49fd46ca322d3af92b68f4c2d462fb4... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/40721309cfb6706eb191bccf81dff478:c117f71b5e57fe4f94080ab01f5b9167d321fa861843ffaceba8ec5c05bc744a3b48cabfd15a0ff20bece326fe6c324d3b888929d8ff5d7b49fd46ca322d3af92b68f4c2d462fb495066bc94cf939caa27e6728551e835b753364c16710b7dbdf62bb42d07a86d441f88d7391dea39480747392944c024d8f4258c84c203bba091b4d5647d6e311dbdc0b6138c1785e9/i?id=e1698004-9299-4279-89e1-6b07a1aa47a7&ts=1647862841730
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
dfec2b10-b2b2-4230-93d5-2264481c566a
i
api.purpleads.io/x/a/40721309cfb6706eb191bccf81dff478:c117f71b5e57fe4f94080ab01f5b9167d321fa861843ffaceba8ec5c05bc744a3b48cabfd15a0ff20bece326fe6c324d3b888929d8ff5d7b49fd46ca322d3af92b68f4c2d462fb4... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/40721309cfb6706eb191bccf81dff478:c117f71b5e57fe4f94080ab01f5b9167d321fa861843ffaceba8ec5c05bc744a3b48cabfd15a0ff20bece326fe6c324d3b888929d8ff5d7b49fd46ca322d3af92b68f4c2d462fb495066bc94cf939caa27e6728551e835b753364c16710b7dbdf62bb42d07a86d441f88d7391dea39480747392944c024d8f4258c84c203bba091b4d5647d6e311dbdc0b6138c1785e9/i?id=e1698004-9299-4279-89e1-6b07a1aa47a7&ts=1647862841730
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:42 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
7e84588f-2bc8-4c5d-91c9-6d8e632db6d6
/
api.purpleads.io/x/b/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=49018087-5cd3-4a28-a6d1-ce5d99bd1587&demand=cybermedia&ts=1647862841791
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
495058bb3a9c6a456ef765ecb77fa816ad5dced2653c081a2ac5b1aca67d2781

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
etag
W/"2294-Y2x7kfmrlarjUwoblrPB/9qZ2qw"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
x-request-id
50088660-e2a4-4e97-8dd9-8f4a46d66c2d
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=cb3cce3620c64cdbb8e1e25b02d13e80&sizes=[[728,90],[468,60],[200,200],[320,100],[320,50],[300,100]]&slotid=49018087-5cd3-4a28-a6d1-ce5d99bd1587&demand=cybermedia&ts=1647862841791
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
cd89e95b-3e80-4b09-9606-d2a7f50571ab
adview
securepubads.g.doubleclick.net/pagead/ Frame E462 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrPpSOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7ZuXLIrOnw8B7GgQXBrW9qX_sDhME30YOLSfnUTOoqi5YX8fgj80uAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU0MTMzMjk1NDQwNDA5NDcYwYx0&sigh=QcLAe8Czrlw&uach_m=[UACH]&cid=CAQSPwCNIrLMkJZQloVCE3FwGIFOlE7EDclH8q0up0S3cfy5H8UNPXasi0z2-nXeWkUNqOMCK-xR7sQoMltn9BSXbhgB
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame E462 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U-qXEsg12AVanYNiAgIAAADXUiulzYsQcUqt_uJOvUHsEDlkOGKK30JKrTlMu_XM0gAS&wp=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
server
Kestrel
server-processing-duration-in-ticks
284338
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame D9E9 		176 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Requested by
Host: 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
URL: https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3ac1f54c43f059ff5751b38fd511e18f7db88c9844d25528f37eaf2f8454ed4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AqGnfgD9Bd55eWhlxVDDVPxPP6ifZ25abUy4mN7S3TSX3rCncR7ZxqRb-eyGB6yg-_HbRrIsMwEnhPnVOaneBxP3cBqml7ULiFn3-kmaDpZ5Ep8_Hp47t92oQollYsD5IliAjJmcZyVk3Q4WieIAHPl8SOsksyJU3InXIUZWvGeEhnVRTLYOeP_tpO0Ek1DoMUBE5klnIsUEwnOkI79gLtCbMBgTHw8TSeJ2aNY6jJAQzIfFr3qDKx8S_KvNCGao8ClXCw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
103471159
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E462 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
URL: https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:38:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E462 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
URL: https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E462 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
URL: https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:40:07 GMT
l
www.google.com/ads/measurement/ Frame E462 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp1-dxttDd2H6zzELr2zRJM6DeVIFBfKx7woMVGhMLCZF_Bc7wmM4YcktjRsfoI5bq9ZYp59JZfVnT2w5tBoMl74epSg
Requested by
Host: 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
URL: https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E462 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
URL: https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 14:29:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8FAC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C152 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f0449242120b20fce599f611cafd7ee1fb6d0f9754ca540a9c2ba5d7d7db0bfb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Rh9wqpsXm9RPmABo33BRcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:40:41 GMT
date
Mon, 21 Mar 2022 11:40:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Rh9wqpsXm9RPmABo33BRcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5ADD 		624 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWYw_-JXAlieY3i2dkbYfXbBZOb36scprjoMmxYVv47coM-y3dSX4uJckG3B3oeMKvdK8AtVn3y61KRJKI3B-4r-JgQ94WPMkitQ3SP9M-TEMgVpI-7K7M-jHZTrr_k90xjcOTqUk6tBMZL7ZXBcpsRN3mxklRdPYfCWmVsRluuxr0Yh9A
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 21 Mar 2022 11:40:41 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 21 Mar 2022 11:40:41 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1EAE 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRkmvUFx6EN5zDZZy7LrHH335Z1uwiIt1bt2BkwckmncOs5D0CFnURKMX-g1zwgW_mh4CrTFZh9pqyLNnKzNZZ_dcjE_KMgzsnp0H2U3Hf1ix0yV5M9rOR1DW8ON3cfKqSurECl4cwdj3txWzdLcN9dj_mRA&cry=1&dbm_d=AKAmf-A6T4Cmh-POiyNrTS4WHa_aGCBsq27xXTybssdOwdy43f_6PHc3UyEmBfq50GIsSLM7dyhLKXMfiFzjIqx2HUtqLSuoQPtcURgd9sdzzVGLDdHwMoFiUl-bPpxRnSAMdEajYnCOdemS8tf8MgVZabbSrj3X62n8HTl5qa3Z3D9Y36F84e27x2HlokjSjg9xrN4HfCmkG00j4GLZo8tM3e6Hv9AWNsbSU-GxbM95QV-Zmi4Bdf3YHNAgTP3X1jV8YU5q-xWTAWMPHIEKFBq_KSXZ0S8aUoF2K9qCQeeIdPZ-b28C_gcDTy9wPABRUAqJ5mN30RPUuj4UHFFrPt2zWr0xsd5_jfgRWs8ZxccXpoTMRG2NxhwZ9UptkKV0kcoN6aiW3YMY_dmUA0hd-981_ltUN6l6jXtrHiXI9NQlWC9qqi0REr0MGCQ6vxtRqAD8Z737s7HUx6YGjFSEm1s-wz_bUmbn1P-fDANSeSO1Kbr6xTc1sSAz9vy57kP7F8B-jLnwZoyo-LLpJ16Px7_63K_crU0Q6cteW8rVfej3RcdigaycIYtsG3OlAAK5usMyt-uxH4MCx9ZYru8MxfODgkENLOZTggfRwLxzi86aj11k7kI-6U5jlMwQyePA2ii3m7MXiqVtbVS7X3epNU4Y3tCVyldWqZtwpY1uK9btI3hRsDSedlMvHtbIkLJ2vNQq3r-ohVdQQMUtQ3mmkRvmx0pJBA_tUrl0TcZz27k9D-LR83bSzZx34l2kwzuXX8AbsQZ_0wxqVb4pyM2ihibIK9CFvJ-lcBxHi8uCHsbwmLgmGsRapscMOSCpn0hhWkdDdLJGbIDlI69Pon3Mqbv8cxSU5k9SL0IBQv3kpnDohXwksZyRtmfIEPOGkJOkQLg5oXTwJXYENtKC6SOJjJSxGvrwKk0nQlj4aGzwV-lKD8DJMfwMOaphVLayDrwDAjWcSmD5yDyje6mXaj-RQS5Mq0FXwcQJ4tCs18VWeGRfBl7wT29ctGaPxq-Vu2w_pU_8wj0eUoJGUUE1J1NFayv33dTvpj4Fg_9OktPujibhZ6VqM_ddX6C2oQvNH8gppWOY2UKuWfo5WDIneEr--3xmeYkGjhRRdnS8oJPtGymr16utQD8hkHatksxQxwdH3JmcTYnaJXuwASPHiDxZrTaNdBVDS93-EKSF6eNVWNHAMPVg187ILRkCFDRlqlLs6ullmI0Tik29I4LGZbYQNZjbbW1Lss3w8qvNiGeTpER65X3TKf5uL085sTbxjNmZU4SKEwZE9A5Pc0Ik_2MdT1E-Tg1YgsT6xfGwQ3nYGqb8BCT43eCNPA7-QORZLjPQSlxRqkI3VpYfzwwAvXfMLwzkGSmVTMHsIXFiOyNt3wUX-CkiIM7bWafTThxBXJ1qQTwdzEE2coCKkZbM8RNV6nGJaCczDhK4NA-iCA9rly6lWLvmCpCjFWpJH9EyJ0Qpg8aFwv0DoQ_iwo8xxfFwlKX7Rjt6vyE8WEaoJXcY6jmAQM0ECLfeOMKzVIiKFNkus_xm00-U48JtWCSstxEuIWDvJ5DW2NMhypm9H4fpM-4V3uddtlO5HL6TbS8zDwGE-auTm8jfMnQaP99hGAmu7K5axAlY1O7xjASkuGu0xs9Wzp2O1P8O7Hs1v96HWzl-5XaZnixb4Hfsam0XzegV3iEagV-bhtBq5Rqg39t4UE_dOzdREIq92UGLl0IIsd0--vUgpBXbY2S9xMRCYMw9zo2RxKgCHuTisDKU5ose-ZGfqRd2iWlKu_6SIx6oixemDmL2bdxRjB0uBY6WhpIwTRxUQTN8Japz6xAeErRMUUm_f_05vJpiuhxaHiRBr0xvR-lt15oFKM2O6aupwLK0syBH1JgjFi-Qg-_Nvs-E90v8td79ixwQ7k3xPRP7sBPluTDMWx72THq7CSZFy0U8gRDtFTonU2Y510MIVtxKOL6QCu03MBMVGjrsKFxH7JoMfOL-_AORt3GHLCVw6H5MXEZB6SeJVTwSmLqKI91xp8ENObeN5RlB5Fqdu87nDxguy2E8vq4CP8uCwjUPUg6Ce2UI1lQ5IOuSyHGhfuRt_ScLCvhDghb8v6lLTellZZx5ucKYllnzYKAILZUm9aJkmBSFV3LJ4_EPqh0zEKOuRzjO2eUxRzc_QC7swvtjT31ASOemWFGBra-mgWVThWiHIA20LKZ2wMBCaRF3ioqKLx4yJR3UNRpXKHkF2bQ5XX91nQBR8mN2s5Vv1ZFF8nuF3qCegeGmLVePmicNQREXRfprxBPIYhkizWsH3yT9dt7cSmY8UecZdjAP1j_jUQf7lGhDvnZGbmV_Bv6fWsLTsXC9WON_h2gnvKOmM6N_8pG7WnK-nEaupZ-7srrkb-CIAu7fEQI3oSwO32nxxGNiW6CMvE99OXzgntcTUwrcTByi0F3xEPSAG42xOwST4fbl9QE8BtyPqeaLs27-YJHL-GjWnBPRM_8O0tbMgKDh0lDXVMhzej8mQrdLSc9xZBuFJF7ioSDTKEv3ZOShSm0cHhfI4x-pW-hQDsYA74hEspmWLhC3I1IVQteN3SgmZ0m5bAuVxWJ05U12SfFEcnzqwrtmHRPxIdIDR6uyxM4rSpb4I-59k-8VPixNRwMwltAaccFrYJYNJ0PddbKuy3h2lI_F-rGgGuVa_W2ZaU_eH54mrYhK2n9p7ApWzjMdG88DP7ZQVeALFPHVkeklY4E60RXhxvV6-9ikPCh8vNClQHHmccvDs5gZrw46FzfAtMbJecCVpHbP6SZG7Fdmv5C-yjVdvIunmpiuMTaWGd_lK7I1lH43Lg4LtJZAJEqLv9ItHPEvdlly2fOag8mVMQ_HnrskFM7D9niXhxKXfCUJId-KK41IDVrP-TLiYlwd16qKTtRTbBygd1Wz7IsS5mwnjVnsXF0_pgEBsH9AEPktQzQ8_sslsjhY0JnkKtYHym8YKn3EP2KJaE0jUY91U6Uz10noqZlF4klF-m5pNUMyUZ2xEXZ6sGLnm7JTp9B56RMPfJuRqKs7GbmfLOWlCQi8Bvxn_Dr1jNpOPiOH1Xs6ykJV3Zw06WVdvAQI_ynT6kiAcM_mdvFyjm6J99tpNiW_M1910Oh-kUv8ThlCX0uIUzQyiwJmT_NNvt8l0OM1728fYdq3AS0wCwQ3qzI5GwgtdtrLQHzQHJDMXs-I3qCpaVWxDvVJfYLpTgrTv_KhEFAOhh4plfYAnFdelKyoA8uIhRyDYRJyoRCjRJhGS2C_BMHHBz85syJ9IuO9g7JC-d80ddUpMSoAHqkXPw&cid=CAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb236e11f99ddbfc498c9e21b22a1cbc48da9c51f173be370db2f8a69ee9bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16261
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EAE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ByERVI32bMfMWgSU6aTnmR2fVucboDSUFKODnbS0S6GU_HwnTDZsRsefs6BYIZLBQDM5c3d19fYHXc9yrD6Nw2fR5sPZrnV6EdgP3D7iDBURgbA7Y
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 1EAE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:38:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1EAE 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 1EAE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:40:07 GMT
l
www.google.com/ads/measurement/ Frame 1EAE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgXSas6swYtqYcD0PFZoua3taPQnO4p_9CVO9_M8Wn7ylsBjAAdgXEl1CpkBW_py-elWQkX_-rLGAu0BPpgCcoSYzhqA
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 85CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2KgAOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgS9Ak_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVLfsMvD9JnK57XvVDrVv9RbDbS3eTfLhNj1btopTGOI2zm1L1E174AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=3don12Acqc4&uach_m=[UACH]&cid=CAQSPgCNIrLM_y33piZJ6S1KldVFKTGkwbOlV_lQ3j20CM3RTh_s41sVKcqcA1U-g9011ptnUktpk_zFGELC50e8GAE
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 85CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U-qXEsg12AVanYNiAgIAAADXUiulzYsQcUqt_uJOvUHsEDhkOGLwRQh3Mibm63cPJQAS&wp=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
server
Kestrel
server-processing-duration-in-ticks
308785
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame CE28 		129 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Requested by
Host: 035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
URL: https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5afd2da25b2454109b998af1d57ab83e2d84a214be7831823fb9582073400bd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=kf04-QD9Bd55eWhlgdeuus3KUHXJC8bGdfDcFKYbZm7TSMl_mfatVi36wUbgaO-MvdCfqJzlysyv5O0ecVO-MIMeKJah0tVKUCFjVKGUXvZNh7THwwG7AnnISjo7Fa6Jr96QEwy3_AE3_-qShzCjEumvV4Fx2HByW6DYlfCUjcYaYWfn2w---v67BipMHD2ls-4hrK5wsBEKmnfjp97Y1EyyKgWmZbFSflXHZa8PmSm0ElGKMDX5YGlUhefdfW8zTemz-A"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
123201128
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 85CC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2021.js
Requested by
Host: 035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
URL: https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 10:56:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85CC 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
URL: https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 85CC 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
URL: https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:10:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
server
cafe
etag
1939740185073438140
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:10:03 GMT
l
www.google.com/ads/measurement/ Frame 85CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNYUMr4-uxSzy1V8Tpr04CO51bqRjYf2j8yZL5blVHOnzCMINw-9_XNSkLkfo_xfEmSpBO7VUkGJOxRIjfsz_6IlJtpQ
Requested by
Host: 035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
URL: https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 85CC 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
URL: https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 14:29:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D59E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=3442312406334637&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame EE40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031501&jk=2207901815628976&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
container.html
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0542 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065681
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:40:41 GMT
expires
Tue, 21 Mar 2023 11:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/930d6f6f4db1441ea0504ac687cbf328:9cea025eb2424c97ba1632de930cffe25967c8681c5694383eb8f118a1510275348e6a2e64cc703e8251d5a5d7162218c509d24d54cb58fcdc19a218e31ae78994a3cb2927e6f49... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/930d6f6f4db1441ea0504ac687cbf328:9cea025eb2424c97ba1632de930cffe25967c8681c5694383eb8f118a1510275348e6a2e64cc703e8251d5a5d7162218c509d24d54cb58fcdc19a218e31ae78994a3cb2927e6f49ec5499c479b60305fd71d5ed0dcaeef4bd3a602d723028d40d255a9aebf5ea3bbe1bd5aee0b055a10e5e5a1baec2b303c60cbab635099a05bf8c083591109288aac70d97a57fc53d9/i?id=0ae4c915-0435-4ccc-8a02-7b59e2414f60&ts=1647862841867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
4044610c-a127-40e4-ab55-d4695a0c64cf
i
api.purpleads.io/x/a/930d6f6f4db1441ea0504ac687cbf328:9cea025eb2424c97ba1632de930cffe25967c8681c5694383eb8f118a1510275348e6a2e64cc703e8251d5a5d7162218c509d24d54cb58fcdc19a218e31ae78994a3cb2927e6f49... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/930d6f6f4db1441ea0504ac687cbf328:9cea025eb2424c97ba1632de930cffe25967c8681c5694383eb8f118a1510275348e6a2e64cc703e8251d5a5d7162218c509d24d54cb58fcdc19a218e31ae78994a3cb2927e6f49ec5499c479b60305fd71d5ed0dcaeef4bd3a602d723028d40d255a9aebf5ea3bbe1bd5aee0b055a10e5e5a1baec2b303c60cbab635099a05bf8c083591109288aac70d97a57fc53d9/i?id=0ae4c915-0435-4ccc-8a02-7b59e2414f60&ts=1647862841867
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:42 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
9f11674c-1666-41e2-8f37-8843f51eff8e
sodar
pagead2.googlesyndication.com/pagead/ Frame 9E10 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031501&jk=3417211512221841&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4331 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=4007856695887032&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame AF2C 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame A9FA 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 62C2 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 64C8 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 8FAC 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C152 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030901&jk=2160141634947513&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame 07CC 		708 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 10:45:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 21 Mar 2022 11:40:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 21 Mar 2022 11:40:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 07CC 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
69c0a8d5284b247bd724d3c3742bdb8d61c5cd8cc5df7fe1144679ec3531d7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27819
x-xss-protection
0
server
sffe
etag
"1164 / 749 of 1000 / last-modified: 1647861146"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:40:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 93B2 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiW1rnFATAB&v=APEucNXLX-ZhGYMmnbFmXYymT_NPjhT1IuM6PxmbeGKsPngx8dtRIF62zjSyk5gkzvk5IJLvLb0l7cWkJPOPNiH01LCurGT3RhrAOEeSTgDCiTz7l4m2oPBXa-OjA73mk5BWplRwW-giAqf2uGNta9Yp-TFU9vJTHhkTimNPfMX6Hn-dCKipxrQ
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 21 Mar 2022 11:40:41 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 0542 		26 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHirrMYNIs21C3pamo1Dj3zXHioA-w22SZyzMuiUu4RXklQv8zULAnGC7apjp_JMUGRixEtvisjYHngzEUskGZrF-6lfyPzp0qaedVgqvXezH9N5KJXts14zos9V3EqdRcgNfn4K3Be8CkdyTI1sYMCc68HA&cry=1&dbm_d=AKAmf-B4KNXy3uqMSSG4I1eFXQJ81XS36-GMb1hVi4Jg0eVUpBDVJlXL18i8TIhf1RlDdJeBOnVyYXzxwpavj1gWRlbXKgUQPmk91RzZbKe1Qr_wIaK4JuzBRgEd4FC8LD8WRx7UtYv9_q5MQf_01b3FqlgHCDk1y7GdEORxUBqRGyGt8O5gvD9m6OV8do_noh0IApQdx5Y2vajyC1nmohOr1VP2NPXNWYAS4cAv2wCoa8qKh8qIj9wNMnJ4A3Cfl1KI-hENu1_TwEPIyWFSl2AwTaZ99_aCqfzeC5xaiqDGDaqJpT8YocqdgTGHjchXInGrrletWfvfNNZpCSCms02twedX0hNDKVLi7GjABsrmpclwE0_NoU6Qz9FvpPixcAY_ywEfWidlSdJxQjE4HFsgaF_DjA0DAy7n7sUGS6iP4mXA0hpJGVPi_4oqyndO3FVf8J32sQn_tjKlK0IDK6QD7gAk7Ve36QSGktSmAq4gE-S5QSSFRlyplFRivze3E7p-np7xoVyYzDgDiiMEd6-eKpzWVpiaKulGb_FsnHn2EmEknhY9_JwcXxO7ojAAMHzBKoMfhZ94s9StRvRD9DoWdgHkIY73mTe4egf2YKj5PT7D5Gza_i-4YnT1ox6FRJ3JteX0GlhLQGZTgK9wBK4LEVzVeDKSZcPW7R1bK83wcid8fL26nXkKTZ_ZUnThvWwJhARCnRuRRlB6FH3HHHZO3Qwp9CYJXKLXhG3_x2H7TFqF50gSdCqwgzaXmM1ar3xnrzgG8q8V_uWMgsUOKRW575QN-z4_g3WAh8VNcsk6shxrhXe-bt0ehEsQf2kvKvQ9CsM6K4cVdzSj4sOOkREghdjQGLGImUAK19JLLdIx7Y8AkZVG7en4eAgaRFdmBByN2XCzhBCR6eiJs_t_y-u0A4G9heRlJ1Y3XT3HeGYGL9bZGVzhx9H15hA2etvrO6Ees3-rRM0y9DQBhgXtVSwdp1TgC8DAbAZAlS6SMng8xMNPJ4Nsj6V_40fICj1hfN55KMgYpRo51sFvpTeuKcb1irIEXUw3Y77Q3oAky_9l4GyUnBAzJi-bqwCyJ8EUNWV-APh-YV6q09qk0fH-YM57-ZNo1MihPOQgY-vO8KOg71VTExjC554H05PyqWGgNeYT0uy9HXVjecTeRson94Tjeky2MXL1Ud8MfWUTnFXDTVe9jAHpAkIzRIopZmoB1At0GLGDQ9_jLL88KZVTGz409sqEeo6XF3GEO1IxlFh3iEvaeDvSm1q-hOQSnX566OAabI7MbLApmNIja5BbhbeMoG4rl93zof-u6qIp2wfmu7u4yW-CIwC1k1c0rPCBW9lgRiFM5ZzgFmcKT2eVGB_72c7f1HyZ2Ahb3OjqH8aI3vD_FInmQYIvojxCngyAIOXBDodU7gyFBlLmpL8489P2qrHSFlRnIQesxs3398S53O9XIFGhE3M0CAiUHjCtHP8RasOZLyZDFOUBg8xGK_1QWGduFIlgt9xFZnYn2K5yv8BZ_STaTj7HlAAhT-9_I4G836Ny9TYqcIArQu3rEkYIdCsBIC5RQVJ47SmMwgsZoUqEXVS37Ggm9YINMX56J8P-1zl200A32bHm7yaFQhr0Tc_69qkQHTOg8VnZ4KFsvAkHzBxoyBoigO-Xuw2J2uJtWZSbzMlq8wX2MOFtd9WdJoad0FgjKLrVmdFczAnnSeft6yMUE7HziH5yBLoJs19lWYUjbnMJA0mOvjpBjo_DTMa4nc80gMkkSibHsvtGX5oo7todbrzGfLN0EzIBagpb0D93OO9-9I0z4vrCpElVtj2zrq9TMlNL-lkAmBJZ6pt-FbG-tFnJMMSvL9x9-E9yRolQEuiNFKshkkuEa5JHEl-K8SzXFuxlL6qtKQMloAeFrpjDbom-BuZJbYHaUGBI2c9YnspMd53yI970IWskiZt0qkABm9n0ZNeQCR6509NHKCHXchr23508oyUlC3x3Mqjx993v2FJCIAE3JGYpD2sYnIDj1GklFZ33uADUH20jBndGA1b5gROBwGZ5AJtGp_x_Sw_JdHKMoY2tN6M9gM0VWdN2ILbtlMuwCVlZLl7NlrnbElUoTQFKRlk2zaTM7CKX_M2fOXjeQnbjw_fcf6NDgLeOG90fPQ0vGKmeoaTjISbpwBeftzipebi10zNludWo8MmvDS3vrJLhQC9vKHvQxmB9Y16zdSStJYwYsMXBTJrAwf72srMebIdX4QWbGb8fJOfIgCWh7uFq8Sv5iM8969HhNaPZ_lvfAn-um5BMQKtGmC1semBvKwPBAGXJRJTimKnJ1XNq1Yx93gYeAxvELOfn1Db1MkER4NlCEnA-WLWyYl-RcMxP8ZX8cDXDoaz6R1zUfP2_uw_BqcM8hPvG6IU7lVWQezrCcdsonMqZGBSksXIoV4Qdeg6ABzH9IGcs-Z7oy0MyP0PaPp-57J6JRo_N7vLZltZWO7EeEsCbT5bMwopT9vH2Nn37WusXRVc5PtVvCK5S4mBcqWMkhDP1rpKErOxw84ZZNXbKjTBYCfT0c7olUPLqSrT8TLq4Vb-_Ov6pR4I83jxqNeokWDgleRh-mwsX3KwuEeW5zg3GnUPcHJmqbtRdfnpi4o8Xq5OzY2zEGnia9Wrvk2v9EvtRPjrTzjGdkuxv9p4tK95c8khyBfvjSdJgmVOYAVMNrKHOcr96qDmV3qhy7bhhYxihYBTZdHQioUB0lnBCg4B-MoD2XMjwxETGzbsUTQ_zvi55XnnC2hjRS2OTCJ976UhYSsGCRDfPZypey-fYDx-kz5kN5UI4zcI2ZMHTQttzPQ_r81dnbL9PjwgnbtaPGCqsnSP38_XyeCw4FrXmsS3Q1Q2f3Xxoadg7Ouhzvsfmuru_L9XAMYu-ZXstmhEJ0DQs320_kpRA5HQ-zQCjAKCOfmRPTruxbTmDWreD4xy6nyIl1xAVkYnKNi1fpFrQ3Nwhct_cnbXoLyZwXP7bE0C1tygzOI2UsMijDmRbWiIbF_lcLNSjrnxHxqdxtALfLxY5CzDj0nFnIJNr3fTjaGXmX1aRwACAcxbs8zBG07yNVHXQdbeDJMiWtwhhtp-iLmTzuG2l2NwGIogexyyVBm0gFRffFlmwy7saWCG5iVUEPvzdCKnU8Ik9Kfg-MtZ5LY4maCEs1S7F2GNDRZuUYRp7TuFyNkpME7Qf4IIZ8nb9cSVsvaeD_0WTqQRBJQ6acO8ntHl9Av92AiqkPqKU3TFse5qNB-pAU2hCX_0-E6YR4UtLuXDB&cid=CAASKORoQFzR1mKDD8elzTY_Pm3y3p_IU98S9y-57urRMpaLNSnaWd2SPrg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
356d53b9879dc2e455d2201a932b1ee73dd51f38d6593e522e5b6decb7df3e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16129
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0542 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dl_LfRh1uHEyVSqwefnp9gNZooptxmwlkLavj9zjWluatN4rsvk26Jgw2ni1KUYRYMNYVyurBu7YIEH2b6qIHenA4Ry462gU8Mh7vWt75-ffiXPHs
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adition.js
imagesrv.adition.com/js/ Frame 0542 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad13.adfarm1.adition.com/ Frame 0542 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/js?wp_id=4285696&gdpr=&gdpr_consent=&kid=2958451&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC3tpmOWQ4YrX5II_O7_UPut2TmAe1kNfhaLzw_rzQD_AuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTSAU_Q5B0YKZZYjvqXXKYO-qGomfe-IxHOhCmN_w5PHwRXArO3WbItYU46utGn2OoXOvVR87xToa0NujV-qKftcY9EuNCJbYnPIGyMun1YPtZjNhtmYR3BUrkL5OwJhvFTetoObdo1hZ8Blp53E15lxIoYh8saPUEyykWIpqCan2J8BMmXh6MF8e2sZG-uLmphwuL_48NdXVuR2b8S8Tar1JzllOV8q5oezQ9G5FBAJ2hWeo3if6BFo_QB6IVNbEsGA5AXdoysR-B-8fV0Vh0Fmn1PI8AE_OTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3a-xDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORoQFzR1mKDD8elzTY_Pm3y3p_IU98S9y-57urRMpaLNSnaWd2SPrg%26sig%3DAOD64_2TuWwiWuX7q22UWo320mhHVJqSZg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C2te9BeVwwFobeT-exLdUK1ny2kw_3fprgPqaCFnf_ICYP3Fhen710pCknlr19s-LJZo9M-6-qmc2ygX78kmOkfRLMZYK-d-C6lYPT_OSM9GhFn0qfNGz85aEnsJQ8Warm7bUh3_ZSSKbCudyUqtcUmABfHA%26cry%3D1%26dbm_d%3DAKAmf-C6lbkDA8GOU5u8hBgw16XwbgRxYZxaxK94dfcWt71BXVUbbcl52-xaEEGWg1raXZDgcuPZZbUVS_w5SUE2mJfFDgyhvir4c1SJ5tDIVgoxMmnHANIp9OzC4GoP4lM9lqRxjfkL0_yUytX_ia2yuDgsxz-7S8NlBPuc1WwrN__QLsS7CzmbnldSvH7X6mR5fcv9Ab_MX1oQUhfgX__1EVWu6uf_8y32lXdcJxHYmW4yVyroBjtbOnjAgevgoe2bwQj-CUMRozROFbqNC1oYT_8Fd7JYyti9eYdbfozcwFHnlXHP-kAcPWfAdBoVfLVYqm-89Cm7ofO2o0JGsFWPNCl3w9odZOCHTSjy51DLKvuj2dyri-avEeCLeEzzutF0coPe1BVTZcZ2SvzdVc_Kh4E6raaGTaia-dWoCzoDd6sGNOYfSrB85ou6dPmZALkcYDgAjgQIBdm8rR4qOP6mlT4Vbc3_6g%26adurl%3D
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
dfe484b6bf9bfeea3b9ade60ded9977672146e08b1eac03c07fb9328285d2f0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 12:40:41 +0100
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 0542 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:38:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0542 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 0542 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:40:07 GMT
l
www.google.com/ads/measurement/ Frame 0542 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzyFPH7IpG0_XNXFjFyy0eHcDHCDBd2G9H8u5PdZSDNqWI-Wdi20NcjrpxHxpBXxhoECDo-9E0nkd3kjWINhduLlIOZw
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 5ADD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWYw_-JXAlieY3i2dkbYfXbBZOb36scprjoMmxYVv47coM-y3dSX4uJckG3B3oeMKvdK8AtVn3y61KRJKI3B-4r-JgQ94WPMkitQ3SP9M-TEMgVpI-7K7M-jHZTrr_k90xjcOTqUk6tBMZL7ZXBcpsRN3mxklRdPYfCWmVsRluuxr0Yh9A
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 21 Mar 2022 11:40:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5ADD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjhkOpf8zZv1BkpaMl0qvwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWYw_-JXAlieY3i2dkbYfXbBZOb36scprjoMmxYVv47coM-y3dSX4uJckG3B3oeMKvdK8AtVn3y61KRJKI3B-4r-JgQ94WPMkitQ3SP9M-TEMgVpI-7K7M-jHZTrr_k90xjcOTqUk6tBMZL7ZXBcpsRN3mxklRdPYfCWmVsRluuxr0Yh9A
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 21 Mar 2022 11:40:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5ADD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWYw_-JXAlieY3i2dkbYfXbBZOb36scprjoMmxYVv47coM-y3dSX4uJckG3B3oeMKvdK8AtVn3y61KRJKI3B-4r-JgQ94WPMkitQ3SP9M-TEMgVpI-7K7M-jHZTrr_k90xjcOTqUk6tBMZL7ZXBcpsRN3mxklRdPYfCWmVsRluuxr0Yh9A
Protocol
HTTP/1.1
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7f9961ab-39e1-4663-a910-ac2ccae845bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5ADD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWYw_-JXAlieY3i2dkbYfXbBZOb36scprjoMmxYVv47coM-y3dSX4uJckG3B3oeMKvdK8AtVn3y61KRJKI3B-4r-JgQ94WPMkitQ3SP9M-TEMgVpI-7K7M-jHZTrr_k90xjcOTqUk6tBMZL7ZXBcpsRN3mxklRdPYfCWmVsRluuxr0Yh9A
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5672da87-2b66-4dc6-b251-459b961ce38e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame D9E9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D9E9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D9E9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 16 Mar 2023 11:40:42 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame D9E9 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 16 Mar 2023 11:40:42 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame D9E9 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ZuLhYl7SUV9S9xYEPwMeUmlJC_Id-wczDpGe2yv4ZPHfUbiVVaThZSwIBSzS7rI_rKvLTi1PZ96Zc5r2cJzteel7bOKJrqSw5zPgygzXRqyLo2UonTkuUW8Uuy1WK_RXDjiLiGTCuV6_kDDSfdONeZ9kcev8y2qQKvd9DULFR6fSFRJi3E7dNZP8z2sMnLVVJPCI_RxG-ezt7N5UVtb_i5K2BjoK1_6q9gq29gsRZACWnf3s2bf67HpNyg13qAbTns5ylX9iKPe5vuqGmLuFHcoFOl60_pU4DW9tjJ1Qj-mOo2_Go3K3OTcjV8dfGQ3ygF-EHWLw0AOBCOwrGOd9NDCxo0J78nsTq5VpaJvoUH24ZpodXSb7vMl5GnSzqZaNDCYRIb93ghmSoplac8537UKep2YOGXzCMZWLHe1ES4Rvfuypdt4Ag-XZ4NJC5yRWpgDHAg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3190469
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 93B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiW1rnFATAB&v=APEucNXLX-ZhGYMmnbFmXYymT_NPjhT1IuM6PxmbeGKsPngx8dtRIF62zjSyk5gkzvk5IJLvLb0l7cWkJPOPNiH01LCurGT3RhrAOEeSTgDCiTz7l4m2oPBXa-OjA73mk5BWplRwW-giAqf2uGNta9Yp-TFU9vJTHhkTimNPfMX6Hn-dCKipxrQ
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 21 Mar 2022 11:40:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 93B2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjhkOpf8zZv1BkpaMl0qvwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiW1rnFATAB&v=APEucNXLX-ZhGYMmnbFmXYymT_NPjhT1IuM6PxmbeGKsPngx8dtRIF62zjSyk5gkzvk5IJLvLb0l7cWkJPOPNiH01LCurGT3RhrAOEeSTgDCiTz7l4m2oPBXa-OjA73mk5BWplRwW-giAqf2uGNta9Yp-TFU9vJTHhkTimNPfMX6Hn-dCKipxrQ
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 21 Mar 2022 11:40:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 93B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiW1rnFATAB&v=APEucNXLX-ZhGYMmnbFmXYymT_NPjhT1IuM6PxmbeGKsPngx8dtRIF62zjSyk5gkzvk5IJLvLb0l7cWkJPOPNiH01LCurGT3RhrAOEeSTgDCiTz7l4m2oPBXa-OjA73mk5BWplRwW-giAqf2uGNta9Yp-TFU9vJTHhkTimNPfMX6Hn-dCKipxrQ
Protocol
HTTP/1.1
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b147dae1-1884-4f99-99a9-1dcece3ed658
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 93B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmp1wIQ19vYAhiW1rnFATAB&v=APEucNXLX-ZhGYMmnbFmXYymT_NPjhT1IuM6PxmbeGKsPngx8dtRIF62zjSyk5gkzvk5IJLvLb0l7cWkJPOPNiH01LCurGT3RhrAOEeSTgDCiTz7l4m2oPBXa-OjA73mk5BWplRwW-giAqf2uGNta9Yp-TFU9vJTHhkTimNPfMX6Hn-dCKipxrQ
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b685a8f6-e11c-4def-a61d-1451e40d6cdc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CE28 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CE28 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CE28 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 16 Mar 2023 11:40:42 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame CE28 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 16 Mar 2023 11:40:42 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame CE28 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=8DHcj17SUV9S9xYEPwMeUmlJC_IU3MXPQWs2NTVSgw-hRQo8WyzTxsjYlvQQzXwzbVr3xOvo6M2bXZGQGfn9_Ve2UsLE2ep7APPwZ-5zAamXDnPGXSg5frUHeFxfIbC1nZXFnM6GTebUJY_SWOseRJzgLeTRasgDAVUQbCYWlhTE8e8fVW4PfG-v7BpY-oFPyQjHrJbh5JieCGALBFtxd-IASvubwo6Os-xH_j3pa_3ZIPFe36PnPPr3Iv_9AvvDRhv8DXwEaw5ngTmIBehbUUYOQG-cmSXAivFpfiFeUlQAeukhhjWb3PE5fJceX9Eciy9vbjq-ZX-JwcP0GPk02nMUzxVCwtZc-ZCHX7eIScMEnyTeGrtkXb7y_JsJ4IYdQm1ZVok2HIRe1oPP6GRsVR0NBG0Onp4-AV0jdK87ZDKuwIgm1J2YkS72dg1OC-udkvVsXA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:41 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3048759
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame E462 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97eafbfc7d4d2c5f1932e354466b4611b6441d864cc7ec3e3969aa057107de74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 1EAE 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRkmvUFx6EN5zDZZy7LrHH335Z1uwiIt1bt2BkwckmncOs5D0CFnURKMX-g1zwgW_mh4CrTFZh9pqyLNnKzNZZ_dcjE_KMgzsnp0H2U3Hf1ix0yV5M9rOR1DW8ON3cfKqSurECl4cwdj3txWzdLcN9dj_mRA&cry=1&dbm_d=AKAmf-A6T4Cmh-POiyNrTS4WHa_aGCBsq27xXTybssdOwdy43f_6PHc3UyEmBfq50GIsSLM7dyhLKXMfiFzjIqx2HUtqLSuoQPtcURgd9sdzzVGLDdHwMoFiUl-bPpxRnSAMdEajYnCOdemS8tf8MgVZabbSrj3X62n8HTl5qa3Z3D9Y36F84e27x2HlokjSjg9xrN4HfCmkG00j4GLZo8tM3e6Hv9AWNsbSU-GxbM95QV-Zmi4Bdf3YHNAgTP3X1jV8YU5q-xWTAWMPHIEKFBq_KSXZ0S8aUoF2K9qCQeeIdPZ-b28C_gcDTy9wPABRUAqJ5mN30RPUuj4UHFFrPt2zWr0xsd5_jfgRWs8ZxccXpoTMRG2NxhwZ9UptkKV0kcoN6aiW3YMY_dmUA0hd-981_ltUN6l6jXtrHiXI9NQlWC9qqi0REr0MGCQ6vxtRqAD8Z737s7HUx6YGjFSEm1s-wz_bUmbn1P-fDANSeSO1Kbr6xTc1sSAz9vy57kP7F8B-jLnwZoyo-LLpJ16Px7_63K_crU0Q6cteW8rVfej3RcdigaycIYtsG3OlAAK5usMyt-uxH4MCx9ZYru8MxfODgkENLOZTggfRwLxzi86aj11k7kI-6U5jlMwQyePA2ii3m7MXiqVtbVS7X3epNU4Y3tCVyldWqZtwpY1uK9btI3hRsDSedlMvHtbIkLJ2vNQq3r-ohVdQQMUtQ3mmkRvmx0pJBA_tUrl0TcZz27k9D-LR83bSzZx34l2kwzuXX8AbsQZ_0wxqVb4pyM2ihibIK9CFvJ-lcBxHi8uCHsbwmLgmGsRapscMOSCpn0hhWkdDdLJGbIDlI69Pon3Mqbv8cxSU5k9SL0IBQv3kpnDohXwksZyRtmfIEPOGkJOkQLg5oXTwJXYENtKC6SOJjJSxGvrwKk0nQlj4aGzwV-lKD8DJMfwMOaphVLayDrwDAjWcSmD5yDyje6mXaj-RQS5Mq0FXwcQJ4tCs18VWeGRfBl7wT29ctGaPxq-Vu2w_pU_8wj0eUoJGUUE1J1NFayv33dTvpj4Fg_9OktPujibhZ6VqM_ddX6C2oQvNH8gppWOY2UKuWfo5WDIneEr--3xmeYkGjhRRdnS8oJPtGymr16utQD8hkHatksxQxwdH3JmcTYnaJXuwASPHiDxZrTaNdBVDS93-EKSF6eNVWNHAMPVg187ILRkCFDRlqlLs6ullmI0Tik29I4LGZbYQNZjbbW1Lss3w8qvNiGeTpER65X3TKf5uL085sTbxjNmZU4SKEwZE9A5Pc0Ik_2MdT1E-Tg1YgsT6xfGwQ3nYGqb8BCT43eCNPA7-QORZLjPQSlxRqkI3VpYfzwwAvXfMLwzkGSmVTMHsIXFiOyNt3wUX-CkiIM7bWafTThxBXJ1qQTwdzEE2coCKkZbM8RNV6nGJaCczDhK4NA-iCA9rly6lWLvmCpCjFWpJH9EyJ0Qpg8aFwv0DoQ_iwo8xxfFwlKX7Rjt6vyE8WEaoJXcY6jmAQM0ECLfeOMKzVIiKFNkus_xm00-U48JtWCSstxEuIWDvJ5DW2NMhypm9H4fpM-4V3uddtlO5HL6TbS8zDwGE-auTm8jfMnQaP99hGAmu7K5axAlY1O7xjASkuGu0xs9Wzp2O1P8O7Hs1v96HWzl-5XaZnixb4Hfsam0XzegV3iEagV-bhtBq5Rqg39t4UE_dOzdREIq92UGLl0IIsd0--vUgpBXbY2S9xMRCYMw9zo2RxKgCHuTisDKU5ose-ZGfqRd2iWlKu_6SIx6oixemDmL2bdxRjB0uBY6WhpIwTRxUQTN8Japz6xAeErRMUUm_f_05vJpiuhxaHiRBr0xvR-lt15oFKM2O6aupwLK0syBH1JgjFi-Qg-_Nvs-E90v8td79ixwQ7k3xPRP7sBPluTDMWx72THq7CSZFy0U8gRDtFTonU2Y510MIVtxKOL6QCu03MBMVGjrsKFxH7JoMfOL-_AORt3GHLCVw6H5MXEZB6SeJVTwSmLqKI91xp8ENObeN5RlB5Fqdu87nDxguy2E8vq4CP8uCwjUPUg6Ce2UI1lQ5IOuSyHGhfuRt_ScLCvhDghb8v6lLTellZZx5ucKYllnzYKAILZUm9aJkmBSFV3LJ4_EPqh0zEKOuRzjO2eUxRzc_QC7swvtjT31ASOemWFGBra-mgWVThWiHIA20LKZ2wMBCaRF3ioqKLx4yJR3UNRpXKHkF2bQ5XX91nQBR8mN2s5Vv1ZFF8nuF3qCegeGmLVePmicNQREXRfprxBPIYhkizWsH3yT9dt7cSmY8UecZdjAP1j_jUQf7lGhDvnZGbmV_Bv6fWsLTsXC9WON_h2gnvKOmM6N_8pG7WnK-nEaupZ-7srrkb-CIAu7fEQI3oSwO32nxxGNiW6CMvE99OXzgntcTUwrcTByi0F3xEPSAG42xOwST4fbl9QE8BtyPqeaLs27-YJHL-GjWnBPRM_8O0tbMgKDh0lDXVMhzej8mQrdLSc9xZBuFJF7ioSDTKEv3ZOShSm0cHhfI4x-pW-hQDsYA74hEspmWLhC3I1IVQteN3SgmZ0m5bAuVxWJ05U12SfFEcnzqwrtmHRPxIdIDR6uyxM4rSpb4I-59k-8VPixNRwMwltAaccFrYJYNJ0PddbKuy3h2lI_F-rGgGuVa_W2ZaU_eH54mrYhK2n9p7ApWzjMdG88DP7ZQVeALFPHVkeklY4E60RXhxvV6-9ikPCh8vNClQHHmccvDs5gZrw46FzfAtMbJecCVpHbP6SZG7Fdmv5C-yjVdvIunmpiuMTaWGd_lK7I1lH43Lg4LtJZAJEqLv9ItHPEvdlly2fOag8mVMQ_HnrskFM7D9niXhxKXfCUJId-KK41IDVrP-TLiYlwd16qKTtRTbBygd1Wz7IsS5mwnjVnsXF0_pgEBsH9AEPktQzQ8_sslsjhY0JnkKtYHym8YKn3EP2KJaE0jUY91U6Uz10noqZlF4klF-m5pNUMyUZ2xEXZ6sGLnm7JTp9B56RMPfJuRqKs7GbmfLOWlCQi8Bvxn_Dr1jNpOPiOH1Xs6ykJV3Zw06WVdvAQI_ynT6kiAcM_mdvFyjm6J99tpNiW_M1910Oh-kUv8ThlCX0uIUzQyiwJmT_NNvt8l0OM1728fYdq3AS0wCwQ3qzI5GwgtdtrLQHzQHJDMXs-I3qCpaVWxDvVJfYLpTgrTv_KhEFAOhh4plfYAnFdelKyoA8uIhRyDYRJyoRCjRJhGS2C_BMHHBz85syJ9IuO9g7JC-d80ddUpMSoAHqkXPw&cid=CAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:35:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1EAE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRkmvUFx6EN5zDZZy7LrHH335Z1uwiIt1bt2BkwckmncOs5D0CFnURKMX-g1zwgW_mh4CrTFZh9pqyLNnKzNZZ_dcjE_KMgzsnp0H2U3Hf1ix0yV5M9rOR1DW8ON3cfKqSurECl4cwdj3txWzdLcN9dj_mRA&cry=1&dbm_d=AKAmf-A6T4Cmh-POiyNrTS4WHa_aGCBsq27xXTybssdOwdy43f_6PHc3UyEmBfq50GIsSLM7dyhLKXMfiFzjIqx2HUtqLSuoQPtcURgd9sdzzVGLDdHwMoFiUl-bPpxRnSAMdEajYnCOdemS8tf8MgVZabbSrj3X62n8HTl5qa3Z3D9Y36F84e27x2HlokjSjg9xrN4HfCmkG00j4GLZo8tM3e6Hv9AWNsbSU-GxbM95QV-Zmi4Bdf3YHNAgTP3X1jV8YU5q-xWTAWMPHIEKFBq_KSXZ0S8aUoF2K9qCQeeIdPZ-b28C_gcDTy9wPABRUAqJ5mN30RPUuj4UHFFrPt2zWr0xsd5_jfgRWs8ZxccXpoTMRG2NxhwZ9UptkKV0kcoN6aiW3YMY_dmUA0hd-981_ltUN6l6jXtrHiXI9NQlWC9qqi0REr0MGCQ6vxtRqAD8Z737s7HUx6YGjFSEm1s-wz_bUmbn1P-fDANSeSO1Kbr6xTc1sSAz9vy57kP7F8B-jLnwZoyo-LLpJ16Px7_63K_crU0Q6cteW8rVfej3RcdigaycIYtsG3OlAAK5usMyt-uxH4MCx9ZYru8MxfODgkENLOZTggfRwLxzi86aj11k7kI-6U5jlMwQyePA2ii3m7MXiqVtbVS7X3epNU4Y3tCVyldWqZtwpY1uK9btI3hRsDSedlMvHtbIkLJ2vNQq3r-ohVdQQMUtQ3mmkRvmx0pJBA_tUrl0TcZz27k9D-LR83bSzZx34l2kwzuXX8AbsQZ_0wxqVb4pyM2ihibIK9CFvJ-lcBxHi8uCHsbwmLgmGsRapscMOSCpn0hhWkdDdLJGbIDlI69Pon3Mqbv8cxSU5k9SL0IBQv3kpnDohXwksZyRtmfIEPOGkJOkQLg5oXTwJXYENtKC6SOJjJSxGvrwKk0nQlj4aGzwV-lKD8DJMfwMOaphVLayDrwDAjWcSmD5yDyje6mXaj-RQS5Mq0FXwcQJ4tCs18VWeGRfBl7wT29ctGaPxq-Vu2w_pU_8wj0eUoJGUUE1J1NFayv33dTvpj4Fg_9OktPujibhZ6VqM_ddX6C2oQvNH8gppWOY2UKuWfo5WDIneEr--3xmeYkGjhRRdnS8oJPtGymr16utQD8hkHatksxQxwdH3JmcTYnaJXuwASPHiDxZrTaNdBVDS93-EKSF6eNVWNHAMPVg187ILRkCFDRlqlLs6ullmI0Tik29I4LGZbYQNZjbbW1Lss3w8qvNiGeTpER65X3TKf5uL085sTbxjNmZU4SKEwZE9A5Pc0Ik_2MdT1E-Tg1YgsT6xfGwQ3nYGqb8BCT43eCNPA7-QORZLjPQSlxRqkI3VpYfzwwAvXfMLwzkGSmVTMHsIXFiOyNt3wUX-CkiIM7bWafTThxBXJ1qQTwdzEE2coCKkZbM8RNV6nGJaCczDhK4NA-iCA9rly6lWLvmCpCjFWpJH9EyJ0Qpg8aFwv0DoQ_iwo8xxfFwlKX7Rjt6vyE8WEaoJXcY6jmAQM0ECLfeOMKzVIiKFNkus_xm00-U48JtWCSstxEuIWDvJ5DW2NMhypm9H4fpM-4V3uddtlO5HL6TbS8zDwGE-auTm8jfMnQaP99hGAmu7K5axAlY1O7xjASkuGu0xs9Wzp2O1P8O7Hs1v96HWzl-5XaZnixb4Hfsam0XzegV3iEagV-bhtBq5Rqg39t4UE_dOzdREIq92UGLl0IIsd0--vUgpBXbY2S9xMRCYMw9zo2RxKgCHuTisDKU5ose-ZGfqRd2iWlKu_6SIx6oixemDmL2bdxRjB0uBY6WhpIwTRxUQTN8Japz6xAeErRMUUm_f_05vJpiuhxaHiRBr0xvR-lt15oFKM2O6aupwLK0syBH1JgjFi-Qg-_Nvs-E90v8td79ixwQ7k3xPRP7sBPluTDMWx72THq7CSZFy0U8gRDtFTonU2Y510MIVtxKOL6QCu03MBMVGjrsKFxH7JoMfOL-_AORt3GHLCVw6H5MXEZB6SeJVTwSmLqKI91xp8ENObeN5RlB5Fqdu87nDxguy2E8vq4CP8uCwjUPUg6Ce2UI1lQ5IOuSyHGhfuRt_ScLCvhDghb8v6lLTellZZx5ucKYllnzYKAILZUm9aJkmBSFV3LJ4_EPqh0zEKOuRzjO2eUxRzc_QC7swvtjT31ASOemWFGBra-mgWVThWiHIA20LKZ2wMBCaRF3ioqKLx4yJR3UNRpXKHkF2bQ5XX91nQBR8mN2s5Vv1ZFF8nuF3qCegeGmLVePmicNQREXRfprxBPIYhkizWsH3yT9dt7cSmY8UecZdjAP1j_jUQf7lGhDvnZGbmV_Bv6fWsLTsXC9WON_h2gnvKOmM6N_8pG7WnK-nEaupZ-7srrkb-CIAu7fEQI3oSwO32nxxGNiW6CMvE99OXzgntcTUwrcTByi0F3xEPSAG42xOwST4fbl9QE8BtyPqeaLs27-YJHL-GjWnBPRM_8O0tbMgKDh0lDXVMhzej8mQrdLSc9xZBuFJF7ioSDTKEv3ZOShSm0cHhfI4x-pW-hQDsYA74hEspmWLhC3I1IVQteN3SgmZ0m5bAuVxWJ05U12SfFEcnzqwrtmHRPxIdIDR6uyxM4rSpb4I-59k-8VPixNRwMwltAaccFrYJYNJ0PddbKuy3h2lI_F-rGgGuVa_W2ZaU_eH54mrYhK2n9p7ApWzjMdG88DP7ZQVeALFPHVkeklY4E60RXhxvV6-9ikPCh8vNClQHHmccvDs5gZrw46FzfAtMbJecCVpHbP6SZG7Fdmv5C-yjVdvIunmpiuMTaWGd_lK7I1lH43Lg4LtJZAJEqLv9ItHPEvdlly2fOag8mVMQ_HnrskFM7D9niXhxKXfCUJId-KK41IDVrP-TLiYlwd16qKTtRTbBygd1Wz7IsS5mwnjVnsXF0_pgEBsH9AEPktQzQ8_sslsjhY0JnkKtYHym8YKn3EP2KJaE0jUY91U6Uz10noqZlF4klF-m5pNUMyUZ2xEXZ6sGLnm7JTp9B56RMPfJuRqKs7GbmfLOWlCQi8Bvxn_Dr1jNpOPiOH1Xs6ykJV3Zw06WVdvAQI_ynT6kiAcM_mdvFyjm6J99tpNiW_M1910Oh-kUv8ThlCX0uIUzQyiwJmT_NNvt8l0OM1728fYdq3AS0wCwQ3qzI5GwgtdtrLQHzQHJDMXs-I3qCpaVWxDvVJfYLpTgrTv_KhEFAOhh4plfYAnFdelKyoA8uIhRyDYRJyoRCjRJhGS2C_BMHHBz85syJ9IuO9g7JC-d80ddUpMSoAHqkXPw&cid=CAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 0542 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHirrMYNIs21C3pamo1Dj3zXHioA-w22SZyzMuiUu4RXklQv8zULAnGC7apjp_JMUGRixEtvisjYHngzEUskGZrF-6lfyPzp0qaedVgqvXezH9N5KJXts14zos9V3EqdRcgNfn4K3Be8CkdyTI1sYMCc68HA&cry=1&dbm_d=AKAmf-B4KNXy3uqMSSG4I1eFXQJ81XS36-GMb1hVi4Jg0eVUpBDVJlXL18i8TIhf1RlDdJeBOnVyYXzxwpavj1gWRlbXKgUQPmk91RzZbKe1Qr_wIaK4JuzBRgEd4FC8LD8WRx7UtYv9_q5MQf_01b3FqlgHCDk1y7GdEORxUBqRGyGt8O5gvD9m6OV8do_noh0IApQdx5Y2vajyC1nmohOr1VP2NPXNWYAS4cAv2wCoa8qKh8qIj9wNMnJ4A3Cfl1KI-hENu1_TwEPIyWFSl2AwTaZ99_aCqfzeC5xaiqDGDaqJpT8YocqdgTGHjchXInGrrletWfvfNNZpCSCms02twedX0hNDKVLi7GjABsrmpclwE0_NoU6Qz9FvpPixcAY_ywEfWidlSdJxQjE4HFsgaF_DjA0DAy7n7sUGS6iP4mXA0hpJGVPi_4oqyndO3FVf8J32sQn_tjKlK0IDK6QD7gAk7Ve36QSGktSmAq4gE-S5QSSFRlyplFRivze3E7p-np7xoVyYzDgDiiMEd6-eKpzWVpiaKulGb_FsnHn2EmEknhY9_JwcXxO7ojAAMHzBKoMfhZ94s9StRvRD9DoWdgHkIY73mTe4egf2YKj5PT7D5Gza_i-4YnT1ox6FRJ3JteX0GlhLQGZTgK9wBK4LEVzVeDKSZcPW7R1bK83wcid8fL26nXkKTZ_ZUnThvWwJhARCnRuRRlB6FH3HHHZO3Qwp9CYJXKLXhG3_x2H7TFqF50gSdCqwgzaXmM1ar3xnrzgG8q8V_uWMgsUOKRW575QN-z4_g3WAh8VNcsk6shxrhXe-bt0ehEsQf2kvKvQ9CsM6K4cVdzSj4sOOkREghdjQGLGImUAK19JLLdIx7Y8AkZVG7en4eAgaRFdmBByN2XCzhBCR6eiJs_t_y-u0A4G9heRlJ1Y3XT3HeGYGL9bZGVzhx9H15hA2etvrO6Ees3-rRM0y9DQBhgXtVSwdp1TgC8DAbAZAlS6SMng8xMNPJ4Nsj6V_40fICj1hfN55KMgYpRo51sFvpTeuKcb1irIEXUw3Y77Q3oAky_9l4GyUnBAzJi-bqwCyJ8EUNWV-APh-YV6q09qk0fH-YM57-ZNo1MihPOQgY-vO8KOg71VTExjC554H05PyqWGgNeYT0uy9HXVjecTeRson94Tjeky2MXL1Ud8MfWUTnFXDTVe9jAHpAkIzRIopZmoB1At0GLGDQ9_jLL88KZVTGz409sqEeo6XF3GEO1IxlFh3iEvaeDvSm1q-hOQSnX566OAabI7MbLApmNIja5BbhbeMoG4rl93zof-u6qIp2wfmu7u4yW-CIwC1k1c0rPCBW9lgRiFM5ZzgFmcKT2eVGB_72c7f1HyZ2Ahb3OjqH8aI3vD_FInmQYIvojxCngyAIOXBDodU7gyFBlLmpL8489P2qrHSFlRnIQesxs3398S53O9XIFGhE3M0CAiUHjCtHP8RasOZLyZDFOUBg8xGK_1QWGduFIlgt9xFZnYn2K5yv8BZ_STaTj7HlAAhT-9_I4G836Ny9TYqcIArQu3rEkYIdCsBIC5RQVJ47SmMwgsZoUqEXVS37Ggm9YINMX56J8P-1zl200A32bHm7yaFQhr0Tc_69qkQHTOg8VnZ4KFsvAkHzBxoyBoigO-Xuw2J2uJtWZSbzMlq8wX2MOFtd9WdJoad0FgjKLrVmdFczAnnSeft6yMUE7HziH5yBLoJs19lWYUjbnMJA0mOvjpBjo_DTMa4nc80gMkkSibHsvtGX5oo7todbrzGfLN0EzIBagpb0D93OO9-9I0z4vrCpElVtj2zrq9TMlNL-lkAmBJZ6pt-FbG-tFnJMMSvL9x9-E9yRolQEuiNFKshkkuEa5JHEl-K8SzXFuxlL6qtKQMloAeFrpjDbom-BuZJbYHaUGBI2c9YnspMd53yI970IWskiZt0qkABm9n0ZNeQCR6509NHKCHXchr23508oyUlC3x3Mqjx993v2FJCIAE3JGYpD2sYnIDj1GklFZ33uADUH20jBndGA1b5gROBwGZ5AJtGp_x_Sw_JdHKMoY2tN6M9gM0VWdN2ILbtlMuwCVlZLl7NlrnbElUoTQFKRlk2zaTM7CKX_M2fOXjeQnbjw_fcf6NDgLeOG90fPQ0vGKmeoaTjISbpwBeftzipebi10zNludWo8MmvDS3vrJLhQC9vKHvQxmB9Y16zdSStJYwYsMXBTJrAwf72srMebIdX4QWbGb8fJOfIgCWh7uFq8Sv5iM8969HhNaPZ_lvfAn-um5BMQKtGmC1semBvKwPBAGXJRJTimKnJ1XNq1Yx93gYeAxvELOfn1Db1MkER4NlCEnA-WLWyYl-RcMxP8ZX8cDXDoaz6R1zUfP2_uw_BqcM8hPvG6IU7lVWQezrCcdsonMqZGBSksXIoV4Qdeg6ABzH9IGcs-Z7oy0MyP0PaPp-57J6JRo_N7vLZltZWO7EeEsCbT5bMwopT9vH2Nn37WusXRVc5PtVvCK5S4mBcqWMkhDP1rpKErOxw84ZZNXbKjTBYCfT0c7olUPLqSrT8TLq4Vb-_Ov6pR4I83jxqNeokWDgleRh-mwsX3KwuEeW5zg3GnUPcHJmqbtRdfnpi4o8Xq5OzY2zEGnia9Wrvk2v9EvtRPjrTzjGdkuxv9p4tK95c8khyBfvjSdJgmVOYAVMNrKHOcr96qDmV3qhy7bhhYxihYBTZdHQioUB0lnBCg4B-MoD2XMjwxETGzbsUTQ_zvi55XnnC2hjRS2OTCJ976UhYSsGCRDfPZypey-fYDx-kz5kN5UI4zcI2ZMHTQttzPQ_r81dnbL9PjwgnbtaPGCqsnSP38_XyeCw4FrXmsS3Q1Q2f3Xxoadg7Ouhzvsfmuru_L9XAMYu-ZXstmhEJ0DQs320_kpRA5HQ-zQCjAKCOfmRPTruxbTmDWreD4xy6nyIl1xAVkYnKNi1fpFrQ3Nwhct_cnbXoLyZwXP7bE0C1tygzOI2UsMijDmRbWiIbF_lcLNSjrnxHxqdxtALfLxY5CzDj0nFnIJNr3fTjaGXmX1aRwACAcxbs8zBG07yNVHXQdbeDJMiWtwhhtp-iLmTzuG2l2NwGIogexyyVBm0gFRffFlmwy7saWCG5iVUEPvzdCKnU8Ik9Kfg-MtZ5LY4maCEs1S7F2GNDRZuUYRp7TuFyNkpME7Qf4IIZ8nb9cSVsvaeD_0WTqQRBJQ6acO8ntHl9Av92AiqkPqKU3TFse5qNB-pAU2hCX_0-E6YR4UtLuXDB&cid=CAASKORoQFzR1mKDD8elzTY_Pm3y3p_IU98S9y-57urRMpaLNSnaWd2SPrg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:35:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0542 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHirrMYNIs21C3pamo1Dj3zXHioA-w22SZyzMuiUu4RXklQv8zULAnGC7apjp_JMUGRixEtvisjYHngzEUskGZrF-6lfyPzp0qaedVgqvXezH9N5KJXts14zos9V3EqdRcgNfn4K3Be8CkdyTI1sYMCc68HA&cry=1&dbm_d=AKAmf-B4KNXy3uqMSSG4I1eFXQJ81XS36-GMb1hVi4Jg0eVUpBDVJlXL18i8TIhf1RlDdJeBOnVyYXzxwpavj1gWRlbXKgUQPmk91RzZbKe1Qr_wIaK4JuzBRgEd4FC8LD8WRx7UtYv9_q5MQf_01b3FqlgHCDk1y7GdEORxUBqRGyGt8O5gvD9m6OV8do_noh0IApQdx5Y2vajyC1nmohOr1VP2NPXNWYAS4cAv2wCoa8qKh8qIj9wNMnJ4A3Cfl1KI-hENu1_TwEPIyWFSl2AwTaZ99_aCqfzeC5xaiqDGDaqJpT8YocqdgTGHjchXInGrrletWfvfNNZpCSCms02twedX0hNDKVLi7GjABsrmpclwE0_NoU6Qz9FvpPixcAY_ywEfWidlSdJxQjE4HFsgaF_DjA0DAy7n7sUGS6iP4mXA0hpJGVPi_4oqyndO3FVf8J32sQn_tjKlK0IDK6QD7gAk7Ve36QSGktSmAq4gE-S5QSSFRlyplFRivze3E7p-np7xoVyYzDgDiiMEd6-eKpzWVpiaKulGb_FsnHn2EmEknhY9_JwcXxO7ojAAMHzBKoMfhZ94s9StRvRD9DoWdgHkIY73mTe4egf2YKj5PT7D5Gza_i-4YnT1ox6FRJ3JteX0GlhLQGZTgK9wBK4LEVzVeDKSZcPW7R1bK83wcid8fL26nXkKTZ_ZUnThvWwJhARCnRuRRlB6FH3HHHZO3Qwp9CYJXKLXhG3_x2H7TFqF50gSdCqwgzaXmM1ar3xnrzgG8q8V_uWMgsUOKRW575QN-z4_g3WAh8VNcsk6shxrhXe-bt0ehEsQf2kvKvQ9CsM6K4cVdzSj4sOOkREghdjQGLGImUAK19JLLdIx7Y8AkZVG7en4eAgaRFdmBByN2XCzhBCR6eiJs_t_y-u0A4G9heRlJ1Y3XT3HeGYGL9bZGVzhx9H15hA2etvrO6Ees3-rRM0y9DQBhgXtVSwdp1TgC8DAbAZAlS6SMng8xMNPJ4Nsj6V_40fICj1hfN55KMgYpRo51sFvpTeuKcb1irIEXUw3Y77Q3oAky_9l4GyUnBAzJi-bqwCyJ8EUNWV-APh-YV6q09qk0fH-YM57-ZNo1MihPOQgY-vO8KOg71VTExjC554H05PyqWGgNeYT0uy9HXVjecTeRson94Tjeky2MXL1Ud8MfWUTnFXDTVe9jAHpAkIzRIopZmoB1At0GLGDQ9_jLL88KZVTGz409sqEeo6XF3GEO1IxlFh3iEvaeDvSm1q-hOQSnX566OAabI7MbLApmNIja5BbhbeMoG4rl93zof-u6qIp2wfmu7u4yW-CIwC1k1c0rPCBW9lgRiFM5ZzgFmcKT2eVGB_72c7f1HyZ2Ahb3OjqH8aI3vD_FInmQYIvojxCngyAIOXBDodU7gyFBlLmpL8489P2qrHSFlRnIQesxs3398S53O9XIFGhE3M0CAiUHjCtHP8RasOZLyZDFOUBg8xGK_1QWGduFIlgt9xFZnYn2K5yv8BZ_STaTj7HlAAhT-9_I4G836Ny9TYqcIArQu3rEkYIdCsBIC5RQVJ47SmMwgsZoUqEXVS37Ggm9YINMX56J8P-1zl200A32bHm7yaFQhr0Tc_69qkQHTOg8VnZ4KFsvAkHzBxoyBoigO-Xuw2J2uJtWZSbzMlq8wX2MOFtd9WdJoad0FgjKLrVmdFczAnnSeft6yMUE7HziH5yBLoJs19lWYUjbnMJA0mOvjpBjo_DTMa4nc80gMkkSibHsvtGX5oo7todbrzGfLN0EzIBagpb0D93OO9-9I0z4vrCpElVtj2zrq9TMlNL-lkAmBJZ6pt-FbG-tFnJMMSvL9x9-E9yRolQEuiNFKshkkuEa5JHEl-K8SzXFuxlL6qtKQMloAeFrpjDbom-BuZJbYHaUGBI2c9YnspMd53yI970IWskiZt0qkABm9n0ZNeQCR6509NHKCHXchr23508oyUlC3x3Mqjx993v2FJCIAE3JGYpD2sYnIDj1GklFZ33uADUH20jBndGA1b5gROBwGZ5AJtGp_x_Sw_JdHKMoY2tN6M9gM0VWdN2ILbtlMuwCVlZLl7NlrnbElUoTQFKRlk2zaTM7CKX_M2fOXjeQnbjw_fcf6NDgLeOG90fPQ0vGKmeoaTjISbpwBeftzipebi10zNludWo8MmvDS3vrJLhQC9vKHvQxmB9Y16zdSStJYwYsMXBTJrAwf72srMebIdX4QWbGb8fJOfIgCWh7uFq8Sv5iM8969HhNaPZ_lvfAn-um5BMQKtGmC1semBvKwPBAGXJRJTimKnJ1XNq1Yx93gYeAxvELOfn1Db1MkER4NlCEnA-WLWyYl-RcMxP8ZX8cDXDoaz6R1zUfP2_uw_BqcM8hPvG6IU7lVWQezrCcdsonMqZGBSksXIoV4Qdeg6ABzH9IGcs-Z7oy0MyP0PaPp-57J6JRo_N7vLZltZWO7EeEsCbT5bMwopT9vH2Nn37WusXRVc5PtVvCK5S4mBcqWMkhDP1rpKErOxw84ZZNXbKjTBYCfT0c7olUPLqSrT8TLq4Vb-_Ov6pR4I83jxqNeokWDgleRh-mwsX3KwuEeW5zg3GnUPcHJmqbtRdfnpi4o8Xq5OzY2zEGnia9Wrvk2v9EvtRPjrTzjGdkuxv9p4tK95c8khyBfvjSdJgmVOYAVMNrKHOcr96qDmV3qhy7bhhYxihYBTZdHQioUB0lnBCg4B-MoD2XMjwxETGzbsUTQ_zvi55XnnC2hjRS2OTCJ976UhYSsGCRDfPZypey-fYDx-kz5kN5UI4zcI2ZMHTQttzPQ_r81dnbL9PjwgnbtaPGCqsnSP38_XyeCw4FrXmsS3Q1Q2f3Xxoadg7Ouhzvsfmuru_L9XAMYu-ZXstmhEJ0DQs320_kpRA5HQ-zQCjAKCOfmRPTruxbTmDWreD4xy6nyIl1xAVkYnKNi1fpFrQ3Nwhct_cnbXoLyZwXP7bE0C1tygzOI2UsMijDmRbWiIbF_lcLNSjrnxHxqdxtALfLxY5CzDj0nFnIJNr3fTjaGXmX1aRwACAcxbs8zBG07yNVHXQdbeDJMiWtwhhtp-iLmTzuG2l2NwGIogexyyVBm0gFRffFlmwy7saWCG5iVUEPvzdCKnU8Ik9Kfg-MtZ5LY4maCEs1S7F2GNDRZuUYRp7TuFyNkpME7Qf4IIZ8nb9cSVsvaeD_0WTqQRBJQ6acO8ntHl9Av92AiqkPqKU3TFse5qNB-pAU2hCX_0-E6YR4UtLuXDB&cid=CAASKORoQFzR1mKDD8elzTY_Pm3y3p_IU98S9y-57urRMpaLNSnaWd2SPrg&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 07CC 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nets4.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
403812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:30 GMT
truncated
/ Frame 85CC 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ff82d7d56a120e8d1a4a9c51ceb6ed24b949e854871799cc5ca09c9b1bc43c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022031501.js
securepubads.g.doubleclick.net/gpt/ Frame 07CC 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 14:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76625
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126660
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 08:35:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 20 Mar 2023 14:23:37 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CE28 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1013485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvfDUGulGz51ZSjuLkOK3ByiS0DFS7Opt6jfbEdy5qOvk6j6Z2GtV%2FNGHEbh3Gz2IlQ64S9jK%2BOWOEDc3ZUdxjrcblciUBFARc52QukspJq1QySI4cEIDC0USb%2BFgNwNQ8C5MwLUTfu76HlOLwJxqjas"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef66a0c9e2d9a2a-FRA
expires
Sat, 11 Mar 2023 11:40:42 GMT
animejs.js
static.criteo.net/animejs/ Frame CE28 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
3d1b6b7246e84d418b3ffe1f6151168b_cpn_728x90_1.jpeg
static.criteo.net/design/dt/1895/220318/ Frame CE28 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/1895/220318/3d1b6b7246e84d418b3ffe1f6151168b_cpn_728x90_1.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b0bc751d13f743f19e86cb66cf1918029bb4b5a2a70a673a4ef509d85d6b8600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Fri, 18 Mar 2022 12:41:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62347dea-f4c6"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
62662
expires
Thu, 16 Mar 2023 11:40:42 GMT
img
pix.eu.criteo.net/img/ Frame CE28 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=1895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1895%2F181017%2Fa165609b423c4c0c8975927ff1343dbb_logo_n_horizontal_3.png&v=3&w=256&s=SB2dAK10PUdfxhq5l7-kIXy_
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e6a93f480cbf33a2e016fd777ca2e7a0944773d2f1d3874b1a44765794a84d19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28486261
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16450
expires
Tue, 14 Feb 2023 04:31:44 GMT
img
pix.eu.criteo.net/img/ Frame CE28 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=1895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1895%2F220121%2F72ba830e1aed4a46a9269e640b56bfab_img_horizontal_1.png&v=3&w=1200&s=xGT4xEOPQHPnR3vq9jIAU2lv
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2ff65b0600fe7250809e82ea0c84552439ab72f585bf50a814698cbcd0db7d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28665414
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
140498
expires
Thu, 16 Feb 2023 06:17:36 GMT
img
pix.eu.criteo.net/img/ Frame CE28 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21wsum_t0776_pnk.jpg&v=3&w=400&s=0udgcnN9EHtxkNFQ-iqRVd92&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fd194a0e52340c8689348e10a12e93bdc46d1502861db24c4d55b97a74444218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=43239
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12836
expires
Mon, 21 Mar 2022 23:41:21 GMT
img
pix.eu.criteo.net/img/ Frame CE28 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21gwin_g3034_nav.jpg&v=3&w=400&s=02O96S_dXjCyWMSYDS5YFkIA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
06d6cc041b35c0dfe98da96288ff01642e217ed8642154f8e15bc727234160cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=23337
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6954
expires
Mon, 21 Mar 2022 18:09:40 GMT
img
pix.eu.criteo.net/img/ Frame CE28 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22uspr_y1897_red.jpg&v=3&w=400&s=Xej3hsJHKvsFYEplIKxZv6B6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fbea3a849eb5eb451604cb7ce1b603b968f8de6d5283b7751daa3c5c016bcfb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=123291
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13994
expires
Tue, 22 Mar 2022 21:55:33 GMT
img
pix.eu.criteo.net/img/ Frame CE28 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21bwin_b1643_mbl.jpg&v=3&w=400&s=q1Jn9T2cfokjGWVqNcMz0s0o&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f78b02cd5cee4e5290d252d8e4828c3030aa149bf92b21d5a6436f13c38cf01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=157940
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12556
expires
Wed, 23 Mar 2022 07:33:02 GMT
img
pix.eu.criteo.net/img/ Frame CE28 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21gaut_c0928_mul.jpg&v=3&w=400&s=TnmH_bO4dAGhPGZe5ZHpsf1b&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
872db65edd71fe352f99ee191b3d101e34d61af2f3d96311d5d49611db3f3bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=26992
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11198
expires
Mon, 21 Mar 2022 19:10:35 GMT
all
csm.eu.criteo.net/ Frame CE28 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=kf04-QD9Bd55eWhlgdeuus3KUHXJC8bGdfDcFKYbZm7TSMl_mfatVi36wUbgaO-MvdCfqJzlysyv5O0ecVO-MIMeKJah0tVKUCFjVKGUXvZNh7THwwG7AnnISjo7Fa6Jr96QEwy3_AE3_-qShzCjEumvV4Fx2HByW6DYlfCUjcYaYWfn2w---v67BipMHD2ls-4hrK5wsBEKmnfjp97Y1EyyKgWmZbFSflXHZa8PmSm0ElGKMDX5YGlUhefdfW8zTemz-A&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 21 Mar 2022 11:40:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CE28 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CE28 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAG4b0K5V5VAAZqP6HVlLU1ah0H-uS8qw&u=%7CTAzgGim0f452DSD8c8M%2BeGsv%2BAtfb2pPOTFgpl5cZuk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJg1Ra2BVSzq9frrBeCbL7PBZaC0ZkYyzCR_VZA_l_5bLJQcr9OtgwCDhMtaAz9YDDgxTMbTT2JV4NKZg1kkxNe-c9d0szhexx5OF4lFfI1JC3yOkS9pXzL16qcNnKxLG_xNgRQ5U7_MCnux2rkqXcuR8gUufv4fCKXv7myfYNPqS7-InBtYwcO2bOM80ws106biXNrkIKDTJIn8QozTz3BAAhM1dpyPh_905y0tgeu-NmeNq-cpHRGfI1pfE6rKgQU7PU6-82xhVVs6sjKn85gvaUuQQ5iWEBcmr4LMvhWBMLuHAw-mPc-RYOGGUgX4KKrAUOe_ScfYzJFONg0D6F8nHX9rLWaRy80BaVB-kU8Gx1xEuB5TSfUDMyUz3yCGFd&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuiUhOWQ4Yr3DG9W8lQe_1JnYCsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTQxMzMyOTU0NDA0MDk0N6AB1bbS6gPIAQmpAjuymMe0jLI-4AIAqAMBqgTAAk_QWXqNMsgJLuEyppcPNcrKV7R6oJAzBXWuTOkqrS-coypjVbxmiwBcgkncgt47l1cquew9cy8J2pTCSolZYa-R48x6GuUyIt2srqJi7bZxlawmwkYwX0Pl9N-rIrX7aJSVmDwwzHgQWONX4zBSpuI_OI7YIkIBsWXqyfEQq5bHg1tDLKdsdF160deIvq3ncR2wLuUrD0yYBr26DO6H87DKdU9dKNDIliu89DfW0K9PtjbGNtlU45LoOshWxc3Noz2pJ1HCCWli5jhO76srrFktXOyjg1QWoph8zdaot2IZKpqdj47oPyJh20brZnTo7v2lsjvfzJk2Gv2Dbf_cbt9o-3ROu7u-TNX5auBNQAsdQKahlCJGVPXuE2J6qe6qUufBrWVSU-7KeSdoR9z5tImTiyyhp_wa1ujhUF7EYDmf4AQBgAac0sW996P-yMIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ouvxf-_lPd4PrcaFjBdmv9e9jVA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BF8B 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4964deabbe43777aca99c7e19c2908ab9b14723b346a22aa42ed06830bce2635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27829
x-xss-protection
0
server
sffe
etag
"1164 / 671 of 1000 / last-modified: 1647861046"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 21 Mar 2022 11:40:42 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D9E9 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1013485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhYzxH93RYO5XZVG0F4F4CNAMUVxrdDGPLtMH0k8zRUQ9IFZ5WmNMLrNtJIL0QAGjb4A4AVKFKtOQtthAYjGAhwswtMVprwsarcQDeSIL9Zf1O8NtEu%2FRELBYxjdqmk1Lg78uobmu2OuHaSUlM%2BRQmOp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ef66a0ceea69a2a-FRA
expires
Sat, 11 Mar 2023 11:40:42 GMT
animejs.js
static.criteo.net/animejs/ Frame D9E9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
3d1b6b7246e84d418b3ffe1f6151168b_cpn_728x90_1.jpeg
static.criteo.net/design/dt/1895/220318/ Frame D9E9 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/1895/220318/3d1b6b7246e84d418b3ffe1f6151168b_cpn_728x90_1.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b0bc751d13f743f19e86cb66cf1918029bb4b5a2a70a673a4ef509d85d6b8600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Fri, 18 Mar 2022 12:41:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62347dea-f4c6"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
62662
expires
Thu, 16 Mar 2023 11:40:42 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=1895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1895%2F181017%2Fa165609b423c4c0c8975927ff1343dbb_logo_n_horizontal_3.png&v=3&w=256&s=SB2dAK10PUdfxhq5l7-kIXy_
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e6a93f480cbf33a2e016fd777ca2e7a0944773d2f1d3874b1a44765794a84d19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28486261
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16450
expires
Tue, 14 Feb 2023 04:31:44 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=1895&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1895%2F220121%2F72ba830e1aed4a46a9269e640b56bfab_img_horizontal_1.png&v=3&w=1200&s=xGT4xEOPQHPnR3vq9jIAU2lv
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2ff65b0600fe7250809e82ea0c84552439ab72f585bf50a814698cbcd0db7d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28665414
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
140498
expires
Thu, 16 Feb 2023 06:17:36 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_j0889_sag.jpg&v=3&w=400&s=V3d76hhCRDaa5rd1RRnh6LhJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c6d84a42a2574f25cc71b9daf2e223d02da455b36438aac048e7430354f95de6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=163970
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12806
expires
Wed, 23 Mar 2022 09:13:32 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wsum_s0199_mag.jpg&v=3&w=400&s=vt6vXBmEu0uu0rZ7WW3k8iS1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9f64ac05d9de5d35a6a2d0ae82ba2f8c1454fb6b36d22461ebbaa538fa1b950d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=147249
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
20204
expires
Wed, 23 Mar 2022 04:34:52 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wsum_d0139_bue.jpg&v=3&w=400&s=4cYLGQJAIRtI9nNuJwofWD2H&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d621d2bafec0ddf24ffe8be838e7269db6944811d1f977d09c09b2c1b3b1e76d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=164135
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16220
expires
Wed, 23 Mar 2022 09:16:16 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_j0849_nav.jpg&v=3&w=400&s=i4KJdGBLcaljcWBQ8QJeqB7N&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8af85e8f32dd701c3dae3bbaa0fd3d1de702780059d4d07f84203e1f2d781385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=110512
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10456
expires
Tue, 22 Mar 2022 18:22:35 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_d0094_mpt.jpg&v=3&w=400&s=RB5BnwHQSgNFdJ12iB93lpMv&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
866075e9f9540d3fbc1af75076631d86c71404b40ce5252d4e5085b0d9964e5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=147303
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
32168
expires
Wed, 23 Mar 2022 04:35:44 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_d0077_nvy.jpg&v=3&w=400&s=-JeM4R8I2otkkbmwbobi1Upz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f11fff9e7d7a19d85f2460b2b094ce472e6117411ce763d8429d237eb85de21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=77367
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19688
expires
Tue, 22 Mar 2022 09:10:09 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_w0705_nvy.jpg&v=3&w=400&s=PpzqRSwtRdRvEg2pg3OlY3f3&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
59b1cf1bf839e1f80a40ac0bcbf54f1edc79d6bbc0af4b96a97daa507bc77432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28766
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14908
expires
Mon, 21 Mar 2022 19:40:09 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_j0498_usa.jpg&v=3&w=400&s=c3TDZ6mjuPnoKbpNqTyQW5dd&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a4f6236d1fa4c95d4ec446fc7200e1997a0764ceb1cf27264c208ca25ddc7025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:40 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=77351
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16732
expires
Tue, 22 Mar 2022 09:09:52 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21wxms_d0059_nvy.jpg&v=3&w=400&s=jcAcL-AZkIuWlgWjQJ3RfA_S&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
dd26eb1d09b3d47113a5e19f5105444a87d32facaabb7966faffd2fcca417695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=170301
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
22196
expires
Wed, 23 Mar 2022 10:59:04 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21waut_j0851_ivo.jpg&v=3&w=400&s=7-JnToQEMsatDQ-rMCGRun5K&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9dae37b207226c0acff5993099a617e19d737ba27eddd7d15ea97f0a6d23dab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=61100
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
18336
expires
Tue, 22 Mar 2022 04:39:02 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21gxms_g2998_yel.jpg&v=3&w=400&s=sGSHwq3t8Sl06auG5E8pbiY-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
43f9404d1c54b94c7b75fa0be7cfad2fbb01ad9af84c21a40a7accdc38c959b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=92224
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12580
expires
Tue, 22 Mar 2022 13:17:46 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22gspr_g2976_pnk.jpg&v=3&w=400&s=dupFbyMwXp1DOfexwCVO014Z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f3811661ae9084101dd990b6900dcb9a18e2d1edd1bf71a5941cc3bc26021e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=147249
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
18806
expires
Wed, 23 Mar 2022 04:34:52 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_r0103_lgy.jpg&v=3&w=400&s=q6Bvx5ONUbIBZbU0ZuUvf6Oy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a942bb9cf114959e0102a1ed5adef054d4b06ddff5980a4bd8414165bd5457d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=165825
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12958
expires
Wed, 23 Mar 2022 09:44:27 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F21gaut_g3275_nav.jpg&v=3&w=400&s=lLmTaSGd_LZOAqcPKpyx8isq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f0bd31b71a040ff2e49359179fc7c35db64d750e75d5e23e1534da255f64136e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=147432
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6800
expires
Wed, 23 Mar 2022 04:37:54 GMT
img
pix.eu.criteo.net/img/ Frame D9E9 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1895&q=80&r=0&u=https%3A%2F%2Fwww.bodenimages.com%2Fproductimages%2Fproductlarge%2F22wspr_t0909_chm.jpg&v=3&w=400&s=yeQdH2mIxUpNwGMQixdyKdep&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
83dda045a82007d863e18a06f7c4fad7267bad1ecdcd62052cb93cce59fc5bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:41 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=81626
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
16702
expires
Tue, 22 Mar 2022 10:21:08 GMT
all
csm.eu.criteo.net/ Frame D9E9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AqGnfgD9Bd55eWhlxVDDVPxPP6ifZ25abUy4mN7S3TSX3rCncR7ZxqRb-eyGB6yg-_HbRrIsMwEnhPnVOaneBxP3cBqml7ULiFn3-kmaDpZ5Ep8_Hp47t92oQollYsD5IliAjJmcZyVk3Q4WieIAHPl8SOsksyJU3InXIUZWvGeEhnVRTLYOeP_tpO0Ek1DoMUBE5klnIsUEwnOkI79gLtCbMBgTHw8TSeJ2aNY6jJAQzIfFr3qDKx8S_KvNCGao8ClXCw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 21 Mar 2022 11:40:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D9E9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D9E9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:42 GMT
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame 1EAE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtgveOWQ4YuKPGLHC7_UPlP6f8A-1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAjuymMe0jLI-qAMBqgTWAU_QzLZGZd2ILP8wV2JQTrID-e8cF09TjjAimWOce_ivLjtUlaDgCl6107zsGIyDyAnn4Sz3wX0QslVV3OinCq0UM5c5WF0XqayqMFVH33W9ydtFHIHG9ox7LwcgE89FtWysUzCmtZhuxsmm8X_LvvwyX0nm9NVuOx8TAwPq2f20_2dot8gAq5j7pmBbRXNX4miw6ro_-04U0n4rx_at-ZZRUYqXP4uU8UFZrGlXOr3EeajnHIaI9dc_v466OVW4rcEEt4_8vtKw1-yBrBzGTbODBaVax7LABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ%26sig%3DAOD64_196IRrviFX587nFfMdfNVbkavzTA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ChdBP9JUVMkmg8Vgw_oA_bqEyUV4_0qidm-vu6kOq2TRMZ6bTGwuBl0e_CjqE7qGEaA9JQUuizvq2JCd9Jup-8mbo129ZQZbHI5UAIZOOrGQEM9nbaouN-5OaE-M_LlTiSFK9yYaGUlpmiIkzrg3lx3tn3EA%26cry%3D1%26dbm_d%3DAKAmf-AdpWTAi2bdbGvOx-eC8PoI7Kzi9MV7H8szBi9EIeZiGwxluE03KyEAzTCw1lFaCRiH7eNv_OF-h4ZIOaxqyaN02DllsusSlZTcCxCZpet4X52rObeFMf3A6cHBme_EieXSl66bn0jfeUHUK-armYbfeC6wfhN1tEO1t06H_kdiy_uzJVmhn-lzJbWR0h4oeKwX8mrVmIsBe7MScp30qU-0zV_HtXc93OhotjAooQMVM8m8ax8GcpxwWM9R4BhB2QE-JWFg6HDGGoXhceexAoDosqzDBy7ogpMtPuWIvQPOr0c8Umv0JBFC-Tsa45tyAN4B7hoU3BCUu0r5ynGHPHoOe7ij9fARAPQSujQK-0vnZXC9mLoxPtDcpX8n2UoBz6gDfqOpkeg-InEMb-YbklPG8VgoPl6RbLed9QfA4WFCjDqIBXD5imrfRISr8ts8A1_7MzXSKgH17vySQGp9c9LIvhfcww%26adurl%3D
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7f52c1a6ea2c51d53378bc1b1d6d31807e1204f88b40524b7f24f6803d667cc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3947
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
banner
ad13.adfarm1.adition.com/ Frame 0542 		569 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/banner?sid=4285696&adjsver=3&fvers=&iframe=1&ref=https%3A//nets4.com/&ro=https%3A//5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html%3Fn%3D1&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/99.0.4844.51%20Safari/537.36&os=17&browser=11&userid=0&kid=2958451&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3tpmOWQ4YrX5II%5FO7%5FUPut2TmAe1kNfhaLzw%5FrzQD%5FAuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI%2DqAMBqgTSAU%5FQ5B0YKZZYjvqXXKYO%2DqGomfe%2DIxHOhCmN%5Fw5PHwRXArO3WbItYU46utGn2OoXOvVR87xToa0NujV%2DqKftcY9EuNCJbYnPIGyMun1YPtZjNhtmYR3BUrkL5OwJhvFTetoObdo1hZ8Blp53E15lxIoYh8saPUEyykWIpqCan2J8BMmXh6MF8e2sZG%2DuLmphwuL%5F48NdXVuR2b8S8Tar1JzllOV8q5oezQ9G5FBAJ2hWeo3if6BFo%5FQB6IVNbEsGA5AXdoysR%2DB%2D8fV0Vh0Fmn1PI8AE%5FOTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3a%2DxDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORoQFzR1mKDD8elzTY%5FPm3y3p%5FIU98S9y%2D57urRMpaLNSnaWd2SPrg%26sig%3DAOD64%5F2TuWwiWuX7q22UWo320mhHVJqSZg%26client%3Dca%2Dpub%2D4903453974745530%26dbm%5Fc%3DAKAmf%2DC2te9BeVwwFobeT%2DexLdUK1ny2kw%5F3fprgPqaCFnf%5FICYP3Fhen710pCknlr19s%2DLJZo9M%2D6%2Dqmc2ygX78kmOkfRLMZYK%2Dd%2DC6lYPT%5FOSM9GhFn0qfNGz85aEnsJQ8Warm7bUh3%5FZSSKbCudyUqtcUmABfHA%26cry%3D1%26dbm%5Fd%3DAKAmf%2DC6lbkDA8GOU5u8hBgw16XwbgRxYZxaxK94dfcWt71BXVUbbcl52%2DxaEEGWg1raXZDgcuPZZbUVS%5Fw5SUE2mJfFDgyhvir4c1SJ5tDIVgoxMmnHANIp9OzC4GoP4lM9lqRxjfkL0%5FyUytX%5Fia2yuDgsxz%2D7S8NlBPuc1WwrN%5F%5FQLsS7CzmbnldSvH7X6mR5fcv9Ab%5FMX1oQUhfgX%5F%5F1EVWu6uf%5F8y32lXdcJxHYmW4yVyroBjtbOnjAgevgoe2bwQj%2DCUMRozROFbqNC1oYT%5F8Fd7JYyti9eYdbfozcwFHnlXHP%2DkAcPWfAdBoVfLVYqm%2D89Cm7ofO2o0JGsFWPNCl3w9odZOCHTSjy51DLKvuj2dyri%2DavEeCLeEzzutF0coPe1BVTZcZ2SvzdVc%5FKh4E6raaGTaia%2DdWoCzoDd6sGNOYfSrB85ou6dPmZALkcYDgAjgQIBdm8rR4qOP6mlT4Vbc3%5F6g%26adurl%3D
Requested by
Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4285696&gdpr=&gdpr_consent=&kid=2958451&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC3tpmOWQ4YrX5II_O7_UPut2TmAe1kNfhaLzw_rzQD_AuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTSAU_Q5B0YKZZYjvqXXKYO-qGomfe-IxHOhCmN_w5PHwRXArO3WbItYU46utGn2OoXOvVR87xToa0NujV-qKftcY9EuNCJbYnPIGyMun1YPtZjNhtmYR3BUrkL5OwJhvFTetoObdo1hZ8Blp53E15lxIoYh8saPUEyykWIpqCan2J8BMmXh6MF8e2sZG-uLmphwuL_48NdXVuR2b8S8Tar1JzllOV8q5oezQ9G5FBAJ2hWeo3if6BFo_QB6IVNbEsGA5AXdoysR-B-8fV0Vh0Fmn1PI8AE_OTPmNIC4AQDkAYBoAZNgAesqMu9AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3a-xDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASKORoQFzR1mKDD8elzTY_Pm3y3p_IU98S9y-57urRMpaLNSnaWd2SPrg%26sig%3DAOD64_2TuWwiWuX7q22UWo320mhHVJqSZg%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C2te9BeVwwFobeT-exLdUK1ny2kw_3fprgPqaCFnf_ICYP3Fhen710pCknlr19s-LJZo9M-6-qmc2ygX78kmOkfRLMZYK-d-C6lYPT_OSM9GhFn0qfNGz85aEnsJQ8Warm7bUh3_ZSSKbCudyUqtcUmABfHA%26cry%3D1%26dbm_d%3DAKAmf-C6lbkDA8GOU5u8hBgw16XwbgRxYZxaxK94dfcWt71BXVUbbcl52-xaEEGWg1raXZDgcuPZZbUVS_w5SUE2mJfFDgyhvir4c1SJ5tDIVgoxMmnHANIp9OzC4GoP4lM9lqRxjfkL0_yUytX_ia2yuDgsxz-7S8NlBPuc1WwrN__QLsS7CzmbnldSvH7X6mR5fcv9Ab_MX1oQUhfgX__1EVWu6uf_8y32lXdcJxHYmW4yVyroBjtbOnjAgevgoe2bwQj-CUMRozROFbqNC1oYT_8Fd7JYyti9eYdbfozcwFHnlXHP-kAcPWfAdBoVfLVYqm-89Cm7ofO2o0JGsFWPNCl3w9odZOCHTSjy51DLKvuj2dyri-avEeCLeEzzutF0coPe1BVTZcZ2SvzdVc_Kh4E6raaGTaia-dWoCzoDd6sGNOYfSrB85ou6dPmZALkcYDgAjgQIBdm8rR4qOP6mlT4Vbc3_6g%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
4548a814aab9889f80fdc4b4969e22438b97b56ed1b340ad411530dd1ade5bb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 12:40:42 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/ Frame CE28 		2 KB
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f2c78d11d003e80352b2d13a775d2a137299302b3893210b68427a7d5ee3a72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 10:08:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 21 Mar 2022 11:40:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 21 Mar 2022 11:40:42 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3D93 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
360732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame AF2C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5CpUpw
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame D9E9 		2 KB
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f2c78d11d003e80352b2d13a775d2a137299302b3893210b68427a7d5ee3a72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 11:07:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 21 Mar 2022 11:40:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 21 Mar 2022 11:40:42 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EE8F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
360732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 07CC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 07CC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 07CC 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=291206030165497&correlator=2308249832088202&eid=31060437%2C31065486%2C31065547%2C31065673%2C31065728&output=ldjh&gdfp_req=1&vrg=2022031501&ptt=17&impl=fif&iu_parts=21902364955%3A22652385948%2Ccm_pu_nets4.com_technology_and_computing_top%2Ccm_pu_nets4.com_technology_and_computing_btf_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=1&adks=882885121&sfv=1-0-38&ecs=20220321&fsapi=false&eri=4&sc=1&cookie=ID%3Dbf36699824cc9ccb-2292eb9e61cd008c%3AT%3D1647862841%3AS%3DALNI_MbZX6wiIOovw5_KViJEjIGmoqfF6g&abxe=1&dt=1647862842585&dlt=1647862841908&idt=668&biw=1600&bih=1200&isw=345&ish=85&adxs=1244&adys=1121&oid=2&ucis=rdk7ldfp1lb2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Feminer.app&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=345x0&msz=345x0&fws=256&ohw=0&ea=0&ga_vid=688344210.1647862839&ga_sid=1647862843&ga_hid=155476534&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
68a2107705cf7c5836443d888f2673f9c59e78986dea1d7f9635c1c4ea1f7910
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11215
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0970 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:40:42 GMT
expires
Tue, 21 Mar 2023 11:40:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ Frame BF8B 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126502
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 11:33:57 GMT
jbmsh4a7sm5y
ad.ad-srv.net/zone/ Frame 0542 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/zone/jbmsh4a7sm5y?subid=&redirectClick=
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e0fa838ef67490c2d700006a9babaa296a1f4641863593e677c6cd930d038ead

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2657
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal90006.redintelligence.net/ Frame 1EAE
Redirect Chain
  • https://hal90006.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f069dee7ea&subid=&uid=731b1cbf2879c438&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90006.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f069dee7ea&subid=&uid=731b1cbf2879c438&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f069dee7ea&subid=&uid=731b1cbf2879c438&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtgveOWQ4YuKPGLHC7_UPlP6f8A-1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAjuymMe0jLI-qAMBqgTWAU_QzLZGZd2ILP8wV2JQTrID-e8cF09TjjAimWOce_ivLjtUlaDgCl6107zsGIyDyAnn4Sz3wX0QslVV3OinCq0UM5c5WF0XqayqMFVH33W9ydtFHIHG9ox7LwcgE89FtWysUzCmtZhuxsmm8X_LvvwyX0nm9NVuOx8TAwPq2f20_2dot8gAq5j7pmBbRXNX4miw6ro_-04U0n4rx_at-ZZRUYqXP4uU8UFZrGlXOr3EeajnHIaI9dc_v466OVW4rcEEt4_8vtKw1-yBrBzGTbODBaVax7LABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ%26sig%3DAOD64_196IRrviFX587nFfMdfNVbkavzTA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ChdBP9JUVMkmg8Vgw_oA_bqEyUV4_0qidm-vu6kOq2TRMZ6bTGwuBl0e_CjqE7qGEaA9JQUuizvq2JCd9Jup-8mbo129ZQZbHI5UAIZOOrGQEM9nbaouN-5OaE-M_LlTiSFK9yYaGUlpmiIkzrg3lx3tn3EA%26cry%3D1%26dbm_d%3DAKAmf-AdpWTAi2bdbGvOx-eC8PoI7Kzi9MV7H8szBi9EIeZiGwxluE03KyEAzTCw1lFaCRiH7eNv_OF-h4ZIOaxqyaN02DllsusSlZTcCxCZpet4X52rObeFMf3A6cHBme_EieXSl66bn0jfeUHUK-armYbfeC6wfhN1tEO1t06H_kdiy_uzJVmhn-lzJbWR0h4oeKwX8mrVmIsBe7MScp30qU-0zV_HtXc93OhotjAooQMVM8m8ax8GcpxwWM9R4BhB2QE-JWFg6HDGGoXhceexAoDosqzDBy7ogpMtPuWIvQPOr0c8Umv0JBFC-Tsa45tyAN4B7hoU3BCUu0r5ynGHPHoOe7ij9fARAPQSujQK-0vnZXC9mLoxPtDcpX8n2UoBz6gDfqOpkeg-InEMb-YbklPG8VgoPl6RbLed9QfA4WFCjDqIBXD5imrfRISr8ts8A1_7MzXSKgH17vySQGp9c9LIvhfcww%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3256013270552&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
231b47c1d314a648abeaf2eb87f622c465b28aee9eb0088c2b7e28cf1e87ba4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
44257800100180800710612011905006
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1266
Expires
Mon, 21 Mar 2022 11:40:42 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f069dee7ea&subid=&uid=731b1cbf2879c438&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtgveOWQ4YuKPGLHC7_UPlP6f8A-1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAjuymMe0jLI-qAMBqgTWAU_QzLZGZd2ILP8wV2JQTrID-e8cF09TjjAimWOce_ivLjtUlaDgCl6107zsGIyDyAnn4Sz3wX0QslVV3OinCq0UM5c5WF0XqayqMFVH33W9ydtFHIHG9ox7LwcgE89FtWysUzCmtZhuxsmm8X_LvvwyX0nm9NVuOx8TAwPq2f20_2dot8gAq5j7pmBbRXNX4miw6ro_-04U0n4rx_at-ZZRUYqXP4uU8UFZrGlXOr3EeajnHIaI9dc_v466OVW4rcEEt4_8vtKw1-yBrBzGTbODBaVax7LABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ%26sig%3DAOD64_196IRrviFX587nFfMdfNVbkavzTA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ChdBP9JUVMkmg8Vgw_oA_bqEyUV4_0qidm-vu6kOq2TRMZ6bTGwuBl0e_CjqE7qGEaA9JQUuizvq2JCd9Jup-8mbo129ZQZbHI5UAIZOOrGQEM9nbaouN-5OaE-M_LlTiSFK9yYaGUlpmiIkzrg3lx3tn3EA%26cry%3D1%26dbm_d%3DAKAmf-AdpWTAi2bdbGvOx-eC8PoI7Kzi9MV7H8szBi9EIeZiGwxluE03KyEAzTCw1lFaCRiH7eNv_OF-h4ZIOaxqyaN02DllsusSlZTcCxCZpet4X52rObeFMf3A6cHBme_EieXSl66bn0jfeUHUK-armYbfeC6wfhN1tEO1t06H_kdiy_uzJVmhn-lzJbWR0h4oeKwX8mrVmIsBe7MScp30qU-0zV_HtXc93OhotjAooQMVM8m8ax8GcpxwWM9R4BhB2QE-JWFg6HDGGoXhceexAoDosqzDBy7ogpMtPuWIvQPOr0c8Umv0JBFC-Tsa45tyAN4B7hoU3BCUu0r5ynGHPHoOe7ij9fARAPQSujQK-0vnZXC9mLoxPtDcpX8n2UoBz6gDfqOpkeg-InEMb-YbklPG8VgoPl6RbLed9QfA4WFCjDqIBXD5imrfRISr8ts8A1_7MzXSKgH17vySQGp9c9LIvhfcww%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3256013270552&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 21 Mar 2022 11:40:42 +0100
generate_204
tpc.googlesyndication.com/ Frame 64C8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yAXYgw
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 62C2 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LwbybA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8FAC 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?s0G0Tg
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v26/ Frame D9E9 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v26/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:15:17 GMT
x-content-type-options
nosniff
age
505525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16828
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:37:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 15:15:17 GMT
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v26/ Frame CE28 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v26/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 15:15:17 GMT
x-content-type-options
nosniff
age
505525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16828
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:37:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 15:15:17 GMT
request.php
ad29.ad-srv.net/ Frame 0542
Redirect Chain
  • https://ad29.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
  • https://ad29.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad29.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=1341611167430&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
ca134a3b68cce730dba945e5fef7c733db6f222f4eef52f25b554ce9b8a62e7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
44408900105111600383830011905029
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
984
Expires
Mon, 21 Mar 2022 11:40:42 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=1341611167430&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 21 Mar 2022 11:40:42 +0100
u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
fonts.gstatic.com/s/cabin/v18/ Frame CE28 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v18/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb8138fe467ac4fd833c97df11108432d9a0f84486b05f08d34159aff9f104b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 14:17:55 GMT
x-content-type-options
nosniff
age
508967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15440
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:56:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 14:17:55 GMT
integrator.js
adservice.google.de/adsid/ Frame BF8B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BF8B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nets4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BF8B 		20 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=842784095007652&correlator=3051480693541448&eid=31064686%2C31065486&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fif&iu_parts=22178702878%2Cpurpleapl%2Callsizesv2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C468x60%7C200x200%7C320x100%7C320x50%7C300x100&ifi=1&adks=4203880072&sfv=1-0-38&ecs=20220321&fsapi=false&eri=4&sc=1&cookie=ID%3Dbf36699824cc9ccb-2292eb9e61cd008c%3AT%3D1647862841%3AS%3DALNI_MbZX6wiIOovw5_KViJEjIGmoqfF6g&abxe=1&dt=1647862842833&dlt=1647862842372&idt=438&biw=1600&bih=1200&isw=728&ish=90&adxs=294&adys=4778&oid=2&ucis=hgmdy271cv0x&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fnets4.com%2Fdomain%2Feminer.app&top=nets4.com&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=688344210.1647862839&ga_sid=1647862843&ga_hid=624123749&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e7fde36613328100bd90fe00f6a224f5ca22c98615f159ad918c0561fda041ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10725
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nets4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BF8B 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9259e6ae55bb8524e8474ac12522184db2f9aa294800d8171ee3055eed68098b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10706
x-xss-protection
0
container.html
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 003D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 21 Mar 2022 11:40:42 GMT
expires
Tue, 21 Mar 2023 11:40:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
fonts.gstatic.com/s/cabin/v18/ Frame D9E9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v18/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400%7CMuli:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb8138fe467ac4fd833c97df11108432d9a0f84486b05f08d34159aff9f104b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 14:17:55 GMT
x-content-type-options
nosniff
age
508967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15440
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:56:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 14:17:55 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 3D93 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame EE8F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 07CC 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9895f9373b5803a4ff18da4ce38f1fdd0f8695ce4c87b5c44f3625e2f4d0f6a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10526
x-xss-protection
0
view.aspx
pb.media01.eu/ Frame EBA6
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=44257800100180800710612011905006&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44257800100180800710612011905006&actionid=981741&produktid=&dt_url=
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44257800100180800710612011905006&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f069dee7ea&subid=&uid=731b1cbf2879c438&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtgveOWQ4YuKPGLHC7_UPlP6f8A-1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAjuymMe0jLI-qAMBqgTWAU_QzLZGZd2ILP8wV2JQTrID-e8cF09TjjAimWOce_ivLjtUlaDgCl6107zsGIyDyAnn4Sz3wX0QslVV3OinCq0UM5c5WF0XqayqMFVH33W9ydtFHIHG9ox7LwcgE89FtWysUzCmtZhuxsmm8X_LvvwyX0nm9NVuOx8TAwPq2f20_2dot8gAq5j7pmBbRXNX4miw6ro_-04U0n4rx_at-ZZRUYqXP4uU8UFZrGlXOr3EeajnHIaI9dc_v466OVW4rcEEt4_8vtKw1-yBrBzGTbODBaVax7LABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ%26sig%3DAOD64_196IRrviFX587nFfMdfNVbkavzTA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ChdBP9JUVMkmg8Vgw_oA_bqEyUV4_0qidm-vu6kOq2TRMZ6bTGwuBl0e_CjqE7qGEaA9JQUuizvq2JCd9Jup-8mbo129ZQZbHI5UAIZOOrGQEM9nbaouN-5OaE-M_LlTiSFK9yYaGUlpmiIkzrg3lx3tn3EA%26cry%3D1%26dbm_d%3DAKAmf-AdpWTAi2bdbGvOx-eC8PoI7Kzi9MV7H8szBi9EIeZiGwxluE03KyEAzTCw1lFaCRiH7eNv_OF-h4ZIOaxqyaN02DllsusSlZTcCxCZpet4X52rObeFMf3A6cHBme_EieXSl66bn0jfeUHUK-armYbfeC6wfhN1tEO1t06H_kdiy_uzJVmhn-lzJbWR0h4oeKwX8mrVmIsBe7MScp30qU-0zV_HtXc93OhotjAooQMVM8m8ax8GcpxwWM9R4BhB2QE-JWFg6HDGGoXhceexAoDosqzDBy7ogpMtPuWIvQPOr0c8Umv0JBFC-Tsa45tyAN4B7hoU3BCUu0r5ynGHPHoOe7ij9fARAPQSujQK-0vnZXC9mLoxPtDcpX8n2UoBz6gDfqOpkeg-InEMb-YbklPG8VgoPl6RbLed9QfA4WFCjDqIBXD5imrfRISr8ts8A1_7MzXSKgH17vySQGp9c9LIvhfcww%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3256013270552&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 21 Mar 2022 12:40:42 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 21 Mar 2022 11:40:42 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Mon, 21 Mar 2022 11:40:42 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=44257800100180800710612011905006&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:8EA6_91EFC182:01BB_6238643A_10A5F6A4:7DDF
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
link.html
track.webgains.com/ Frame 1EAE 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=44257800100180800710612011905006&js=1&nw=1
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
7565007599a504c3ab52a3fd293842489952a0b1039f6ba2b3b365bc62b3fb9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Last-Modified
Mon, 21 Mar 2022 11:40:42 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041
5994599.fls.doubleclick.net/ Frame D046
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041?
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
b1a4954032531fc135cb9b5744c899a1ccf195c9ad4f11fdb4b19a61c86a8c75
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 21 Mar 2022 11:40:43 GMT
expires
Mon, 21 Mar 2022 11:40:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 21 Mar 2022 11:40:42 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90006.redintelligence.net/ Frame 2DF3 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request_content.php?s=44257800100180800710612011905006&a=f82d6bfe
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=f069dee7ea&subid=&uid=731b1cbf2879c438&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCtgveOWQ4YuKPGLHC7_UPlP6f8A-1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAjuymMe0jLI-qAMBqgTWAU_QzLZGZd2ILP8wV2JQTrID-e8cF09TjjAimWOce_ivLjtUlaDgCl6107zsGIyDyAnn4Sz3wX0QslVV3OinCq0UM5c5WF0XqayqMFVH33W9ydtFHIHG9ox7LwcgE89FtWysUzCmtZhuxsmm8X_LvvwyX0nm9NVuOx8TAwPq2f20_2dot8gAq5j7pmBbRXNX4miw6ro_-04U0n4rx_at-ZZRUYqXP4uU8UFZrGlXOr3EeajnHIaI9dc_v466OVW4rcEEt4_8vtKw1-yBrBzGTbODBaVax7LABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDgyMzk2OTk4NTA4MjEzNoAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASJ-RoVOJu3QQcbsHGYepF9oXvs2gNYN9nlgYAlcCOs0tebyfJ273NmQ%26sig%3DAOD64_196IRrviFX587nFfMdfNVbkavzTA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-ChdBP9JUVMkmg8Vgw_oA_bqEyUV4_0qidm-vu6kOq2TRMZ6bTGwuBl0e_CjqE7qGEaA9JQUuizvq2JCd9Jup-8mbo129ZQZbHI5UAIZOOrGQEM9nbaouN-5OaE-M_LlTiSFK9yYaGUlpmiIkzrg3lx3tn3EA%26cry%3D1%26dbm_d%3DAKAmf-AdpWTAi2bdbGvOx-eC8PoI7Kzi9MV7H8szBi9EIeZiGwxluE03KyEAzTCw1lFaCRiH7eNv_OF-h4ZIOaxqyaN02DllsusSlZTcCxCZpet4X52rObeFMf3A6cHBme_EieXSl66bn0jfeUHUK-armYbfeC6wfhN1tEO1t06H_kdiy_uzJVmhn-lzJbWR0h4oeKwX8mrVmIsBe7MScp30qU-0zV_HtXc93OhotjAooQMVM8m8ax8GcpxwWM9R4BhB2QE-JWFg6HDGGoXhceexAoDosqzDBy7ogpMtPuWIvQPOr0c8Umv0JBFC-Tsa45tyAN4B7hoU3BCUu0r5ynGHPHoOe7ij9fARAPQSujQK-0vnZXC9mLoxPtDcpX8n2UoBz6gDfqOpkeg-InEMb-YbklPG8VgoPl6RbLed9QfA4WFCjDqIBXD5imrfRISr8ts8A1_7MzXSKgH17vySQGp9c9LIvhfcww%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=3256013270552&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
15afe2c2b219d226a289b424aa49b2e92ead83a79dd1781b78cba876905a606c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/

Response headers

Date
Mon, 21 Mar 2022 11:40:42 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 21 Mar 2022 11:40:42 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2102
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 1EAE
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=44257800100180800710612011905006
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=44257800100180800710612011905006
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:46:13 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:8EA6_91EFC182:01BB_6238643A_10A5F6B0:7DDF
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 1EAE 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=44257800100180800710612011905006&pv=1
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:42 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
container.html
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 997B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:40:42 GMT
expires
Tue, 21 Mar 2023 11:40:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/fd7061606c27a9ef38a564455ccfd447:6fef49f25d2bf6febe431e57eaaebe2a0955c7f82b2adf4f2db0bf600b9aed36f427b3f3c5d952988a6ad2aad04acc118464fb74b5c0eb98185654e536ae11a103af85bae3a3d01... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/fd7061606c27a9ef38a564455ccfd447:6fef49f25d2bf6febe431e57eaaebe2a0955c7f82b2adf4f2db0bf600b9aed36f427b3f3c5d952988a6ad2aad04acc118464fb74b5c0eb98185654e536ae11a103af85bae3a3d0181fcdf38478c1d7dcba9d12b7e30563f0cc1961d7ca0f9374/i?id=47c59a1e-d03c-4f91-8a3e-ee7c13d42338&ts=1647862842888
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
b4177f3c-4796-4691-9491-01495df2b865
i
api.purpleads.io/x/a/fd7061606c27a9ef38a564455ccfd447:6fef49f25d2bf6febe431e57eaaebe2a0955c7f82b2adf4f2db0bf600b9aed36f427b3f3c5d952988a6ad2aad04acc118464fb74b5c0eb98185654e536ae11a103af85bae3a3d01... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/fd7061606c27a9ef38a564455ccfd447:6fef49f25d2bf6febe431e57eaaebe2a0955c7f82b2adf4f2db0bf600b9aed36f427b3f3c5d952988a6ad2aad04acc118464fb74b5c0eb98185654e536ae11a103af85bae3a3d0181fcdf38478c1d7dcba9d12b7e30563f0cc1961d7ca0f9374/i?id=47c59a1e-d03c-4f91-8a3e-ee7c13d42338&ts=1647862842888
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
0.4.13

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:43 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
c162b695-8d21-4c43-afd5-c57d41030357
truncated
/ Frame 1EAE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b9d73532300cce789de292a30a5d56f3014464d1b203287362e91220b4534ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BF8B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 07CC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:42 GMT
css
fonts.googleapis.com/ Frame 2DF3 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=44257800100180800710612011905006&a=f82d6bfe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 10:43:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 21 Mar 2022 11:40:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 21 Mar 2022 11:40:42 GMT
/
hal9000.redintelligence.net/scale/ Frame 2DF3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=44257800100180800710612011905006&a=f82d6bfe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
39184c5d24b37db1eb01bfa5170eb2fa23b8a3955a4e73c5a83bf382ec91ef8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:42 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16249
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2DF3 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/TRG-star-wars-marvel-comics-panini-banner-1200x627.jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=44257800100180800710612011905006&a=f82d6bfe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
42fc11f1eb6e64d09407430fb1e40a20a59ea6e3f35d50fa4d9f38e436c6c5dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15275
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2DF3 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_1200x627.jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=44257800100180800710612011905006&a=f82d6bfe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cb275581c42b9338672e43207346d88de00252bc93f4feb49fe5821345bab243

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
14129
Vary
Accept-Encoding
Content-Type
image/png
/
htlp.emp.de/ Frame 030D
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2481850&v=14172&q=372911&r=473322&pv=1&pref1=44408900105111600383830011905029
  • https://htlp.emp.de/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://htlp.emp.de/
Requested by
Host: ad29.ad-srv.net
URL: https://ad29.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=1341611167430&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2c00:c:6264:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bb77d20dd85b4bfae78affeef6ee91869bffa0ef53ed9c8ab9c2a526d0180c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/

Response headers

content-type
text/html
content-length
2647
last-modified
Wed, 08 Jul 2020 09:51:56 GMT
x-amz-version-id
Za5k1aCF3b8ugAP1.Dh5UJVd_ViDWDOf
accept-ranges
bytes
server
AmazonS3
date
Mon, 21 Mar 2022 11:40:38 GMT
cache-control
max-age=10
etag
"81767a046d18dbeec7092a1dbdc70325"
x-cache
Hit from cloudfront
via
1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Vdz1oxQdUFGE2zjqh4co8kx5UkkDsJBOStQEfia29sHRzHbpyZWKmg==
age
6

Redirect headers

Content-Length
0
Location
https://htlp.emp.de/
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date
Mon, 21 Mar 2022 11:40:43 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
up_loader.1.1.0.js
js.adsrvr.org/ Frame 0542 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: ad29.ad-srv.net
URL: https://ad29.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=1341611167430&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 03:58:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
27720
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P2
X-Amz-Cf-Id
WaDZA2r2ZgOstM2L4ieYx1AcV2ezhrzNDWC6QbsXOf6g-z0_3_GUjw==
pixel_loader.js
static2.creative-serving.com/ Frame 0542 		527 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/pixel_loader.js
Requested by
Host: ad29.ad-srv.net
URL: https://ad29.ad-srv.net/request.php?zone=jbmsh4a7sm5y&nw=11&renderingType=javascript&namespace=2f918e1b8a&subid=&uid=ff4a86447a425eb9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=1341611167430&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 21:32:00 GMT
server
UploadServer
age
0
etag
"68faa1738e44f8aabb6f53cba51f29d3"
x-hw
1647862843.cds136.am5.hn,1647862843.cds314.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
adview
securepubads.g.doubleclick.net/pagead/ Frame 997B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEQz_OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtAJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kMwkJbWNrKYafrUAabPJfCm_T4kN9f_mI3YXv2Z654vjNLMSVva4-AEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTQxMzMyOTU0NDA0MDk0NxjBjHQ&sigh=gQlx2Ve1bTQ&uach_m=[UACH]&cid=CAQSPACNIrLMYm74neiUzueVv6vqTw6M8n2L2YsMrbgPS4phe_1I-f0RBVB9prwZIImgK6nTTgJJ0NV1pMq4CRgB
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 997B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U8WUEsc1rAL6AZ2DYgICAAAA11Irpc2LEHFKrf7iTr1B7BA6ZDhi8wk19oFt_tUBVvsAEg&wp=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
server
Kestrel
server-processing-duration-in-ticks
268846
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 47FD 		138 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a169ad9478744440d80f65bf8c21ce91ec4198f22144bdce408c3f4952b63981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0tyKXgD9Bd55eWhlL68lc--zAqeLrlzO3Uot3TgMho-U9eJcBSfvf4qNYZYDVopAU9wKQYqyOBO_DBQbMelut1Mnl_EC3dmIU5V5Phr3klOCWXWHzRYHKVt8c9Bf5HvIykLZgww6zh9TZEck0tQlEYw2PDM50dyZQZP_zoC75CUQNT1AOTI5ig2zoGTTCTmJrZRCHSzGwFr0WuvTXZCAyVEYkOodbTEDKsjAZb9kNIMaemCI1mi59jUIhQHOGuLOVFs7Hg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
69143892
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 997B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:38:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5605 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 20 Mar 2022 13:26:12 GMT
expires
Mon, 21 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
80071
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 997B 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 997B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:40:07 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 997B 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 14:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Mar 2023 14:29:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9223 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D0D1 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5c274e9f1399f06e6b77a2c148af95365783e8b54b16c82b9babdfa8ca314553
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KlsshbG1s8Re7XC6EGHygw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:40:43 GMT
date
Mon, 21 Mar 2022 11:40:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-KlsshbG1s8Re7XC6EGHygw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
viewability
hal90006.redintelligence.net/ Frame 2DF3 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/viewability?s=44257800100180800710612011905006&a=56aa051b&vb=m
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=44257800100180800710612011905006&a=f82d6bfe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/request_content.php?s=44257800100180800710612011905006&a=f82d6bfe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E849 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:19:42 GMT
expires
Tue, 21 Mar 2023 11:19:42 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8F0C 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
32d66c0ad91c4d07700285ee0b684ad515b3298f18bd993c185df9f09548a12b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sIlL9r51lSfSubZVUpeIsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 21 Mar 2022 11:40:43 GMT
date
Mon, 21 Mar 2022 11:40:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-sIlL9r51lSfSubZVUpeIsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame E462 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTMflOhpdibiimC1U1fUGnwSi4RjdtrTwqN27XS2M9ZBo8phN7bijeMLFL3KW3QnmOZ097oLCRlEKgjo7S4qHx&sig=Cg0ArKJSzFPC89Gk3tKqEAE&id=lidar2&mcvt=1039&p=507,294,597,1022&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1944610241&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647862841605&rpt=481&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8E7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 11:40:42 GMT
expires
Tue, 21 Mar 2023 11:40:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
api.purpleads.io/x/a/01362f02fe3580392c5fa7a676a40ad6:8422ab40b4d71e2a2b9c9795472daa810f945d71e43148de96c307757895d6e321d4b17118154eab2d6655afc1bb5d55933f24ed0ed014788ae7ad624fc9efc09293a5e4a1c1724... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/01362f02fe3580392c5fa7a676a40ad6:8422ab40b4d71e2a2b9c9795472daa810f945d71e43148de96c307757895d6e321d4b17118154eab2d6655afc1bb5d55933f24ed0ed014788ae7ad624fc9efc09293a5e4a1c17240a617cd523d3e2648ae5e1853ee95ff637dcf298c8f764873acbcb6b8083903d8b174e7a4cc53314eb13315808774d5a8970b3fe6a40896cbc5232acd12cd31f88dec36a5841e285d/i?id=50088660-e2a4-4e97-8dd9-8f4a46d66c2d&ts=1647862843189
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Origin
https://nets4.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
access-control-allow-origin
https://nets4.com
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
x-request-id
b9e29da1-36dd-43c2-bb75-93072b8b3d64
i
api.purpleads.io/x/a/01362f02fe3580392c5fa7a676a40ad6:8422ab40b4d71e2a2b9c9795472daa810f945d71e43148de96c307757895d6e321d4b17118154eab2d6655afc1bb5d55933f24ed0ed014788ae7ad624fc9efc09293a5e4a1c1724... 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/01362f02fe3580392c5fa7a676a40ad6:8422ab40b4d71e2a2b9c9795472daa810f945d71e43148de96c307757895d6e321d4b17118154eab2d6655afc1bb5d55933f24ed0ed014788ae7ad624fc9efc09293a5e4a1c17240a617cd523d3e2648ae5e1853ee95ff637dcf298c8f764873acbcb6b8083903d8b174e7a4cc53314eb13315808774d5a8970b3fe6a40896cbc5232acd12cd31f88dec36a5841e285d/i?id=50088660-e2a4-4e97-8dd9-8f4a46d66c2d&ts=1647862843189
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.128.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-128-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Authorization
Bearer 344ad2e45bc351c4ada152793585a015:8aed5d81ec539e8e6c45776fc6ee38d0aa92f5aeb356bf9114996f6476591916247996f56f76a9fe14770cd4806b54edb29d6938615ba1769d3b435fb1fcd83b
x-request-url
aHR0cHM6Ly9uZXRzNC5jb20vZG9tYWluL2VtaW5lci5hcHA=
Accept
application/json
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
x-purpleads-version
2.0.31

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:43 GMT
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-credentials
true
x-request-id
86ee24c5-7187-4484-ac30-622a2e78cf24
privacy_small.svg
static.criteo.net/flash/icon/ Frame 47FD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:43 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 47FD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 47FD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 16 Mar 2023 11:40:43 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 47FD 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 16 Mar 2023 11:40:43 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 47FD 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=abA9A4EFmZfpNBlErGx8M8QkqvihlBz1eOt9ZQXIdQ6OnAPXmgdlmcO9v-x9eVSOrZX2-YfdYHH-XygdtIxO8Bgsbd2cBcVp5NrtVRuh4LM8WS25z7BXe-R5-vwYa4USf4htOM9AskTnreqJcb3L6MMZPW8vEUQFdb_I62eQI6r6j4j7oAUd2Gyf3v3jg60APnDgmOHrySzltKMLT6tCU83UmZF1ck0XPo9tnd6s_E-ZZtenVP2MESCkpM-SD5AHxBQhBd5Bzfa71M3CpQkQ7o-6c6EuuZOTMBcRLvKexaz8laj0A99oWhj9bC0hPGMWn5GiMUpQuawpgYKY9ElXnlfVakVbWKMb3cHJ_lJt_w2Fh-U91znKGRtVbIaEVHo36XKMVm8GcNNhEPlbLb6a8HxWXEKn6oXS2pCvuHzBHOniVHPhoH2888zKitsLFzed-c7fwQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:42 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3112078
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
google2waycm.netmng.com/cm/ Frame 5605 		0
0
pixel
cm.g.doubleclick.net/ Frame 5605
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO120yZmEXZRISacF9t1P_U&google_cver=1&google_push=AYg5qPLhcZcsgWTprbI27W1SihSpxoQOFtmGBi9UxDbKvI5gVgzFwUC2mUdgGf3PKqucPR993a5Qujj5-neGxS-b...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLhcZcsgWTprbI27W1SihSpxoQOFtmGBi9UxDbKvI5gVgzFwUC2mUdgGf3PKqucPR993a5Qujj5-neGxS-blfld5IvGwBUK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLhcZcsgWTprbI27W1SihSpxoQOFtmGBi9UxDbKvI5gVgzFwUC2mUdgGf3PKqucPR993a5Qujj5-neGxS-blfld5IvGwBUK
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
MT3 4256 109297d master zrh-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLhcZcsgWTprbI27W1SihSpxoQOFtmGBi9UxDbKvI5gVgzFwUC2mUdgGf3PKqucPR993a5Qujj5-neGxS-blfld5IvGwBUK
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 21 Mar 2022 11:40:42 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5605 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP7Yu_6Tjf0U8ICStPzEP9I&google_cver=1&google_push=AYg5qPJCsCEHtgSaeoxmv6sH68meDgkKSc1qi1SdiOH-Y1bC73SYheH4Id1bqptcGMepSocTkti9FTwH0Pjb4ePgqcM0ZtDV6OwO3g
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 5605
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGky9pthmTyjB2hN7-7Ygi8&google_cver=1&google_push=AYg5qPLIpr8g-MhgWsOyW-CaDjfqTaJWlfDR2Sdx3hUT5tRHSeNnye-FyBvAyFK-fN1EgJmcCFDVrgGPdZJvd_jH...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=g5T63rekSfegczSaI_iN_Q2&google_push=AYg5qPLIpr8g-MhgWsOyW-CaDjfqTaJWlfDR2Sdx3hUT5tRHSeNnye-FyBvAyFK-fN1EgJmcCFDVrgGPdZJvd_jHD3biR997l80Wug
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=g5T63rekSfegczSaI_iN_Q2&google_push=AYg5qPLIpr8g-MhgWsOyW-CaDjfqTaJWlfDR2Sdx3hUT5tRHSeNnye-FyBvAyFK-fN1EgJmcCFDVrgGPdZJvd_jHD3biR997l80Wug
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 21 Mar 2022 11:40:43 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=g5T63rekSfegczSaI_iN_Q2&google_push=AYg5qPLIpr8g-MhgWsOyW-CaDjfqTaJWlfDR2Sdx3hUT5tRHSeNnye-FyBvAyFK-fN1EgJmcCFDVrgGPdZJvd_jHD3biR997l80Wug
x-host
tde-deliveryengine-production-6fbb5b866d-744p5
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5605
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHVoDc4PbHydFl-Etir-NXs&google_cver=1&google_push=AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKKpHQDqS...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHVoDc4PbHydFl-Etir-NXs&google_cver=1&google_push=AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKK...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKKpHQDqSwnHCQsqcpw&google_hm=lQqvhbr7TXSC2z-VY2FVcA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKKpHQDqSwnHCQsqcpw&google_hm=lQqvhbr7TXSC2z-VY2FVcA==
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKKpHQDqSwnHCQsqcpw&google_hm=lQqvhbr7TXSC2z-VY2FVcA==
Date
Mon, 21 Mar 2022 11:40:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5605
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMmYDmmtucn0DJmHHFHe0Ds&google_cver=1&google_push=AYg5qPKhV8jKkgJl5RodD9dVPhn-vLwevmpLX_Zt82jTxz523uZQ4MdOE0LKtWl9Ca94lcgJsh7PHlurnAIFe8nIU...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMmYDmmtucn0DJmHHFHe0Ds&google_cver=1&google_push=AYg5qPKhV8jKkgJl5RodD9dVPhn-vLwevmpLX_Zt82jTxz523uZQ4MdOE0LKtWl9Ca94lcgJsh7PHlurnAIFe8nIU...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKhV8jKkgJl5RodD9dVPhn-vLwevmpLX_Zt82jTxz523uZQ4MdOE0LKtWl9Ca94lcgJsh7PHlurnAIFe8nIUB8GaDp4l9k12A&google_hm=16f9783c7e0893c2225c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKhV8jKkgJl5RodD9dVPhn-vLwevmpLX_Zt82jTxz523uZQ4MdOE0LKtWl9Ca94lcgJsh7PHlurnAIFe8nIUB8GaDp4l9k12A&google_hm=16f9783c7e0893c2225cef8f
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKhV8jKkgJl5RodD9dVPhn-vLwevmpLX_Zt82jTxz523uZQ4MdOE0LKtWl9Ca94lcgJsh7PHlurnAIFe8nIUB8GaDp4l9k12A&google_hm=16f9783c7e0893c2225cef8f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 5605
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHTDp05DwrE1VHXvz24MQQQ&google_cver=1&google_push=AYg5qPIljug7mG8bL7S9raktGxoLCtL1_wplx8OEwzMUXCMyF79l-8swv1pJu55Dmep7cA4to-c9MfIJSkldHmSU28MTcj_DPqEv
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIljug7mG8bL7S9raktGxoLCtL1_wplx8OEwzMUXCMyF79l-8swv1pJu55Dmep7cA4to-c9MfIJSkldHmSU28MTcj_DPqEv&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE4MjU3MTg3NDM0OTAwNDEyMjk1MQ%3D%3D&google_push=AYg5qPIljug7mG8bL7S9raktGxoLCtL1_wplx8OEwzMUXCMyF79l-8sw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE4MjU3MTg3NDM0OTAwNDEyMjk1MQ%3D%3D&google_push=AYg5qPIljug7mG8bL7S9raktGxoLCtL1_wplx8OEwzMUXCMyF79l-8swv1pJu55Dmep7cA4to-c9MfIJSkldHmSU28MTcj_DPqEv
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDE4MjU3MTg3NDM0OTAwNDEyMjk1MQ%3D%3D&google_push=AYg5qPIljug7mG8bL7S9raktGxoLCtL1_wplx8OEwzMUXCMyF79l-8swv1pJu55Dmep7cA4to-c9MfIJSkldHmSU28MTcj_DPqEv
date
Mon, 21 Mar 2022 11:40:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 5605 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHwUDlo4H_JLQZrsj4Li1GNnVTmR5LUvkGuqTPR_c2t9aiC6lHgtJ6HCoZehn86JZaViDE
Requested by
Host: 605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
URL: https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pvClk.min.js
analytics.webgains.io/ Frame 1EAE 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=44257800100180800710612011905006&js=1&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-127.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24455
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 21 Mar 2022 04:53:11 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
pGZjQJkav_fSSSm6AjeMJSAvTmYa7ULhb8hLZsfHb1odH62zX9ZLOg==
link.html
track.webgains.com/ Frame 1EAE 		667 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=88302000075501500710612011905017&wglinkid=3432245
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:43 GMT
Last-Modified
Mon, 21 Mar 2022 11:40:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
667
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041
adservice.google.com/ddm/fls/z/ Frame D046 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-6lLuP1_YCFVBDHQkdh7wKcA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5930736462706.041?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.js
static2.creative-serving.com/ Frame 0542 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/pixel.js
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/pixel_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
df16ae2f3f4c003e55aa93796b78c0ab73e0155ae32bea72cee59d1e0832f92d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 21:32:00 GMT
server
UploadServer
etag
"ddebe66232ec2ff147a8664e2ecc6e4f"
x-hw
1647862843.cds136.am5.hn,1647862843.cds241.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1505
animejs.js
static.criteo.net/animejs/ Frame 47FD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:43 GMT
b3db0a949ce945899b0aa7ad95d7d8cf_cpn_300x250_1.jpeg
static.criteo.net/design/dt/4955/220222/ Frame 47FD 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/4955/220222/b3db0a949ce945899b0aa7ad95d7d8cf_cpn_300x250_1.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5869c6f986927ae74abcb2810724a17d4da067c78b7145692192525c2ff843ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
last-modified
Tue, 22 Feb 2022 11:19:22 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6214c6ba-32c5"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
12997
expires
Thu, 16 Mar 2023 11:40:43 GMT
img
pix.eu.criteo.net/img/ Frame 47FD 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=4955&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F4955%2F220315%2Fe73b03a6dd564783b5213b257fba254a_logo_1200x628.jpg&v=3&w=596&s=HqSMG5rISiUPleKVPb6IEk8A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1f9198526bb382bdfa81ff720f42ad1b51195d45f6dba3969e390506730c85c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30571571
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1494
expires
Fri, 10 Mar 2023 07:46:54 GMT
img
pix.eu.criteo.net/img/ Frame 47FD 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=4955&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F4955%2F220315%2F2d12bc018c18486299df10f8b2158cd0_affiliates_ss22_ohnelogo_1200x628.jpg&v=3&w=1200&s=Pp9J1ILXXWJSUryrJiBMlEhu
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
48e500d506c0da35c8731c86b94c8c0ce31257f86c334ec50ea7b5d237efee8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30571599
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
50250
expires
Fri, 10 Mar 2023 07:47:22 GMT
img
pix.eu.criteo.net/img/ Frame 47FD 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00744127-001_1.jpg&v=3&w=400&s=-YYsOzxUAxl-1wvXy3zzQrl-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
27377803f0c1923c3d5d32c5b85d3794a7452e1fe27dc165fa6c11d94fa3c064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=446144
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
18584
expires
Sat, 26 Mar 2022 15:36:27 GMT
img
pix.eu.criteo.net/img/ Frame 47FD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00736776-001_1.jpg&v=3&w=400&s=pM_JMfuSMjpW3eN3fqH8JgYe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
94b5582b970ffb64a798f0d8e453a503c202d991ed53a08b5fb3bfac6a869ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=14119
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3882
expires
Mon, 21 Mar 2022 15:36:02 GMT
img
pix.eu.criteo.net/img/ Frame 47FD 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00745654-009_1.jpg&v=3&w=400&s=Eu_CP8GdfC428V9tZz4U_C7u&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b4b326975dd11639f7751af70356d62d04af79c6a1a6dcab5d2a3316b30315a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:42 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=104443
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6026
expires
Tue, 22 Mar 2022 16:41:27 GMT
img
pix.eu.criteo.net/img/ Frame 47FD 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00721062-015_1.jpg&v=3&w=400&s=VtQPTpAzuiRyS8YCCjTMI81d&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4c854935444458a4ff41b6b35cc5d4efb33da0b95c11b73f96d300b69ac2ed41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=286266
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5706
expires
Thu, 24 Mar 2022 19:11:49 GMT
all
csm.eu.criteo.net/ Frame 47FD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0tyKXgD9Bd55eWhlL68lc--zAqeLrlzO3Uot3TgMho-U9eJcBSfvf4qNYZYDVopAU9wKQYqyOBO_DBQbMelut1Mnl_EC3dmIU5V5Phr3klOCWXWHzRYHKVt8c9Bf5HvIykLZgww6zh9TZEck0tQlEYw2PDM50dyZQZP_zoC75CUQNT1AOTI5ig2zoGTTCTmJrZRCHSzGwFr0WuvTXZCAyVEYkOodbTEDKsjAZb9kNIMaemCI1mi59jUIhQHOGuLOVFs7Hg&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 21 Mar 2022 11:40:42 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 47FD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 47FD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Mar 2023 11:40:43 GMT
request_content.php
ad29.ad-srv.net/ Frame D0E3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad29.ad-srv.net/request_content.php?s=44408900105111600383830011905029&a=5570690e
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
43fd715c6570eb9750e5d82381fded2db6bdde5bfdae7adc0eddbe0918862fc9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 21 Mar 2022 11:40:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1355
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 0542 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3014990fc3c3ac542c5d08de1b0fd51d08428b645a7cdfb9d7b52f87ffb90c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame D0D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=842784095007652&rc=null
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F0C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031501&jk=291206030165497&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D93 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNZ7iOWQ4YqXiOfONjuwPpJiSiAQAAAAAOAHgBAI&bg=!ICOlI2fNAAba2mK92to7ACkAdvg8WvVSHiNE6qbzT3RfWhS3kIRctldkUQdKsU575cMOB34YV8LBsgIAAAEfUgAAAAFoAQeZAzknqBhIIemTofuwltyX-6JEqcFDR3tMmLsc48xsZNnWz21cQmyycVAojmfb_BVIrIM2v83oeuDsT_AN8edXlvUoeg4lAnzVZSWlHCobjQNXLt7EsOH4klf4mERWW4yMYUpAQ7wocBCO88ZWOftLSLio3VrJjadawszxG8pRNqpui_n29kHAiRaN0zJj5ZDdEDkyRJVlKibPMY6zyEpJJBS5o-juojXs14fr2GOLRHMpJglkvYY3eVw3qJSNZYFXoeMN725tIHyj8vSSAtICI4Pz6RUxJsRegX4bYzoLLFi2SulP2dXzI2vXdJP1l3sbTTQedLdhW3WdsKPlrciexu72iBWp4JC-YIlmGDHwO7z7L7QlBlpj_EbQ_wf_ILuh9hDxNv1EKYSg_0J4nC4kKXzNjz-Lnbobwy5_kIeRqafBdQYWmj7nQlU4ynPZh9J9ve0tv843sQPPzZGf8g8i00eUagViGIu5QdmpX1BDJw-2U495p56JOmz0HfiFzK_pjMtPCcTeeD6qJueBmxLKdfEafSASxWJaPF4sJHgQFzVIPc9E5uWFjp3BvSZ2oFdjARJDuOd_CVWY7z2t6zSPEnfglqvBeTHksPKBvkZIJQrz7Ec09yfQOUbz6eoOcU8LsjaYS2WLjWG1H3kDmKARJ-P2vTxiiNoDhtb74qgTJbgnTXNjGO0iM88P3_ocRVN_fiJMCMDFljshkTfcNL2DWGns2cRFJpUickQZ1UEnwJTSkt1YIp-sxCETZfKTl6dJFRU8TIummrAdHb8c8EjE4ea9X2ip-CMN-_FJuh0bpjC42mfIVW0J2X89zEnZ5zq-ASBkVfTWV1Cr5QeHe8QikM6W-J4igFplNfIfnD04d3jCVMcAZTj7ourjE5UiYRggPtrc6Y9p0Y3h0TpPyNbwbNECKaXTrveAWSmhKCW1gHdyEIFeBBcsbTbnY-XNofjNk6KIOd0-lDPVwIrCeUtY5DcJf0A57PcQI6D98r3eq2H7B8lgEhkP3hyRXXle1oly9Lm67nXTjGu1xULsq5o9n6tScD_Sc_vROJmTykeP2O4VkSA4ovYRXtOWimlbWADmtSWwP7-hDxUPJm0
Requested by
Host: 48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
URL: https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6705 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX6LQgfEBWCEpjcpmHQehQeJgKjRpHYPsgYXdjwWm1cLW23h-SXXKUBSI2urNhDt1MSqXVoGthH00LeHSPGJQ_E8gfVas-toozJ3wpOG0Y2oTCQJ2plst4vBceHvB7zr1HIPWd3GfO-y9ae-XWpgrcEVrrVpW_tKNtKvAuGvwU6ACSK3uU
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 21 Mar 2022 11:40:43 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E8E7 		26 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COTOSuB8COrDw1PmweAvJpjgAZrZpgSQyW458GdOr5q-MJTJalQwgrbkXQIq_A_LO-zhz-RUlLkiFeltOtl4fBuLfBEVhhH-3w2nmPDa5dZmE1i_Zm5xTJuLkm13IHNJAVUkbq7nH728LbzLcurk1iL5XsaA&cry=1&dbm_d=AKAmf-A53motVAHzJunA0wnpNMx540VrtHARAsAl4MvnspQ1J_DZgTwdqDf6TUv4ODjO80TDjM2_qg_JLUJBly87RY-6UquQOMJZ_uWPmu3vTG7twtS7m9UXSr1VpXXL3WAWSmiFxLo4Rq8wMJ7cU2lTr5qNEhI3oyURejUpQSY-EOC4edsOl4oAIPRSKv61IlRgfWKYqstvUaGgQiyGCFv9xB3RkQTToapPhn4kPJBWUUPPnfyZoYuhCT0lE-VACblHLPB6VYTH3S4Sy8_6c6Xx7Uy7lhDNWdqHBn8AfGOdfujhlJz7c-Kfk8X3fNKIUs_SKhlkfSAHDckCp3RoM9KNUKKQ30Z4ySbxNEtAyMjPTo0RFDrkSiwI7sNmU_HW9kUN-bAT_Bf0SH0w7TNtA7LJtzfo3inazfBVGaVxjBa3zfHrqy6fg5C60eIniTd0bRW3aCGznpAqHP0VoO9s7Y9iRmJiB4NNQSjvCil6SWxAmTn5MnQ9gGeOIIy0srUS1ikdLS1yhcNNxW0uZpRbm9OJXdq2Gbr2eRi_TEQ_Fd_dkaAVs6YJfgYu1lPwbydy-wf0tYVbhux1dHceIEZTUfBASdO59wVP2LR50BP0HpdQStm1xTnaC6VzJrvDauBcT13mUX8J3IJK0Kskgylq2YfN4gWbFr9T5r8U4vgymKarSVD3td9E2k3X--IEB54EYnPd2B4GtbC1khW_I1SV-D_38dQ8O27sg_Y6DTqv8tsrf9QWmJmSa-l1E5flJxJ-2v81MluPwhAFKVNx-t65QBwrO4lo5ivnDnnS-w1MUgARiSQBA-4Ys0jiL_6opXzlW0Ng4ITB_cKTjdsudFBGzfi-mCly2AI4yajOqBLmpt0sT4ZtP6aC87gn5MZsbfB54jYZhLlGivXk8T61E6huEo0WRE3GfgZgwhDq7FFuMHWhaSs041JucDGQsuy4SGzLibD6SbgUGbPcPy5z3R79NorsBWjrvJH4Gj_Pj1H0BLpsVzc93eb2XSdcgzVue6mlD2P0K4iiia29H7rKVasjI-PvxgV8P3xS4klMuae1aOyiDC8vv3v3ig0OcJCeFiMAxntCwZK2ESZ4XLIOTANRSBGOmFHlCnlzbJ_19ePSBRv53SFdI6Rv6ZDOCMdRTankWrcKe1vY7OHEmrEf9O54W7pe9Kyn2qQqbNDYroL7oH-__FE81K30MmHcW-LrR-sgHEQ4q6FRGPMMSLnjtyJuMjL3NWORUGwEAwEwrj8trVwI9oui6ozprnsOY1c5URHg_fLpxbFlTcc2rOagqYgz07mum7mH13YwkNaf2HYkTP6ldXud4FcI-Hc4aIsYHnruKfS5zdxesRcPIQN235RiGhNztVaTCmF1mPLc9_lFTXen94eFP3_oZ7-KO41eVHGIo3YlaD07uzSzLPkgUiJAUKXK0tGmbnG9gCWIOdK-C_IhAZAc2ex-rmnx-64cpXQSOyUdG1IsGmjNvWVCtolUZ0L6kaNb0UfbvgladeO5WQeF8m0zitdbnkcAdFhTf-419NHX9JdLhx2r6AbIDTOUufJSinTeqdpu0dLGGE-bmNos-9hhx2KL4CTLqYrgrCpSon0vuKVQb4yLFcTe1SCsCUiStOFVq_sA9jK_OAykMaEVt-YNvOuMbHfU5LLUwE1CHWdVzPtN3uCP1rBylDARWvHEq65tLZOCVBUOMJBixNEHnZNsAg9FJeLfl0hL1oiUGo-BdwdmhHYC2aT_UJm5QpGvPQ4c5fzAUTFm-TBK3r-syunWMb_bnHG6-bcU8zZETs208MuWMjcxDpjgUhVwm-HgzMoT-i11Hv9YF9cb8KRvJhoEWU1AYuvI9QJkN95LxLWuEbf27Puj7ZQVr1NkQEnH1pJvRXSip8NQ1uuJzaHb8hBNOSIf5uSwORAqaP0cr8jGmjx-DoF2OngC4WYG_msf-ziBnhNADYLgKfaQu-sA67cY7T2pqHQyRcCP52fNT2HJtv3JIGChbfaGIsVf_6PN64H3ulTEvL4cceL0pwkPES0ji1YyDEFO8tc3OdofKcAHYPJn84iZ7QOOmNnzPqparLK2aMcOWpK6tm4WI4OHrkc69Vz2IYd9v0s2VrT-5b2rmZXOd2P0vl_ddAr6u3jmmuxFJvqhk16yeHbjNny9B6iBH2QgnQ491z6RsQJwwcepl5wsiXKGx1ScZZAJk9ht5aYcjkGB4KM-wfn1dULe4h7xLEgdzP0XDFfZXDeSv8UZoZh7Y4u_BZkPjoZ9rtxeb5_juJX2o6Y3lnkVwtfbzspzSfgEZFem4oXR7wUAkRwR2yC1dkztVff0xW25fZ-5Dz91RaorBoFpOHrLgHiuoUfBMhOD__erlCxR4heiVazuPX6gVEDzVJED6iEuOWF5ahv0Da9p3UwoZS3ixkzOq3vBNuOWfXH9fLx7kmPNobuJn3pwc8W6kBZgar9jJhpwwubgWD_Kvi3l5dWGlw7dXej7CpVAtWQigB0AP4QuRAqBRVAD5n0JZuMUz2HcDtLD7eqJGfYEDVqX28qujCt0hujco1qtlGpX0yMQwxwvHj2veewAX87RSwq5jjmpKxb5r25Uc_YHcxVEfBwFsAWgSUsFUBUlqFyMDt94u8j55p1GL719TDBbWQ4rUdlQdpFT1BXmWWapC0_IsDg8k7hetfK7xdvli8fsa0LHvSGU6zRMklY9BxGdw3IF9Yh-OfWpwU4lfFT0a0Xq5l3XeFcv9auU-EnXsJ0hLG-cZioDV-0CpycCM6S_FHWobvownP4-ziJEQ4iIt3xO3KtlXNoMQabIcYBIOX7c-3KWB2GWwb_H2wdoVL_cy9BKyuCBMAEU7ScpH3dYcREyQvmtNWD-xF6AUI0YaLUc2pq0vxyVCMKQlgrjrBr86kEWW1hOicK1gpBmdincXXwqInqaqyXUyn34R0CGWAJs6u6BjcyOOoqJBx-5JZWqfZ27rNxZ-b7RMg3jW-PQodsUalvXAqFPk12gOAPRnUjfYxYempbIZMryiMwLAk3k_m3vog-SI3xMmJwDff3263X8qSxjbZ-GR1kDEp88xvTox5w7WqCsOJ0z8RnhkcQdLnca_1dUYsUg3XrgN2nwWc7mIjHYrcRLu82Qh37sH_lc-mhHlrjhIZe5rekwc_StUd9Yqyy8nYFgKF-sGYEvpSqIy11jqusSie1G7eNhp_-CKaiWWG4rBNPyvFP6HMuK&cid=CAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4c757c1708af5584345f484e7289628a03851bba8c4b1951eab263dc474f002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E8E7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxETrmIuaeDYrZqEcZFM-aqlj9m6uECpSQISHdEe8pMnbZFYd05fNraa6kyqvX5FrA9eU-FSQ5SPrpqlznRvMbWRWuW4DhzuVNgzs0Ox_6P53jZJc
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E8E7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:38:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E8E7 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647431472276194"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 21 Mar 2022 11:40:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame E8E7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:40:07 GMT
l
www.google.com/ads/measurement/ Frame E8E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnPZl6shGSPTqKhQUpiyEGN6jtKxLf63GAPeYSX1WfCgnVDwQs34ySJwhD-l9xoawPja5Oj0p-k9QqKTJFcAqWIYdmNw
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame 9223 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame E849 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EB8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031501&jk=3417211512221841&bg=!YGOlYyfNAAba2mK92to7ACkAdvg8WqwQBgBD0tMNaa-W9OnaM_XHfXHymS2yLgliq8wYnGArwYwkrAIAAALMUgAAAAFoAQeZAu-K-sCMQqfDu3065k4KeevCLC0Ob4o9nvsa_4IEVJU0spkN6xEfeJpJp8T0k_I4bZZSQkpb5jaLuBdk86_FwUYg8RQQ5-jfY2ooKVZJHrqm9kbI_Bhb7p2JIbhEmpFWkXFbrohj4csBd5Yjpg3UdoapGZtk8FLZn2WTBXSkY4Sxaw_zyZvTwOgX_n98zUdEckc2as3ek8Lla6hZSXS-8SV0-bciuT2-o0hGqw0icOlq9AT1uW_FklD3bYW6TjrVBmo6uEDAsiiPowa-Ur5dNOaJc1YoCb6mPaxYaBX1x2Rtl75q2eCSgdlXBbRSKZNu4s_J1MQIH8FiSL9KurjtI5czFZOTCXgSjU4QYAN8-sZtFblkJdL4yOzbCjV5bTuO9MJlaoAbeYY0xCKtnHiqqEk499-hDWLSC0eK2CgRdMYk3WdtTDwUqrbzjixkaVr_5MuYDW9oY0E_IzVawP3bdCc8qm4JN9aXwcu4u8rgNriRDyQmiE0yLCfuGnLFFGHEWutC0Ocl7bITvmkd1E_N8759egmnhq7kxdOf8Fv5jUaUx_CQv_Z4AEgt00HOKdq0pLw4EScuCtK80M8oAG6KH_Rn5XP-ukoZS4T0u-xL0YacEBRpgpCSWNA8aDq2YdceSFTUir0F7woYo93HgXEa6kf3ih3CLmmPFQGoGaQvMQG8nX9LmtFfAp87HjBtXO99tgjSwKUlBiCWs62ZwhEj6PqGx53dWKBBRQgN5zInQdLOO0G1b1gpqTcsRziDMAfgO_6CNiI_FGlXQFfGVvPI-MWdaikNjvb-Ja1U7Z3OHy3Zxi6f1NGXdFg3JSeQfb6o9ucS1b7umV2Ns_WZHnK3HSq0jZ34ubNdTmIouS5as6YqpDMOrpHBJaFn_lSRhus3BTvzbZ8BWt9r40if5qO9kRxwmO0SyRLaUTo4LJ1WM3Wzh3xsG1a4BQtZnbpoujUVuiUlM1ewbFvJSj6CJ2bIfpsfW2w2Ci3FO-60gJd3c9NL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE8F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcpPMOWQ4YryyOvqOjuwP6eSPkAYAAAAAOAHgBAI&bg=!paalpuLNAAba2mK92to7ACkAdvg8WokEmmBanZeoQwZf0cZUUxnWH7m0J4dtDpQ4VBjlfOXRXHC9hAIAAAFjUgAAAAFoAQeZAyppcdxrTtQu93Z91QHw0pDnRljoWWyD7aIVh3ENuSoqLREkgj0SxuZnxCnXO--FK0qKMoUiSTM6px3PRRtOIphwJS-r2VWG5AYF7hm92mIcSidkGCUZfsg2cfWtmkKnO-WqAtbGJkBK4OItBsCqezUBMap6E8ayjV-tdN-JOfiskCJEB948h9e8MOQLzJUPKo5uCgok0-hSXA4_hNN0ruFZe7-EhQUVYjHo--KYinqDjMU04tWlhl0dJnKr42wdrLEJtpzFpVR4nyTN60AeVjkCznHnnkOXJfCWe86cnZCQBPO2yzU9mqIdFFq7hvKujwxarYXoggjVIrs1d8j_opnu0HeOkgz0a1EhXzTeWiJTeARpgp2h-eL1TGkgcKN7BV0lhahbkHe4eCPLMyVLvJU_8UNOP2AEi_AWHq-2f0WWChJUyVOMRWRWD3nJPTV2PO6Oc8lP-2Lbq4O9JnNSemoFdOBN_t-4SJHGjRU6QNWK9mDRXq2gOOw0QVT-bsqyXtsJlRDb1Fietu0LIMqqkGa95jPRomwgEVyivNFPOS_Rw6ML3TY4r2W1w36pUDOK_2Y0QWlxjFuzqPycqbhDZUXlaNeZhc4dRuosdmmU85y_908CjUD6vZQ2ejUw6ByOrf9MzUh_wcb_ZQGl4F0AIVvZY62vB3vHitwShpMu3wHHfg-YodsNFOgI5YswEFNwq-BUYY2-0HZ1O2XumIVYPUfZxDfgkKnibVnRgPJdJpTFyishnYId9X7uxjRm9JBRPUCkKDZOrHKnUNKWPBXk2CYSBU1-uQq5kS9f5dRB_dL6ATOu5UvZm9Vx9pcXbxuiUf-3-FV6lWZt_FZ4clZW-9NXYJyBrn0YN4DQKnCINSTr_NaqnzOxjzhhppPOYUBqmLqhF2tSvjhau1AwJlq7WFvzMiyUeu4RWkxGAPrMioGyXZiN-E-EdEpeEQOKou6406hcxa741s5CIgXI8VYyY6z59FMQU55XRe5tpyFzEjfldcNtB-vhnWpdnkOCxx-DLdBGfNhHl4jVDATw54OqXG7KWpt4vzXDD9eMBzjE9fXXkhJwfnsjlUO0E7Q
Requested by
Host: 5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
URL: https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
69250fcfc588cf5d7fc2147a4a4327c3
pv.medialead.de/trck/epv/ Frame D0E3 		961 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3?subid=44408900105111600383830011905029&ctrack=https%3A%2F%2Fad29.ad-srv.net%2Fc%2Fchkpy7m0qh0yun9%3Ftprde%3D
Requested by
Host: ad29.ad-srv.net
URL: https://ad29.ad-srv.net/request_content.php?s=44408900105111600383830011905029&a=5570690e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
fbd9597150a07c43e90f3e5ed9e4872a8ebbb43813f982f141cdb067d47bf42d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad29.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:8EA6_91EFC182:01BB_6238643B_10A5F6EB:7DDF
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript; charset=utf-8
Cache-control
private
Keep-Alive
timeout=20
Content-Length
961
Proxy-Host
pv.medialead.de
140x180.png
media.acfrg.com/banner/Affilinet/Logo/EMP/ Frame D0E3
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2481855&v=14172&q=372905&r=473322&pref1=44408900105111600383830011905029
  • https://media.acfrg.com/banner/Affilinet/Logo/EMP/140x180.png
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.acfrg.com/banner/Affilinet/Logo/EMP/140x180.png
Requested by
Host: ad29.ad-srv.net
URL: https://ad29.ad-srv.net/request_content.php?s=44408900105111600383830011905029&a=5570690e
Protocol
H2
Server
2600:9000:2156:c800:13:99a2:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f50a9e6bc3e6b495d323fd384ca126c33f0e11c68edc8dc43939408c0404da6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad29.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 04:40:44 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
etag
"5c7d2f4c-2f61"
last-modified
Mon, 04 Mar 2019 13:59:40 GMT
server
nginx
age
26085
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
12129
x-amz-cf-id
_6QJ3X4mQXzz2O3TtLBNAeX4LgctCR32OpvADTE9nwat1tAMt0eWvw==

Redirect headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://media.acfrg.com/banner/Affilinet/Logo/EMP/140x180.png
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A24 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=4007856695887032&bg=!6eql6q7NAAba2mK92to7ACkAdvg8WkQlxqR_91L_V5DZKC2IirK_vap2R2zaUui8q7O6GQvd76PuAwIAAAJlUgAAAAJoAQcKAEWtq7R16rjFxk3JhxPkQ74YgulXZg454V1vkf0nvYAMym_aMlholCw70aFqErnhv5xp94ITWhAr_hVFoF4ZS_6A9d0TCa2ZAupxkjQ3T7gud7etHYNxhHtVZnAeH-ktjEdP5GL0Sljoh0FvMZudhHdSQrmvrxaDHePPS3DyArIhRsOUe2VczLyP7UBIJlLdM_mYsEbVeVqExdakqBpzr-PF4QD27C2rQ9faCU27PGsEWui1ry2TArNekpppqAx1YKXb7ixiCLKdiR3_vb0vVneIac5D1kBLDlWgftyut6_Tfed1DzUJj5-N22uRyPHbDCgdvcB581jYuqJdnFgFACpxBnMbY0tfJs9Y-ITLY99VpiBMB535vkETJypCifDjbZA9IuxrfsoH2QpmAw18fNu65LsUq-bkFb8-Nplbr6yG6xQHo8o9mtF6vqX_kSfgdVd9_JatedfyrzkpKeoBZN6Yg6ESGYfzX94BIDxtChvDeWKIWl8Jywq_TH964-DlX6ogxUSj5pz2eviywh_MCBqGipuBnBaOyzLxBmwa3kpmjiYcOaoEUgjPnNQJDbuMgv7VFMs9cful2DE88nQy4m9C8wjiPvgQZL3Mzo3MzseeA_IHgl-durGAP-ZAx7IEM-3A_akkFK1BoWgM9HVe87_QwlHnaShlzmKP_5buiTwTlx7UAvCfngsdsmyofHaBA6M4504PXnSfcCTzcSr40knhKupWgT7L8NMboJIASUUJAXuUF0O_4ONsU-tmQAEiTfPdAAO8vIb2bS_t5BbnE_bOaKqZ_wYFHYWSK_g9uDAbykSFGJbjmkyTbH-iiwLj9F3AYkarhCaRCDZHkkx8TvaKRfTcop0_xB19McsOmI54bdJy9tyTYevu6CZcjhRqk37PrqSDkcfl97b2JINWC9sCuUx-HnHe2ZVzgHf6etW3P3PODte_IbjfTYJwe4tjqxJdWXoANuVc98v9TsKsPDj-CtwHdFWNag1Ejc_ECR7XkO6P-AtcRwwV6-V5tGJlDG9EVeSDMOgv8wvguPfdUP6nARwP4yIdXzdW9lolkPb4AbWqCjK5CtZ2AQubB5bf4EHijA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
ad29.ad-srv.net/ Frame D0E3 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad29.ad-srv.net/viewability?s=44408900105111600383830011905029&a=d50db800&vb=m
Requested by
Host: ad29.ad-srv.net
URL: https://ad29.ad-srv.net/request_content.php?s=44408900105111600383830011905029&a=5570690e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad29.ad-srv.net/request_content.php?s=44408900105111600383830011905029&a=5570690e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7018 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=3442312406334637&bg=!p6SlpODNAAba2mK92to7ACkAdvg8Wo18vA4xoqiB8EvybnaHV0-GtEI0ROqU6vBvHH_BHpAsg_Uq3wIAAAKUUgAAAAdoAQeZAujLg_nNLQU2P1kotSuxeeGyHoQ-OCC9fRJiF7at6IiuEZ2M7qKlcJmVYieCLtyuD_hvI98np3fmqkTyxlHpMhQT0N7MDJHpULvU6MptNdCoZRxaGi6-IPWzLM3qSUKKjyOWiQMnGb3PwKkz-bwMGHGfbec9K7Nm1GwP1pEEBZi-BKLF0cQwlneWfiBjwEFlAKYPQghM8XOXjFup5GjJ5dEHXgwUt4m8ajUwS4DyvoiUe_rEXc1XwQebkbDs0sg5FbW5lqN03JGZc8Z7YQ1JHwWDAkKWxBaU76a-HZBuCUj52irKR2B80RPRJjdnFAQ4h_VR3z0w9pwHAwHdOVnliydgQu5eZQ4p1zYLTqqa3t0ZRzmPAViyDp8c1EmJtI9hpEKZwNJX-qq8Moybny2hCatntDkTRWBYm_bBo8zOtwzKO74ygzTolQU_btqhW3ULsKdWWNjaJGnE7s-zu9hRKy645Qp8UtGdafZVwaxH1ZJlDDldOgODLlVf7ofJwpN71S6Cw8wNCa4YQ6juPwS-G5VL5Y1oJWKdw2cl8nXAPldrxaF-FRpm6mQSp0ArX_DanqBvvC_YvGjg5wlz3D8Yknmfza3PPAyQGeacPFjpl7rmPDR4mpufIacaybGek8-5Nia78z2L5vF_AYVQn5DdSEGRFQ_FmMdcFvRscemOw4D7v0vRk_FyRAQGf0Z56y23E2TzWIv09vW01Ik0Z_HGakxkGBU0bdrnYsMJNc_Ogfts1zDpxs_6_tFo65ywBIckngtzK9QBndfdvMxY7CNqU575Tkh_hCMRyoAYuOy09iqn9GBIw7cia5gr0noECo_CMfGxzDhMvZzdKsh7wUY_KV3AFYHef77krzC-qvVFJByUZUiDvW05dHXaAO23FCOkZYGWaRQjYu77FutaMw7d-Ci8XSbsGWwTChumyUTHA8Io7Zfhx0hnx4BY_Qm__wA8CVPaOQRkGTFjxxwdbQnO1WqEteOdIR9t5fM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
160x600_bg_27062011.gif
cdn.contentspread.net/kupona/creatives/ Frame D0E3 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/kupona/creatives/160x600_bg_27062011.gif
Requested by
Host: ad29.ad-srv.net
URL: https://ad29.ad-srv.net/request_content.php?s=44408900105111600383830011905029&a=5570690e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
1cbf38da8d5e1d59a0fde805fa77444183bde3c24a29447cce14f8a2b56247a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad29.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Last-Modified
Wed, 29 Jun 2011 06:54:11 GMT
Server
nginx
ETag
"4e0acc13-4d9c"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
19868
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C97 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030901&jk=2160141634947513&bg=!urmluf3NAAba2mK92to7ACkAdvg8Wg-LibJtVIr19DFVU_0sFMOEkc5QJOSmOzMZz7re7y7GbYZpXgIAAAKDUgAAAAFoAQeZAt7Z3TWGNaH_QP5oFz5MPDKvXSqjFTblbJLvfmPJo4bXwIr-Umz5m6s3cG_00s3tfE8IgQqpdhmS7BJltvi8DiGP19odROPBQYo4nsU-ROjOqpKscNTNXyTGF-fLn7xNb-FoGw_4QzZ269tRbZMCG9stb2bP_6kgqb_QYyBW68Ko2X3WOeJOW8Twv8BnkfzRxlSV8_N5ljHdwt9ns3dhr2BGm6QyWt4WQaDgrwQrBypM32CryqkhoK6iDDXpnYi7AI0sRNHAEuZr6is1vWt5tNCWmdfY7bwEcWUahEYuwvJQ1O0oE_FI7gu6e6Tl9lE-aTvIEroeBkHt7Xv8nuGifezIGzjBS8gYiScmBESbFnHKBUTejacClwA9dBlEWRXpjsyBF9GOqQHIazDqPkQu8u1y1RuoqHHtcsO2aLE1GUXORkUlav_FaTmF8Dkt7HMdB3MjXCNHgny6fkys7lYD6zfpluGmYrpp4v2sRutVe4L_3EskA3sfd8OIKPwm7pnMxovJKLvPyXLvbs2fQnFYs0YZs7XZ6AA0o_MxlonGXXfvPqiE0WZT7v_JsbitrlcdqHscY2v04BnNavv18-0CgrZtT_bdgmmipXeYJnWXd3n1fd20Gtm4OqiMtsXn0TN2NIVUCY0zD-1V56_GVoqnYgr1NyfXD8EWeLiNVhn0G7aLISwC9euVPyXg4TyBw-gT7KZVBo09a5JAgfZko6kEiffgAuq8QEyMDDcGPSkenoOd6laztjH2nRO0Ww2auWCDHcOAviEISuqTcwsZ_RTHWMMSRNHAjhIIV9zs7IE-k9H5deNN6ES4ZOBH8hFN8VLjjT-YcMBH7haZhr0k4hD3MtpquE7pgLxskCXyS52OjIIo9lTcYceZUeBNICBexjzmlUL3B8UEQuD7jZ1-o4jwGaT-buvRk7wTSY5svkNFXTfk2IFcWhehbQtv40VWyVqQPf2weiJiGfOorYqtHK1VHA
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6705
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX6LQgfEBWCEpjcpmHQehQeJgKjRpHYPsgYXdjwWm1cLW23h-SXXKUBSI2urNhDt1MSqXVoGthH00LeHSPGJQ_E8gfVas-toozJ3wpOG0Y2oTCQJ2plst4vBceHvB7zr1HIPWd3GfO-y9ae-XWpgrcEVrrVpW_tKNtKvAuGvwU6ACSK3uU
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 21 Mar 2022 11:40:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6705
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjhkOpf8zZv1BkpaMl0qvwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX6LQgfEBWCEpjcpmHQehQeJgKjRpHYPsgYXdjwWm1cLW23h-SXXKUBSI2urNhDt1MSqXVoGthH00LeHSPGJQ_E8gfVas-toozJ3wpOG0Y2oTCQJ2plst4vBceHvB7zr1HIPWd3GfO-y9ae-XWpgrcEVrrVpW_tKNtKvAuGvwU6ACSK3uU
Protocol
HTTP/1.1
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 21 Mar 2022 11:40:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECBYObjZVKDSpzSvm3h-4q4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6705
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX6LQgfEBWCEpjcpmHQehQeJgKjRpHYPsgYXdjwWm1cLW23h-SXXKUBSI2urNhDt1MSqXVoGthH00LeHSPGJQ_E8gfVas-toozJ3wpOG0Y2oTCQJ2plst4vBceHvB7zr1HIPWd3GfO-y9ae-XWpgrcEVrrVpW_tKNtKvAuGvwU6ACSK3uU
Protocol
HTTP/1.1
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:43 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
82b46be5-9f0f-40ee-9588-98996a2b0c07
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1-qK5_7foBYum9jF510j8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6705
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNX6LQgfEBWCEpjcpmHQehQeJgKjRpHYPsgYXdjwWm1cLW23h-SXXKUBSI2urNhDt1MSqXVoGthH00LeHSPGJQ_E8gfVas-toozJ3wpOG0Y2oTCQJ2plst4vBceHvB7zr1HIPWd3GfO-y9ae-XWpgrcEVrrVpW_tKNtKvAuGvwU6ACSK3uU
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:43 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
90ed10b4-128e-4136-8417-c8811e2b14c2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM4MzA3NTcyMTgxNDI3NDEyNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view.aspx
pb.media01.eu/ Frame F556 		0
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=50099&dt_subid2=44408900105111600383830011905029&actionid=981741&produktid=&dt_url=
Requested by
Host: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/69250fcfc588cf5d7fc2147a4a4327c3?subid=44408900105111600383830011905029&ctrack=https%3A%2F%2Fad29.ad-srv.net%2Fc%2Fchkpy7m0qh0yun9%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad29.ad-srv.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 21 Mar 2022 12:40:43 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 21 Mar 2022 11:40:42 GMT
content-length
0
pb_ratenkredit_140x180.jpg
ad-server.eu/wm/pb/rate/aktion/ Frame D0E3 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_140x180.jpg
Requested by
Host: ad29.ad-srv.net
URL: https://ad29.ad-srv.net/request_content.php?s=44408900105111600383830011905029&a=5570690e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
91c1971597100f2dc7d4f0b39b56b0a842f2852c70a76811d360bd18472e22b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad29.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:46:14 GMT
Last-Modified
Wed, 02 Feb 2022 09:48:01 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"61fa5351-2bed"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11245
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame E8E7 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COTOSuB8COrDw1PmweAvJpjgAZrZpgSQyW458GdOr5q-MJTJalQwgrbkXQIq_A_LO-zhz-RUlLkiFeltOtl4fBuLfBEVhhH-3w2nmPDa5dZmE1i_Zm5xTJuLkm13IHNJAVUkbq7nH728LbzLcurk1iL5XsaA&cry=1&dbm_d=AKAmf-A53motVAHzJunA0wnpNMx540VrtHARAsAl4MvnspQ1J_DZgTwdqDf6TUv4ODjO80TDjM2_qg_JLUJBly87RY-6UquQOMJZ_uWPmu3vTG7twtS7m9UXSr1VpXXL3WAWSmiFxLo4Rq8wMJ7cU2lTr5qNEhI3oyURejUpQSY-EOC4edsOl4oAIPRSKv61IlRgfWKYqstvUaGgQiyGCFv9xB3RkQTToapPhn4kPJBWUUPPnfyZoYuhCT0lE-VACblHLPB6VYTH3S4Sy8_6c6Xx7Uy7lhDNWdqHBn8AfGOdfujhlJz7c-Kfk8X3fNKIUs_SKhlkfSAHDckCp3RoM9KNUKKQ30Z4ySbxNEtAyMjPTo0RFDrkSiwI7sNmU_HW9kUN-bAT_Bf0SH0w7TNtA7LJtzfo3inazfBVGaVxjBa3zfHrqy6fg5C60eIniTd0bRW3aCGznpAqHP0VoO9s7Y9iRmJiB4NNQSjvCil6SWxAmTn5MnQ9gGeOIIy0srUS1ikdLS1yhcNNxW0uZpRbm9OJXdq2Gbr2eRi_TEQ_Fd_dkaAVs6YJfgYu1lPwbydy-wf0tYVbhux1dHceIEZTUfBASdO59wVP2LR50BP0HpdQStm1xTnaC6VzJrvDauBcT13mUX8J3IJK0Kskgylq2YfN4gWbFr9T5r8U4vgymKarSVD3td9E2k3X--IEB54EYnPd2B4GtbC1khW_I1SV-D_38dQ8O27sg_Y6DTqv8tsrf9QWmJmSa-l1E5flJxJ-2v81MluPwhAFKVNx-t65QBwrO4lo5ivnDnnS-w1MUgARiSQBA-4Ys0jiL_6opXzlW0Ng4ITB_cKTjdsudFBGzfi-mCly2AI4yajOqBLmpt0sT4ZtP6aC87gn5MZsbfB54jYZhLlGivXk8T61E6huEo0WRE3GfgZgwhDq7FFuMHWhaSs041JucDGQsuy4SGzLibD6SbgUGbPcPy5z3R79NorsBWjrvJH4Gj_Pj1H0BLpsVzc93eb2XSdcgzVue6mlD2P0K4iiia29H7rKVasjI-PvxgV8P3xS4klMuae1aOyiDC8vv3v3ig0OcJCeFiMAxntCwZK2ESZ4XLIOTANRSBGOmFHlCnlzbJ_19ePSBRv53SFdI6Rv6ZDOCMdRTankWrcKe1vY7OHEmrEf9O54W7pe9Kyn2qQqbNDYroL7oH-__FE81K30MmHcW-LrR-sgHEQ4q6FRGPMMSLnjtyJuMjL3NWORUGwEAwEwrj8trVwI9oui6ozprnsOY1c5URHg_fLpxbFlTcc2rOagqYgz07mum7mH13YwkNaf2HYkTP6ldXud4FcI-Hc4aIsYHnruKfS5zdxesRcPIQN235RiGhNztVaTCmF1mPLc9_lFTXen94eFP3_oZ7-KO41eVHGIo3YlaD07uzSzLPkgUiJAUKXK0tGmbnG9gCWIOdK-C_IhAZAc2ex-rmnx-64cpXQSOyUdG1IsGmjNvWVCtolUZ0L6kaNb0UfbvgladeO5WQeF8m0zitdbnkcAdFhTf-419NHX9JdLhx2r6AbIDTOUufJSinTeqdpu0dLGGE-bmNos-9hhx2KL4CTLqYrgrCpSon0vuKVQb4yLFcTe1SCsCUiStOFVq_sA9jK_OAykMaEVt-YNvOuMbHfU5LLUwE1CHWdVzPtN3uCP1rBylDARWvHEq65tLZOCVBUOMJBixNEHnZNsAg9FJeLfl0hL1oiUGo-BdwdmhHYC2aT_UJm5QpGvPQ4c5fzAUTFm-TBK3r-syunWMb_bnHG6-bcU8zZETs208MuWMjcxDpjgUhVwm-HgzMoT-i11Hv9YF9cb8KRvJhoEWU1AYuvI9QJkN95LxLWuEbf27Puj7ZQVr1NkQEnH1pJvRXSip8NQ1uuJzaHb8hBNOSIf5uSwORAqaP0cr8jGmjx-DoF2OngC4WYG_msf-ziBnhNADYLgKfaQu-sA67cY7T2pqHQyRcCP52fNT2HJtv3JIGChbfaGIsVf_6PN64H3ulTEvL4cceL0pwkPES0ji1YyDEFO8tc3OdofKcAHYPJn84iZ7QOOmNnzPqparLK2aMcOWpK6tm4WI4OHrkc69Vz2IYd9v0s2VrT-5b2rmZXOd2P0vl_ddAr6u3jmmuxFJvqhk16yeHbjNny9B6iBH2QgnQ491z6RsQJwwcepl5wsiXKGx1ScZZAJk9ht5aYcjkGB4KM-wfn1dULe4h7xLEgdzP0XDFfZXDeSv8UZoZh7Y4u_BZkPjoZ9rtxeb5_juJX2o6Y3lnkVwtfbzspzSfgEZFem4oXR7wUAkRwR2yC1dkztVff0xW25fZ-5Dz91RaorBoFpOHrLgHiuoUfBMhOD__erlCxR4heiVazuPX6gVEDzVJED6iEuOWF5ahv0Da9p3UwoZS3ixkzOq3vBNuOWfXH9fLx7kmPNobuJn3pwc8W6kBZgar9jJhpwwubgWD_Kvi3l5dWGlw7dXej7CpVAtWQigB0AP4QuRAqBRVAD5n0JZuMUz2HcDtLD7eqJGfYEDVqX28qujCt0hujco1qtlGpX0yMQwxwvHj2veewAX87RSwq5jjmpKxb5r25Uc_YHcxVEfBwFsAWgSUsFUBUlqFyMDt94u8j55p1GL719TDBbWQ4rUdlQdpFT1BXmWWapC0_IsDg8k7hetfK7xdvli8fsa0LHvSGU6zRMklY9BxGdw3IF9Yh-OfWpwU4lfFT0a0Xq5l3XeFcv9auU-EnXsJ0hLG-cZioDV-0CpycCM6S_FHWobvownP4-ziJEQ4iIt3xO3KtlXNoMQabIcYBIOX7c-3KWB2GWwb_H2wdoVL_cy9BKyuCBMAEU7ScpH3dYcREyQvmtNWD-xF6AUI0YaLUc2pq0vxyVCMKQlgrjrBr86kEWW1hOicK1gpBmdincXXwqInqaqyXUyn34R0CGWAJs6u6BjcyOOoqJBx-5JZWqfZ27rNxZ-b7RMg3jW-PQodsUalvXAqFPk12gOAPRnUjfYxYempbIZMryiMwLAk3k_m3vog-SI3xMmJwDff3263X8qSxjbZ-GR1kDEp88xvTox5w7WqCsOJ0z8RnhkcQdLnca_1dUYsUg3XrgN2nwWc7mIjHYrcRLu82Qh37sH_lc-mhHlrjhIZe5rekwc_StUd9Yqyy8nYFgKF-sGYEvpSqIy11jqusSie1G7eNhp_-CKaiWWG4rBNPyvFP6HMuK&cid=CAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Apr 2022 11:35:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E8E7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COTOSuB8COrDw1PmweAvJpjgAZrZpgSQyW458GdOr5q-MJTJalQwgrbkXQIq_A_LO-zhz-RUlLkiFeltOtl4fBuLfBEVhhH-3w2nmPDa5dZmE1i_Zm5xTJuLkm13IHNJAVUkbq7nH728LbzLcurk1iL5XsaA&cry=1&dbm_d=AKAmf-A53motVAHzJunA0wnpNMx540VrtHARAsAl4MvnspQ1J_DZgTwdqDf6TUv4ODjO80TDjM2_qg_JLUJBly87RY-6UquQOMJZ_uWPmu3vTG7twtS7m9UXSr1VpXXL3WAWSmiFxLo4Rq8wMJ7cU2lTr5qNEhI3oyURejUpQSY-EOC4edsOl4oAIPRSKv61IlRgfWKYqstvUaGgQiyGCFv9xB3RkQTToapPhn4kPJBWUUPPnfyZoYuhCT0lE-VACblHLPB6VYTH3S4Sy8_6c6Xx7Uy7lhDNWdqHBn8AfGOdfujhlJz7c-Kfk8X3fNKIUs_SKhlkfSAHDckCp3RoM9KNUKKQ30Z4ySbxNEtAyMjPTo0RFDrkSiwI7sNmU_HW9kUN-bAT_Bf0SH0w7TNtA7LJtzfo3inazfBVGaVxjBa3zfHrqy6fg5C60eIniTd0bRW3aCGznpAqHP0VoO9s7Y9iRmJiB4NNQSjvCil6SWxAmTn5MnQ9gGeOIIy0srUS1ikdLS1yhcNNxW0uZpRbm9OJXdq2Gbr2eRi_TEQ_Fd_dkaAVs6YJfgYu1lPwbydy-wf0tYVbhux1dHceIEZTUfBASdO59wVP2LR50BP0HpdQStm1xTnaC6VzJrvDauBcT13mUX8J3IJK0Kskgylq2YfN4gWbFr9T5r8U4vgymKarSVD3td9E2k3X--IEB54EYnPd2B4GtbC1khW_I1SV-D_38dQ8O27sg_Y6DTqv8tsrf9QWmJmSa-l1E5flJxJ-2v81MluPwhAFKVNx-t65QBwrO4lo5ivnDnnS-w1MUgARiSQBA-4Ys0jiL_6opXzlW0Ng4ITB_cKTjdsudFBGzfi-mCly2AI4yajOqBLmpt0sT4ZtP6aC87gn5MZsbfB54jYZhLlGivXk8T61E6huEo0WRE3GfgZgwhDq7FFuMHWhaSs041JucDGQsuy4SGzLibD6SbgUGbPcPy5z3R79NorsBWjrvJH4Gj_Pj1H0BLpsVzc93eb2XSdcgzVue6mlD2P0K4iiia29H7rKVasjI-PvxgV8P3xS4klMuae1aOyiDC8vv3v3ig0OcJCeFiMAxntCwZK2ESZ4XLIOTANRSBGOmFHlCnlzbJ_19ePSBRv53SFdI6Rv6ZDOCMdRTankWrcKe1vY7OHEmrEf9O54W7pe9Kyn2qQqbNDYroL7oH-__FE81K30MmHcW-LrR-sgHEQ4q6FRGPMMSLnjtyJuMjL3NWORUGwEAwEwrj8trVwI9oui6ozprnsOY1c5URHg_fLpxbFlTcc2rOagqYgz07mum7mH13YwkNaf2HYkTP6ldXud4FcI-Hc4aIsYHnruKfS5zdxesRcPIQN235RiGhNztVaTCmF1mPLc9_lFTXen94eFP3_oZ7-KO41eVHGIo3YlaD07uzSzLPkgUiJAUKXK0tGmbnG9gCWIOdK-C_IhAZAc2ex-rmnx-64cpXQSOyUdG1IsGmjNvWVCtolUZ0L6kaNb0UfbvgladeO5WQeF8m0zitdbnkcAdFhTf-419NHX9JdLhx2r6AbIDTOUufJSinTeqdpu0dLGGE-bmNos-9hhx2KL4CTLqYrgrCpSon0vuKVQb4yLFcTe1SCsCUiStOFVq_sA9jK_OAykMaEVt-YNvOuMbHfU5LLUwE1CHWdVzPtN3uCP1rBylDARWvHEq65tLZOCVBUOMJBixNEHnZNsAg9FJeLfl0hL1oiUGo-BdwdmhHYC2aT_UJm5QpGvPQ4c5fzAUTFm-TBK3r-syunWMb_bnHG6-bcU8zZETs208MuWMjcxDpjgUhVwm-HgzMoT-i11Hv9YF9cb8KRvJhoEWU1AYuvI9QJkN95LxLWuEbf27Puj7ZQVr1NkQEnH1pJvRXSip8NQ1uuJzaHb8hBNOSIf5uSwORAqaP0cr8jGmjx-DoF2OngC4WYG_msf-ziBnhNADYLgKfaQu-sA67cY7T2pqHQyRcCP52fNT2HJtv3JIGChbfaGIsVf_6PN64H3ulTEvL4cceL0pwkPES0ji1YyDEFO8tc3OdofKcAHYPJn84iZ7QOOmNnzPqparLK2aMcOWpK6tm4WI4OHrkc69Vz2IYd9v0s2VrT-5b2rmZXOd2P0vl_ddAr6u3jmmuxFJvqhk16yeHbjNny9B6iBH2QgnQ491z6RsQJwwcepl5wsiXKGx1ScZZAJk9ht5aYcjkGB4KM-wfn1dULe4h7xLEgdzP0XDFfZXDeSv8UZoZh7Y4u_BZkPjoZ9rtxeb5_juJX2o6Y3lnkVwtfbzspzSfgEZFem4oXR7wUAkRwR2yC1dkztVff0xW25fZ-5Dz91RaorBoFpOHrLgHiuoUfBMhOD__erlCxR4heiVazuPX6gVEDzVJED6iEuOWF5ahv0Da9p3UwoZS3ixkzOq3vBNuOWfXH9fLx7kmPNobuJn3pwc8W6kBZgar9jJhpwwubgWD_Kvi3l5dWGlw7dXej7CpVAtWQigB0AP4QuRAqBRVAD5n0JZuMUz2HcDtLD7eqJGfYEDVqX28qujCt0hujco1qtlGpX0yMQwxwvHj2veewAX87RSwq5jjmpKxb5r25Uc_YHcxVEfBwFsAWgSUsFUBUlqFyMDt94u8j55p1GL719TDBbWQ4rUdlQdpFT1BXmWWapC0_IsDg8k7hetfK7xdvli8fsa0LHvSGU6zRMklY9BxGdw3IF9Yh-OfWpwU4lfFT0a0Xq5l3XeFcv9auU-EnXsJ0hLG-cZioDV-0CpycCM6S_FHWobvownP4-ziJEQ4iIt3xO3KtlXNoMQabIcYBIOX7c-3KWB2GWwb_H2wdoVL_cy9BKyuCBMAEU7ScpH3dYcREyQvmtNWD-xF6AUI0YaLUc2pq0vxyVCMKQlgrjrBr86kEWW1hOicK1gpBmdincXXwqInqaqyXUyn34R0CGWAJs6u6BjcyOOoqJBx-5JZWqfZ27rNxZ-b7RMg3jW-PQodsUalvXAqFPk12gOAPRnUjfYxYempbIZMryiMwLAk3k_m3vog-SI3xMmJwDff3263X8qSxjbZ-GR1kDEp88xvTox5w7WqCsOJ0z8RnhkcQdLnca_1dUYsUg3XrgN2nwWc7mIjHYrcRLu82Qh37sH_lc-mhHlrjhIZe5rekwc_StUd9Yqyy8nYFgKF-sGYEvpSqIy11jqusSie1G7eNhp_-CKaiWWG4rBNPyvFP6HMuK&cid=CAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec&rfl=2%2Chttps%253A%252F%252Fnets4.com%242%2Chttps%253A%252F%252Fnets4.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
all
csm.eu.criteo.net/ Frame D9E9 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AqGnfgD9Bd55eWhlxVDDVPxPP6ifZ25abUy4mN7S3TSX3rCncR7ZxqRb-eyGB6yg-_HbRrIsMwEnhPnVOaneBxP3cBqml7ULiFn3-kmaDpZ5Ep8_Hp47t92oQollYsD5IliAjJmcZyVk3Q4WieIAHPl8SOsksyJU3InXIUZWvGeEhnVRTLYOeP_tpO0Ek1DoMUBE5klnIsUEwnOkI79gLtCbMBgTHw8TSeJ2aNY6jJAQzIfFr3qDKx8S_KvNCGao8ClXCw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOQAFWSYIu8XoAA8WMkREhHfXs1sHykQyMg&u=%7CTAzgGim0f47mFfBS23OiNW9F6i3UqDjwoQV1E6th06c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoLzXkgyukYeTJDX-c-czoLNPVWRrrn9l2EMHMb1hI7Em0QwQZgmNNNQzT6aPP5zozV7JDfKDqexFPUg9hET2J9mEPyFP_FitTdiFXb06J7U67vuKhhq1njd9MoLTqmn7OUSh8qt7edmZZy8gC2nf6YpHLDL9ypW0hH0K8JitUpyVueaqv0iX_I30ZMl6Ug0t_nrCIFCYdysvx2t1hjembPdJI2_3w9KsweCeDpos2lrw5IW_pyr9fMmb65EqwNjxdYdwoGfjD5igXqDoh9WyaTviGM_y0eGxU_0hvdhV_GPcJgAZCuR94nl8JA6a8OqGF0FXDKpiSOzF-CYjcKpJZFJuryW0ogDJueAbuXgvE49FfhyV3uzUKM5Uxx4u9cN9bmvXuClMz3wx8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiwSwOWQ4YqayFeiL7_UPsqy8-A3JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEugJP0BAzuYQLMQ4eK8vTgW8Rd4UXSP0bf1CUpzd_X4eYotkbj0gCr2ChVg0F867IkkhKp_nZiiKxYCLIj5jitavl0oBRgThfbztCVtPhGkMdWdaCTEde433dda2pC_cmHdnU0hYh0Ra9s41gQ5u0nxyU19UFvzIsrjN7rjHBqBV4u9vebfRHAO85kM3_sOzDZqsAO7makIB5fijnUWW6EPYf49yI2G7-5ykRldaZfLVrVN_WTsiXPfe8IVXnjxJPAikJltGQynQF2IBe6k7E0E8wFGkkA2AwEh7PEkZmVQy7aV6UzposAtlk419XngzLRdI3OAU1SJYhlKu2LEF2Lgc0VtOD9Hgu67pDcOeyIzy0E7YsXpO5vfOgFA48VdO7Znxv99TrhkfaeGBmtki1yDW8yZ151IzvbTvE8eAEAYAGnNLFvfej_sjCAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1N_E7u9O4H1BYTf5Y8KoZO3HsBEg%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 21 Mar 2022 11:40:43 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:43 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
truncated
/ Frame 997B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05f7f72511e19aab44be3f209fd8b6d4d11c2dc61b082c266dad33bd0dae4629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame E849 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_NGzvg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EF58 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
360733
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 9223 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?w0KoJw
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
4727t6qteyti
hal9000.redintelligence.net/zone/ Frame E8E7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfY1YOmQ4YqumNuSB7_UPy6qE0AS1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTIAU_QOYCNz9v1qVjsBY4JfOift_1SRqmct7cgdJ53qDKWdaaC8SsIg90ZR2dxyqiE4OQDCi9S8I_cmfnXf6KYEDGZkKuu01-J8ZqPCFnAVSrmANpY-bLBHIEavcyz_m2xRhLUhDxbTcRNDIad450Lgsqkzxms7QY7NLc9ppvh4UK-u363r8QSKyXFa_iztmtoFNE3Em2X2QQDsV8zrJerFTlvu8uObt0TO4w29ZeaEK-UxtxMerxohRNcXilc16CHCGCWVpHGuKVywASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec%26sig%3DAOD64_2MyonSX-ID430RDdHi2mBopp2nuA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C39_KM7QZ9jEzz7yUetIZUWvXBywZLjDTtwJ_mM0YcGouyBbLx4a4Z_9y66FC7v-RJqvGUaIHKXT44zQc3mpEAuS79eIJagkp9vFnay-TmrBG6eK9BI1UYTNl4QkPUvoQOy3w0kdTP8t3mF8-rDO3lUCWxyA%26cry%3D1%26dbm_d%3DAKAmf-DNuS5v4HHV6tXRJ2f_z1tY-W2JDT6eS1X7RjvLTH_-3CnrI-e5vLQZtLnvS5TBtrPsj1BT7_V7PsQkbSGQZu-n8b1LoWJ9jgiZgLo06Q6mW75LDKlV3mAjYKBsEsHE9hvSXZMxiKOBdHI6ml99F1_QQQrC2n9TyVyFbNJkXnR_ekqAVbn-1tzx7orS2-sBxNVvSz-TtkiRd5le36ljq68Oh-btICOZnFmejLcH1rVxneOfnek667E-IxfoziUg5iGcbjcTr11m0mrzWhXPE5vJ4T77GOG8FrONN6RON2BgqxCLOJ5AYVd1SaylJdSN_0SRN8vtSdlYDbjPv72vIWQnOnaFMjlfy5midZWFtphrGbXmtgQGwB3HrKVcW5HIfdrSG9uEh_7UadxTB6ToDoZmmqVtBQEvA7KwaiC40_PTKN6e-aEZd_lhwug9ZSMLEQwlOgMmHz9Bwk4jVLyo9mvTpRP9rg%26adurl%3D
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
958c23bb0566f078df7982889e7f3e11ee1e790f0a0da9694ec47fe91f293cc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3939
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
match.adsrvr.org/track/upb/ Frame 86DF
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

date
Mon, 21 Mar 2022 11:40:43 GMT
content-type
text/html; charset=utf-8
location
https://match.adsrvr.org/track/upb/?adv=4qqx4oo&ref=https%3A%2F%2Fnets4.com%2F&upid=t9831l4&upv=1.1.0
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
request.php
hal90002.redintelligence.net/ Frame E8E7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0aa618c50a&subid=&uid=31f33e93f83f9196&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfY1YOmQ4YqumNuSB7_UPy6qE0AS1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTIAU_QOYCNz9v1qVjsBY4JfOift_1SRqmct7cgdJ53qDKWdaaC8SsIg90ZR2dxyqiE4OQDCi9S8I_cmfnXf6KYEDGZkKuu01-J8ZqPCFnAVSrmANpY-bLBHIEavcyz_m2xRhLUhDxbTcRNDIad450Lgsqkzxms7QY7NLc9ppvh4UK-u363r8QSKyXFa_iztmtoFNE3Em2X2QQDsV8zrJerFTlvu8uObt0TO4w29ZeaEK-UxtxMerxohRNcXilc16CHCGCWVpHGuKVywASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec%26sig%3DAOD64_2MyonSX-ID430RDdHi2mBopp2nuA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C39_KM7QZ9jEzz7yUetIZUWvXBywZLjDTtwJ_mM0YcGouyBbLx4a4Z_9y66FC7v-RJqvGUaIHKXT44zQc3mpEAuS79eIJagkp9vFnay-TmrBG6eK9BI1UYTNl4QkPUvoQOy3w0kdTP8t3mF8-rDO3lUCWxyA%26cry%3D1%26dbm_d%3DAKAmf-DNuS5v4HHV6tXRJ2f_z1tY-W2JDT6eS1X7RjvLTH_-3CnrI-e5vLQZtLnvS5TBtrPsj1BT7_V7PsQkbSGQZu-n8b1LoWJ9jgiZgLo06Q6mW75LDKlV3mAjYKBsEsHE9hvSXZMxiKOBdHI6ml99F1_QQQrC2n9TyVyFbNJkXnR_ekqAVbn-1tzx7orS2-sBxNVvSz-TtkiRd5le36ljq68Oh-btICOZnFmejLcH1rVxneOfnek667E-IxfoziUg5iGcbjcTr11m0mrzWhXPE5vJ4T77GOG8FrONN6RON2BgqxCLOJ5AYVd1SaylJdSN_0SRN8vtSdlYDbjPv72vIWQnOnaFMjlfy5midZWFtphrGbXmtgQGwB3HrKVcW5HIfdrSG9uEh_7UadxTB6ToDoZmmqVtBQEvA7KwaiC40_PTKN6e-aEZd_lhwug9ZSMLEQwlOgMmHz9Bwk4jVLyo9mvTpRP9rg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=7979325317373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfY1YOmQ4YqumNuSB7_UPy6qE0AS1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTIAU_QOYCNz9v1qVjsBY4JfOift_1SRqmct7cgdJ53qDKWdaaC8SsIg90ZR2dxyqiE4OQDCi9S8I_cmfnXf6KYEDGZkKuu01-J8ZqPCFnAVSrmANpY-bLBHIEavcyz_m2xRhLUhDxbTcRNDIad450Lgsqkzxms7QY7NLc9ppvh4UK-u363r8QSKyXFa_iztmtoFNE3Em2X2QQDsV8zrJerFTlvu8uObt0TO4w29ZeaEK-UxtxMerxohRNcXilc16CHCGCWVpHGuKVywASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec%26sig%3DAOD64_2MyonSX-ID430RDdHi2mBopp2nuA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C39_KM7QZ9jEzz7yUetIZUWvXBywZLjDTtwJ_mM0YcGouyBbLx4a4Z_9y66FC7v-RJqvGUaIHKXT44zQc3mpEAuS79eIJagkp9vFnay-TmrBG6eK9BI1UYTNl4QkPUvoQOy3w0kdTP8t3mF8-rDO3lUCWxyA%26cry%3D1%26dbm_d%3DAKAmf-DNuS5v4HHV6tXRJ2f_z1tY-W2JDT6eS1X7RjvLTH_-3CnrI-e5vLQZtLnvS5TBtrPsj1BT7_V7PsQkbSGQZu-n8b1LoWJ9jgiZgLo06Q6mW75LDKlV3mAjYKBsEsHE9hvSXZMxiKOBdHI6ml99F1_QQQrC2n9TyVyFbNJkXnR_ekqAVbn-1tzx7orS2-sBxNVvSz-TtkiRd5le36ljq68Oh-btICOZnFmejLcH1rVxneOfnek667E-IxfoziUg5iGcbjcTr11m0mrzWhXPE5vJ4T77GOG8FrONN6RON2BgqxCLOJ5AYVd1SaylJdSN_0SRN8vtSdlYDbjPv72vIWQnOnaFMjlfy5midZWFtphrGbXmtgQGwB3HrKVcW5HIfdrSG9uEh_7UadxTB6ToDoZmmqVtBQEvA7KwaiC40_PTKN6e-aEZd_lhwug9ZSMLEQwlOgMmHz9Bwk4jVLyo9mvTpRP9rg%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
18e8fbd37854b0c1f896d8709e1ff4358220c5f458c63d6c1654bd15827c40df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:43 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
89364000084992400710612011905002
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1303
Expires
Mon, 21 Mar 2022 11:40:43 +0100
c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
pagead2.googlesyndication.com/bg/ Frame EF58 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
90189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13819
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Mar 2023 10:37:34 GMT
view.aspx
pb.media01.eu/ Frame CF68
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=89364000084992400710612011905002&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=89364000084992400710612011905002&actionid=981741&produktid=&dt_url=
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=89364000084992400710612011905002&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0aa618c50a&subid=&uid=31f33e93f83f9196&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfY1YOmQ4YqumNuSB7_UPy6qE0AS1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTIAU_QOYCNz9v1qVjsBY4JfOift_1SRqmct7cgdJ53qDKWdaaC8SsIg90ZR2dxyqiE4OQDCi9S8I_cmfnXf6KYEDGZkKuu01-J8ZqPCFnAVSrmANpY-bLBHIEavcyz_m2xRhLUhDxbTcRNDIad450Lgsqkzxms7QY7NLc9ppvh4UK-u363r8QSKyXFa_iztmtoFNE3Em2X2QQDsV8zrJerFTlvu8uObt0TO4w29ZeaEK-UxtxMerxohRNcXilc16CHCGCWVpHGuKVywASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec%26sig%3DAOD64_2MyonSX-ID430RDdHi2mBopp2nuA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C39_KM7QZ9jEzz7yUetIZUWvXBywZLjDTtwJ_mM0YcGouyBbLx4a4Z_9y66FC7v-RJqvGUaIHKXT44zQc3mpEAuS79eIJagkp9vFnay-TmrBG6eK9BI1UYTNl4QkPUvoQOy3w0kdTP8t3mF8-rDO3lUCWxyA%26cry%3D1%26dbm_d%3DAKAmf-DNuS5v4HHV6tXRJ2f_z1tY-W2JDT6eS1X7RjvLTH_-3CnrI-e5vLQZtLnvS5TBtrPsj1BT7_V7PsQkbSGQZu-n8b1LoWJ9jgiZgLo06Q6mW75LDKlV3mAjYKBsEsHE9hvSXZMxiKOBdHI6ml99F1_QQQrC2n9TyVyFbNJkXnR_ekqAVbn-1tzx7orS2-sBxNVvSz-TtkiRd5le36ljq68Oh-btICOZnFmejLcH1rVxneOfnek667E-IxfoziUg5iGcbjcTr11m0mrzWhXPE5vJ4T77GOG8FrONN6RON2BgqxCLOJ5AYVd1SaylJdSN_0SRN8vtSdlYDbjPv72vIWQnOnaFMjlfy5midZWFtphrGbXmtgQGwB3HrKVcW5HIfdrSG9uEh_7UadxTB6ToDoZmmqVtBQEvA7KwaiC40_PTKN6e-aEZd_lhwug9ZSMLEQwlOgMmHz9Bwk4jVLyo9mvTpRP9rg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=7979325317373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Mon, 21 Mar 2022 12:40:43 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Mon, 21 Mar 2022 11:40:42 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Mon, 21 Mar 2022 11:40:43 GMT
Content-Type
application/javascript
Content-Length
0
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=89364000084992400710612011905002&actionid=981741&produktid=&dt_url=
Host
pv.medialead.de
Proxy-Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:8EA6_91EFC182:01BB_6238643B_10A5F724:7DDF
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40028
/
adv.office-partner.de/ Frame 9DE3 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0aa618c50a&subid=&uid=31f33e93f83f9196&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfY1YOmQ4YqumNuSB7_UPy6qE0AS1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTIAU_QOYCNz9v1qVjsBY4JfOift_1SRqmct7cgdJ53qDKWdaaC8SsIg90ZR2dxyqiE4OQDCi9S8I_cmfnXf6KYEDGZkKuu01-J8ZqPCFnAVSrmANpY-bLBHIEavcyz_m2xRhLUhDxbTcRNDIad450Lgsqkzxms7QY7NLc9ppvh4UK-u363r8QSKyXFa_iztmtoFNE3Em2X2QQDsV8zrJerFTlvu8uObt0TO4w29ZeaEK-UxtxMerxohRNcXilc16CHCGCWVpHGuKVywASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec%26sig%3DAOD64_2MyonSX-ID430RDdHi2mBopp2nuA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C39_KM7QZ9jEzz7yUetIZUWvXBywZLjDTtwJ_mM0YcGouyBbLx4a4Z_9y66FC7v-RJqvGUaIHKXT44zQc3mpEAuS79eIJagkp9vFnay-TmrBG6eK9BI1UYTNl4QkPUvoQOy3w0kdTP8t3mF8-rDO3lUCWxyA%26cry%3D1%26dbm_d%3DAKAmf-DNuS5v4HHV6tXRJ2f_z1tY-W2JDT6eS1X7RjvLTH_-3CnrI-e5vLQZtLnvS5TBtrPsj1BT7_V7PsQkbSGQZu-n8b1LoWJ9jgiZgLo06Q6mW75LDKlV3mAjYKBsEsHE9hvSXZMxiKOBdHI6ml99F1_QQQrC2n9TyVyFbNJkXnR_ekqAVbn-1tzx7orS2-sBxNVvSz-TtkiRd5le36ljq68Oh-btICOZnFmejLcH1rVxneOfnek667E-IxfoziUg5iGcbjcTr11m0mrzWhXPE5vJ4T77GOG8FrONN6RON2BgqxCLOJ5AYVd1SaylJdSN_0SRN8vtSdlYDbjPv72vIWQnOnaFMjlfy5midZWFtphrGbXmtgQGwB3HrKVcW5HIfdrSG9uEh_7UadxTB6ToDoZmmqVtBQEvA7KwaiC40_PTKN6e-aEZd_lhwug9ZSMLEQwlOgMmHz9Bwk4jVLyo9mvTpRP9rg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=7979325317373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/

Response headers

server
keycdn-engine
date
Mon, 21 Mar 2022 11:40:43 GMT
content-type
text/html
content-length
552
x-accel-version
0.01
last-modified
Thu, 06 May 2021 15:37:28 GMT
etag
"3a2-5c1ab16b3be00-gzip"
vary
Accept-Encoding
content-encoding
gzip
expires
Mon, 28 Mar 2022 11:40:43 GMT
cache-control
max-age=604800
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache
HIT
x-edge-location
defr
access-control-allow-origin
*
accept-ranges
bytes
htlp
futalis.de/ Frame B049
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=89364000084992400710612011905002&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1284527989
350 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1284527989
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0aa618c50a&subid=&uid=31f33e93f83f9196&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfY1YOmQ4YqumNuSB7_UPy6qE0AS1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTIAU_QOYCNz9v1qVjsBY4JfOift_1SRqmct7cgdJ53qDKWdaaC8SsIg90ZR2dxyqiE4OQDCi9S8I_cmfnXf6KYEDGZkKuu01-J8ZqPCFnAVSrmANpY-bLBHIEavcyz_m2xRhLUhDxbTcRNDIad450Lgsqkzxms7QY7NLc9ppvh4UK-u363r8QSKyXFa_iztmtoFNE3Em2X2QQDsV8zrJerFTlvu8uObt0TO4w29ZeaEK-UxtxMerxohRNcXilc16CHCGCWVpHGuKVywASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec%26sig%3DAOD64_2MyonSX-ID430RDdHi2mBopp2nuA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C39_KM7QZ9jEzz7yUetIZUWvXBywZLjDTtwJ_mM0YcGouyBbLx4a4Z_9y66FC7v-RJqvGUaIHKXT44zQc3mpEAuS79eIJagkp9vFnay-TmrBG6eK9BI1UYTNl4QkPUvoQOy3w0kdTP8t3mF8-rDO3lUCWxyA%26cry%3D1%26dbm_d%3DAKAmf-DNuS5v4HHV6tXRJ2f_z1tY-W2JDT6eS1X7RjvLTH_-3CnrI-e5vLQZtLnvS5TBtrPsj1BT7_V7PsQkbSGQZu-n8b1LoWJ9jgiZgLo06Q6mW75LDKlV3mAjYKBsEsHE9hvSXZMxiKOBdHI6ml99F1_QQQrC2n9TyVyFbNJkXnR_ekqAVbn-1tzx7orS2-sBxNVvSz-TtkiRd5le36ljq68Oh-btICOZnFmejLcH1rVxneOfnek667E-IxfoziUg5iGcbjcTr11m0mrzWhXPE5vJ4T77GOG8FrONN6RON2BgqxCLOJ5AYVd1SaylJdSN_0SRN8vtSdlYDbjPv72vIWQnOnaFMjlfy5midZWFtphrGbXmtgQGwB3HrKVcW5HIfdrSG9uEh_7UadxTB6ToDoZmmqVtBQEvA7KwaiC40_PTKN6e-aEZd_lhwug9ZSMLEQwlOgMmHz9Bwk4jVLyo9mvTpRP9rg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=7979325317373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.14.134 Eching, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

date
Mon, 21 Mar 2022 11:40:43 GMT
server
Apache
p3p
policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1284527989
content-length
0
content-type
text/html; charset=utf-8
link.html
track.webgains.com/ Frame E8E7 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=89364000084992400710612011905002&nw=1
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
f37e90bde6c10ace3c876270475f8097130179b6000f7f6514d50c964a149533

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:43 GMT
Last-Modified
Mon, 21 Mar 2022 11:40:43 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1232
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031
8019191.fls.doubleclick.net/ Frame 2A32
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031?
392 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031?
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
9cb1733fd77ae45309144400e7553dce9f310ef476dcd00357a91a91a538c31f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 21 Mar 2022 11:40:43 GMT
expires
Mon, 21 Mar 2022 11:40:43 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 21 Mar 2022 11:40:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90002.redintelligence.net/ Frame 73CF 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/request_content.php?s=89364000084992400710612011905002&a=64cd3ae2
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=0aa618c50a&subid=&uid=31f33e93f83f9196&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfY1YOmQ4YqumNuSB7_UPy6qE0AS1zfmDV_zYuavlDPAuEAEgudvzJmCV4pCCoAfIAQmpAkJ5BQBqhrI-qAMBqgTIAU_QOYCNz9v1qVjsBY4JfOift_1SRqmct7cgdJ53qDKWdaaC8SsIg90ZR2dxyqiE4OQDCi9S8I_cmfnXf6KYEDGZkKuu01-J8ZqPCFnAVSrmANpY-bLBHIEavcyz_m2xRhLUhDxbTcRNDIad450Lgsqkzxms7QY7NLc9ppvh4UK-u363r8QSKyXFa_iztmtoFNE3Em2X2QQDsV8zrJerFTlvu8uObt0TO4w29ZeaEK-UxtxMerxohRNcXilc16CHCGCWVpHGuKVywASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ4MjM5Njk5ODUwODIxMzaACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJeRor3gUid8dReyiMnDtt8TpiDeBmQtirBIJC-ThpdR9ffolRec%26sig%3DAOD64_2MyonSX-ID430RDdHi2mBopp2nuA%26client%3Dca-pub-4903453974745530%26dbm_c%3DAKAmf-C39_KM7QZ9jEzz7yUetIZUWvXBywZLjDTtwJ_mM0YcGouyBbLx4a4Z_9y66FC7v-RJqvGUaIHKXT44zQc3mpEAuS79eIJagkp9vFnay-TmrBG6eK9BI1UYTNl4QkPUvoQOy3w0kdTP8t3mF8-rDO3lUCWxyA%26cry%3D1%26dbm_d%3DAKAmf-DNuS5v4HHV6tXRJ2f_z1tY-W2JDT6eS1X7RjvLTH_-3CnrI-e5vLQZtLnvS5TBtrPsj1BT7_V7PsQkbSGQZu-n8b1LoWJ9jgiZgLo06Q6mW75LDKlV3mAjYKBsEsHE9hvSXZMxiKOBdHI6ml99F1_QQQrC2n9TyVyFbNJkXnR_ekqAVbn-1tzx7orS2-sBxNVvSz-TtkiRd5le36ljq68Oh-btICOZnFmejLcH1rVxneOfnek667E-IxfoziUg5iGcbjcTr11m0mrzWhXPE5vJ4T77GOG8FrONN6RON2BgqxCLOJ5AYVd1SaylJdSN_0SRN8vtSdlYDbjPv72vIWQnOnaFMjlfy5midZWFtphrGbXmtgQGwB3HrKVcW5HIfdrSG9uEh_7UadxTB6ToDoZmmqVtBQEvA7KwaiC40_PTKN6e-aEZd_lhwug9ZSMLEQwlOgMmHz9Bwk4jVLyo9mvTpRP9rg%26adurl%3D&documentReferer=https%3A%2F%2Fnets4.com%2F&ancestorOrigins=https%3A%2F%2Fnets4.com%2Chttps%3A%2F%2Fnets4.com&random=7979325317373&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
5c6ad9879f2708229595269908c145e7307d38c82dcf4c7cead3da09bc23b5b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 21 Mar 2022 11:40:43 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2074
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame E8E7
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=89364000084992400710612011905002
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=89364000084992400710612011905002
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:46:14 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
B9D59BA9:8EB6_91EFC182:01BB_6238643A_106DBE0F:F726
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=15768000
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B839 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Sun, 20 Mar 2022 13:26:12 GMT
expires
Mon, 21 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
80071
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E8E7 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a7fcb2b9c3f4d18eb22187d746a67082a4e1a0573d63efbe2243e780cb0e145

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 73CF 		1 KB
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=89364000084992400710612011905002&a=64cd3ae2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 10:01:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 21 Mar 2022 11:40:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 21 Mar 2022 11:40:43 GMT
/
hal9000.redintelligence.net/scale/ Frame 73CF 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=89364000084992400710612011905002&a=64cd3ae2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
39184c5d24b37db1eb01bfa5170eb2fa23b8a3955a4e73c5a83bf382ec91ef8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16249
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 73CF 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=89364000084992400710612011905002&a=64cd3ae2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ea4e56c29d46feb542cf3a8f874433c3d58992455ff13d05430ce88ce9fba7a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16530
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 73CF 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=89364000084992400710612011905002&a=64cd3ae2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
abf9d562a837cf7396635dc87669c0d96d42732f8ec3a85d2069bf9e8021e69a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:43 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12991
Vary
Accept-Encoding
Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF58 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrWJeO2Q4Yry-GbaBjuwPpN6dwAoAAAAAOAHgBAI&bg=!ra6lrurNAAba2mK92to7ACkAdvg8WlrMmIwQbMjl2XcGuJMpHHlheV6xvG5Lluv0ZA2UH0ygE6XSIwIAAAB7UgAAAAJoAQeZAzOMwRBWtmOwYC9TkP7glXQheHIris_R0e9Uje0-crHsvq6PCMDeos_LEIh0krLOumK1tqQ4EB3pWQksNhcZnwgtC3O2jAzD_-8rV_cfYY5q_tJanGUhMx9C66QOv46K6dkygJFoGR04NxrVKeSFSrHk4oheRs4eKjvKwHbBHiUNu6HBMkK3NWqM73HOfBxMTxNqV8Loi_WJsZW_2eI--LmRBfS4jCB_7thS-SVRTy61rqvR9cpo0scHU-rm74Zh79XRUbqPynAuyBC5JXuCTPp3Ulo4Nr6wOVb6flP2x3cWtggX_h2oWsDNVNNx8l66Rl8AxidUVABTUzo8oD46WPgZc9Bb5feGXeDQXDDXz-vjk8ldS05jRkWEOdlIkSTB2D61OMMhK_7lQKuYgBy9bQ6FTpZ4bi2-mGdnpV6KuB-oJ2ASNG8Kvypp1En3g7BJzO95BT0ribTQysJRghQj_pIqA7y5ks1M-tXRARJW1eG8D0EfqBJXqpZ9R9WiJNWCcNngBfH5GO3gIIfiKqQ-KElstYnmoTWlPWOwoHCjuwlKm8Wwdp1UHXd5M8Imd-ymUV5ql8u3iuDB2vk_tIrTDW2NJZpLhlycSYXrj_anzXrrgs46IScMLbY8cugqT5j_hN4X5I6ZK6HaoJ2sBQpi3pfQs1fiHs8zJv0zajzzkCtwSn13pxUVvGJadKinnGdn-VktsAV6vcUas9nO22ecKBS6K7Y-WR-rYWbYY9O9XZQRq8TTOaUlIEPz9VnuoVa_GVLuO8YQMMdTABOG6vOPEBsteLuX6X907hQI_LorBox6WxgPGWv6mWzwfeuMm_689uy16uSGv-ejxuWpeptRaC3bPmNN2RK9vUyywS6AS0dmNvZKRbyIDprOPSTsBD3DporaD0XRAZI8mFOv_QhWI3nWl3Sf8gq-jdPMF_tKuNZhxcjcTf-zQYYc5WOUepyIilfW2Knct1NlDXUT5NRiDIJoKjNUL4Qi_cRSvp9lSqYgKyKO_xjHuYtfCTPj7DULLaFtxfI7xNmufUaMLqVd0ILExPT28JZNzjN34kvcIlwNvMjb7KzQ2hrZrhvNMYLvhb4XwzA
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame B839 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJCasO2UQK8Xphuzx3xsCK8&google_cver=1&google_push=AYg5qPI7lq6Z3VQyiaMEdws22O_8rp2YgjnBC0saOzGtC05zMyIkjeesaSbyknJOqcVOK_GTx4wzLMqI53uxMqMU1EmdEBjUmmU
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame B839
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESED0MF4yFQZ3GVR_e9fHMZxQ&google_cver=1&google_push=AYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED0MF4yFQZ3GVR_e9fHMZxQ&google_cver=1&google_push=AYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3...
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED0MF4yFQZ3GVR_e9fHMZxQ&google_cver=1&google_push=AYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ef66a17cfa16963-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
953
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ef66a167d086963-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED0MF4yFQZ3GVR_e9fHMZxQ&google_cver=1&google_push=AYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI41L-OsWmYyZOjM02HtvqkWyfeWYyUXa5Rx2FDHOg58BOIKHjYvUWu13wght5EkiYGaSjRQcGt-6aUb4J5vd1xgHburk3H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B839
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE6PwbrcSjU5NS4uGPxZBIg&google_push=AYg5qPIt2aAfk2KOMXn4wQpD8VjOd9xxb3jBD9iZUrV8xkDlJXUV9nH_Gq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE6PwbrcSjU5NS4uGPxZBIg&google_push=AYg5qPIt2aAfk2KOMXn4wQpD8VjOd9xxb3jBD9iZUrV8xkDlJXUV9nH_Gq32TWcdQPTRbQoGF_cZkvUbXA-LGCFBtmJ456amLdMe
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1647862844.911805,VS0,VE92
x-served-by
cache-hhn4062-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEE6PwbrcSjU5NS4uGPxZBIg&google_push=AYg5qPIt2aAfk2KOMXn4wQpD8VjOd9xxb3jBD9iZUrV8xkDlJXUV9nH_Gq32TWcdQPTRbQoGF_cZkvUbXA-LGCFBtmJ456amLdMe
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame B839
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEGT2k7o_qCm4EPtYnAheWss&google_cver=1&google_push=AYg5qPKUufe-Fufj1fl6OfmCZ8UWwbRjZwIpOyQRDYzlKTmW7Na1nTOnX7l0xTDqOkklCzQDz5tVZqd31bDQJc84eKEYhUz...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGT2k7o_qCm4EPtYnAheWss&google_cver=1&google_push=AYg5qPKUufe-Fufj1fl6OfmCZ8UWwbRjZwIpOyQRDYzlKTmW7Na1nTOnX7l0xTDqOkklCzQDz5tVZqd31bDQJc84eKEYh...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKUufe-Fufj1fl6OfmCZ8UWwbRjZwIpOyQRDYzlKTmW7Na1nTOnX7l0xTDqOkklCzQDz5tVZqd31bDQJc84eKEYhUzM_WU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKUufe-Fufj1fl6OfmCZ8UWwbRjZwIpOyQRDYzlKTmW7Na1nTOnX7l0xTDqOkklCzQDz5tVZqd31bDQJc84eKEYhUzM_WU
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKUufe-Fufj1fl6OfmCZ8UWwbRjZwIpOyQRDYzlKTmW7Na1nTOnX7l0xTDqOkklCzQDz5tVZqd31bDQJc84eKEYhUzM_WU
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B839
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBLkl92blgcEirHtVmOMyQA&google_cver=1&google_push=AYg5qPIhimLjHUXzoElFTLFcUG3WmbxA6JzfDzhZHCXve_sq1SYLUsaHSVRs_Mn4m8FgPXs7rBL0bSp1...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBLkl92blgcEirHtVmOMyQA&google_cver=1&google_push=AYg5qPIhimLjHUXzoElFTLFcUG3WmbxA6JzfDzhZHCXve_sq1SYLUsaHSVRs_Mn4m8FgPXs7rBL...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMxNDYwNjUwNjU5MDY1OTE1MA&google_push=AYg5qPIhimLjHUXzoElFTLFcUG3WmbxA6JzfDzhZHCXve_sq1SYLUsaHSVRs_Mn4m8FgPXs7rBL0bS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMxNDYwNjUwNjU5MDY1OTE1MA&google_push=AYg5qPIhimLjHUXzoElFTLFcUG3WmbxA6JzfDzhZHCXve_sq1SYLUsaHSVRs_Mn4m8FgPXs7rBL0bSp1Fpx9GqnN_bFeBm1nLOq-
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMxNDYwNjUwNjU5MDY1OTE1MA&google_push=AYg5qPIhimLjHUXzoElFTLFcUG3WmbxA6JzfDzhZHCXve_sq1SYLUsaHSVRs_Mn4m8FgPXs7rBL0bSp1Fpx9GqnN_bFeBm1nLOq-
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B839
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGcIs7kIlaLF5hqY3TbmVRw&google_cver=1&google_push=AYg5qPIPcgFoNysxNeVAfsDbFvV3FRGBf4W6ZkxfgFFM87r4Ks9E2dzkeVu0drClVAmuIrahAsq...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwTVpOWTctNS1CRDVD&google_push=AYg5qPIPcgFoNysxNeVAfsDbFvV3FRGBf4W6ZkxfgFFM87r4Ks9E2dzkeVu0drClVAmuIrahAsqnIFjx91UZzRDu_jge7zP3KUoC
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwTVpOWTctNS1CRDVD&google_push=AYg5qPIPcgFoNysxNeVAfsDbFvV3FRGBf4W6ZkxfgFFM87r4Ks9E2dzkeVu0drClVAmuIrahAsqnIFjx91UZzRDu_jge7zP3KUoC
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwTVpOWTctNS1CRDVD&google_push=AYg5qPIPcgFoNysxNeVAfsDbFvV3FRGBf4W6ZkxfgFFM87r4Ks9E2dzkeVu0drClVAmuIrahAsqnIFjx91UZzRDu_jge7zP3KUoC
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame B839
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKrTlbdbgVTok_zbWPh-jRKM2Ou14EDwit0iqBuwd-NLZsxOS7vzyEAbr6I-t4Jjugqg_8vwK6EfSvreSiVcg6EE8a9er0&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-a8be39b9-0c63-4557-84a6-6388033728ac-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKrTlbdbgVTok_zbWPh-...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKrTlbdbgVTok_zbWPh-jRKM2Ou14EDwit0iqBuwd-NLZsxOS7vzyEAbr6I-t4Jjugqg_8vwK6EfSvreSiVcg6EE8a9er0&google_hm=A6i-ObkMY0VXhKZjiAM3KKw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKrTlbdbgVTok_zbWPh-jRKM2Ou14EDwit0iqBuwd-NLZsxOS7vzyEAbr6I-t4Jjugqg_8vwK6EfSvreSiVcg6EE8a9er0&google_hm=A6i-ObkMY0VXhKZjiAM3KKw
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKrTlbdbgVTok_zbWPh-jRKM2Ou14EDwit0iqBuwd-NLZsxOS7vzyEAbr6I-t4Jjugqg_8vwK6EfSvreSiVcg6EE8a9er0&google_hm=A6i-ObkMY0VXhKZjiAM3KKw
date
Mon, 21 Mar 2022 11:40:44 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa8be39b90c63455784a66388033728ac003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame B839 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILBDAZOftbbAutwrUpVSCAWDA6cb-wuCdOk0fV5nduRpsisQEito6EN4T6DfodWT0H14uG
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ts.js
cdn.retailads.net/ Frame B049 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1284527989
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:44 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
accept-ranges
bytes
etag
"14aa-5d6188919baaa"
content-length
5290
content-type
application/javascript
viewability
hal90002.redintelligence.net/ Frame 73CF 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90002.redintelligence.net/viewability?s=89364000084992400710612011905002&a=b4eb4568&vb=m
Requested by
Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=89364000084992400710612011905002&a=64cd3ae2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90002.redintelligence.net/request_content.php?s=89364000084992400710612011905002&a=64cd3ae2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031
adservice.google.com/ddm/fls/z/ Frame 2A32 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=COy4x7uP1_YCFVXcGwodBK4Igw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1843793218585.7031?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 9DE3 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23e0af8c18039609b97c6d39a885161fc02218fb0483abc5c81c9a214cbdc9fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32578
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 21 Mar 2022 11:40:44 GMT
tracking-event
api.webgains.io/ Frame 1EAE 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 21 Mar 2022 11:40:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
pvClk.min.js
analytics.webgains.io/ Frame E8E7 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=89364000084992400710612011905002&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-127.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24456
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 21 Mar 2022 04:53:11 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
KZkh9kKsTvhRTigHtldt9izgpLB8VHzQEyPiFYoxRxYNoQN7NU0UAg==
link.html
track.webgains.com/ Frame E8E7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=53197300103419200951421011905025&wglinkid=2513145
Requested by
Host: 1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
URL: https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 21 Mar 2022 11:40:44 GMT
Last-Modified
Mon, 21 Mar 2022 11:40:44 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2808
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07CC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031501&jk=291206030165497&bg=!ICOlI2fNAAba2mK92to7ACkAdvg8WvP3aDSkXcWDi5rgSB_IiDGJMdyf4-B9Soevk68DqRZUop1-SwIAAADcUgAAAAhoAQcKADOS6QnNtQIN29CJxd0l0PYXPruzx6dZ3oEp9yVHDbq3rq6azFdhW3JJyGhhwmtj5_VuOoGZAuTD00U8O9sAFEuhyCNLXSB9lUlLXJ65CyDha9c9PGBLCb9sUqpsggO_WBvSezGN3GWA21Ibuj2yn3K_AgkPKSJOJ1zOrflmAETD-lsRiIrdJd4iIaT-dEyh5T4CBO_aMc4ZXpbYpUFV42twPsXCoNMw4ddNVRw7_WT4QjDBEcTOBIZaXQfVTYqDKP2I3-QWa9ScNzmdDxtqVmr7Lfc6pZaHqXwJHx5Te4uMHaoZ4zbc1ru5oIYgjvMMWInnbcqfB5wV36WdAoZ5_l-Kxy8Stu8bq7ABdr6V8xnGznDFVy7-nI_qfOofnpAy_atEObgMz0W2XW9Hy9ww5ymRod-s0spJnwmKC7hbS5xMq6AMNTuq8KyZQ8jutFlNCkONbPwAReaXeRAWi0rL4jfcH6smgNcpX9glFtZmk4nVSEoCIVR6SL6ZljXJLeZwdE07NP9lLVGWzcoOIYL7b1ctTk5LNNzVu71BS_LpcQOpJ-_JPjgWB2bhhH7P55BfFqWCZNjmz2U5amYntdhebEf8QtY1V_fVUKRtKNv1TrHfcN4UN40x-IJ-eMuPqlL1P5Q5WUV1zlwXMIxOjJkp4xtQO3ImOROAycHN5G1YBR2T_YTDYK70A3I3eQtDlcTS38s1OYKp53WKAtNnv3ysOBS_jEWz4aDHEI9JlkotYfd74Fdfu-s7WSqQKwxBAaIBsyhjuDN9EVbfnXj_yUICM3vqivpA9XNhsOLarFiiw0m6QEvvyW8oWjSbx2GXTnUBkzbzEFrDxNeqbQodVsXlc1dlr_UH6kVwUlkoKFW0nfjxf8mNh_zLqg8k3-nl6LUH6lf4IctFO3uWcBrLW_sbVKwNYxaOAnEM_7KsM_IUNTmg1xEMQVaLQ180wAje7GY3eHZXGrfCzVJjq_nxPfYITQvC6zVbUXuvtBStocR2UaL_rdoyuBaWIL3_T9J8usxaCfp0kw2b_VuLC41iU3jQ1YapBCe3fyNJWfFfJA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF8B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=842784095007652&bg=!fH-lfzvNAAba2mK92to7ACkAdvg8Wu7-jIOAqCuCDqjlU9UZOeWL6b7ZjzEp5oOu_nqk3ik4JuRsBQIAAADyUgAAAAFoAQcKAMBO-IuqRkk0Voht6Z0u2luKD0Hjwya0mD0P5VFRwZDiID4_BdHIBO6WOtKBtVtoWv32VMXnH8Jxz_RrumuBRH4SJo7ah9vsQF_ZJzuN2N5IhUfpoEZ1EjcT6BuONayZQj0DgGweLi7V3Wj-K_rtu7XJehJAnhilSiTw3956iIO1b7fFypVEwBLdKZeMNRt5d-TyTRAjR8VR1Bp2brWpqlPmrzwQ4tNgTz2hEOY9ecICLEDKyiTHLJ-baQvCAGYq-hyZAtdbits1PaWIooX-C1G092FOCUuUoKBWxF9pcFf0BXJ_zQMn-gFYEHB7Lx6XFsmz1dRMwXtbTyi8l7GaAkcPBN8YfS4Tqky27bpcCTrOGwjPhLBA9lbJDU7biS11T5tee7wYPwnvSRkCBh9MibgI5XYAf-Xiw29KV5cJ40jiZFa4Wk8h5OhWDkwJ_79IZPe2yYpHzczSeDYPJKlGYv0895YstxXv7GKb-G5taTkM9eWJJkc-7mbQJFtgGduV8QT4-ZeWUrUTp_nPbbsso6wv-vnKAJH-TproWVKzK8YLzE5IfRJotBh9VNHTlRP1OIwK8zlqqkXucE47z-JJjyiDY-S4HOVumxK4q-3L30IAvU9XCoeIWRypN1AuCSN5Yx0hsAogwvzxyn3YzvsfIvKsUrarLdQmJBkyS4ZTFmISRK9iKT1Uj2-FcH1QKKwVpmD1AzmBr38j74U1wukHioqekP16HEmfsbcAY_do3grgKZcgUM_D3H7DZVssKg7hRajn1HQUjNbo6XRdgPFXUNj9x4QhaTV15Q0ozauApqfnEYqtf3ENPD9r2V7HtczMebi1JaUS_ZHVv3IhwO3Kblh3u5EHeyN1qHsNEFxIK9m0V6SpBJEl4e489_Lb2-5T4_vD_lPF6I4YwRtX05jkTl65FqvFLmcN_grSrDIe9w6UJBwa3MXlSieLL-k2-WBZ8XTGgF_4DCR_DdgdAaKJx_30N1VRLapSMf6LZq-O2s3oWYvHsMPTAPjf0uDA7h0GlqLLkDjcGd3IEw6xFDhF4fNvBU4hObIKAvGAzPYd5voXQoYLtNgOhRhUFIgveV_2A0i-iIM-yEyrQsrjG2UbMtrgZsjYoiKL9DB-V_lY6U_pQKJm3OIPf73ehTmnILe0PIKtaBE9G4UuzcZLmnlgMbP1oeeTpsRf7d4Mjv5IbNWHfXTKcIIthPxeIKrpMaJMJnksj36JENINL_Ss
Requested by
Host: nets4.com
URL: https://nets4.com/domain/eminer.app
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nets4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 47FD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0tyKXgD9Bd55eWhlL68lc--zAqeLrlzO3Uot3TgMho-U9eJcBSfvf4qNYZYDVopAU9wKQYqyOBO_DBQbMelut1Mnl_EC3dmIU5V5Phr3klOCWXWHzRYHKVt8c9Bf5HvIykLZgww6zh9TZEck0tQlEYw2PDM50dyZQZP_zoC75CUQNT1AOTI5ig2zoGTTCTmJrZRCHSzGwFr0WuvTXZCAyVEYkOodbTEDKsjAZb9kNIMaemCI1mi59jUIhQHOGuLOVFs7Hg&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjhkOgAJx4sIu8Z8AAj14cxcYftdoFgkXyowhA&u=%7Ck0qkpMfSet8i2juk2koG8mW0E0eEiayPd%2F8oOyQidu4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0Sawykmzfr9RwiM26iFVAfBmX3dT4p7RmmTOpvkCGzl2vtfW9biTAwtv2hz3BDFV6Mg7s9kUznxchx736Y4zztAMIw8bg5_Ghn_HcLlQIFTfkS43iiZvY9MmoFx1-gJVG9Hn9d1Jtht-vIBKZyZ9aAZ3NALmhI4QoMClDkDJW4Sgbduhm_ZrOvYuzBO8lX-IeIE4zYWIRezMMs530f4p8tQOiAgmk_LF9pRrya5yxYDSN2NR1L9NY4IXBoCNtkTVqkraF9iV8WHJoVPQvraFp1bNZT7xvAB9P-YIhyS0x8vuqHq_Utju-ge1UCI2ssFKn72TcEQ6ztiqElK7DgV1eTaJe_y4Ke0AKiC1JQHDNEkE9aI3P7lhzDitbh_ju9TZL5uf64ECEPbEGuLNuouLJ4_AEGAeRM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjGC9OmQ4YouPJ_yM7_UP4eujgAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU0MTMzMjk1NDQwNDA5NDegAdW20uoDyAEJqQI7spjHtIyyPuACAKgDAaoEtwJP0JIvlv0SL5_RsUsRTsvMVqjq85UY8o-CTXkr1ns_Uzq2wJcMVmXi1xK0fTMaSUVNMjD81Tn2fBHe2KjxAs-LLIjex-tQ1jGct76mdFjNEOq3QutQaMtdNtzi2hOpFxbYz8LnMeXthbKYDQhB99qFoR1-QHWuiV-nIA92zke7AYEZV94iyI0svxO3sA6uy_pzdFpQFIxVKmZyuwKRtI1_9i5j_JwFJG2cuyC6KMU3S5joHeRU5xCBn31Xt5fuopjci8LWyMUpo2-CVcQY797J85PyI1d4UWOYCJTv47V62QaboQH0EDgxDvG1O6YLHNc2yg8PtjyUBlodZjYXaD9LZnHmaEk5XIhp-G7H1kNykrdEsT0EekVIFQUfGFZe9Cougd3RgA9slsA_GSExoMpJ49_JXAWyyOAEAYAGjq3-26b5-ucJoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1eoZlRb1u3uUFnCekCaKv6LD4FsA%26client%3Dca-pub-5413329544040947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 21 Mar 2022 11:40:44 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame 997B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufEy5DeS3aA_oMcMsrdkEurVdvmmmrdEUtHa5tcTBfyk6Rpp3lRcX5NGT1IvSe_oZrIXYwounZPbb3DLb46iX1&sig=Cg0ArKJSzAKs076WOUpVEAE&cid=CAASF-Ro2DXC-T5gWD0bRw-tufGyWBb5bQmp&id=lidar2&mcvt=1000&p=939,1289,1189,1589&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=882885121&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647862842885&rpt=677&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame E8E7 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 21 Mar 2022 11:40:44 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.107.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-107-253.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 21 Mar 2022 11:40:44 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
id5-api-2.js
static2.creative-serving.com/ Frame 0542 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static2.creative-serving.com/id5-api-2.js
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:45 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 19:23:14 GMT
server
UploadServer
age
2740
etag
"43e554f8c9787fa63a85955c07ba1918"
x-hw
1647862845.cds136.am5.hn,1647862845.cds283.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9982
101.json
id5-sync.com/g/v2/ Frame 0542 		213 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/101.json
Requested by
Host: static2.creative-serving.com
URL: https://static2.creative-serving.com/id5-api-2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p28.id5-sync.com
Software
/
Resource Hash
7ab7c7063d0b0bce789cf1ea1caee6c7ee598d8ab306699d029e066bdf5b20b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
Date
Mon, 21 Mar 2022 11:40:44 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
pixel
ads.creative-serving.com/ul_cb/ Frame 0542
Redirect Chain
  • https://ads.creative-serving.com/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
  • https://ads.creative-serving.com/ul_cb/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
802 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.creative-serving.com/ul_cb/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
Protocol
HTTP/1.1
Server
18.159.23.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-23-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5e96abef75b98a0a702fdd6999338ee5e1cf489544f8bbccd5e2adbe217f6fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
802
Content-Type
text/javascript

Redirect headers

Location
https://ads.creative-serving.com/ul_cb/pixel?id=3156564&id5id=0&type=jsonp&cb=syncResponse
Date
Mon, 21 Mar 2022 11:40:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
3d1b6b7246e84d418b3ffe1f6151168b_cpn_728x90_1.jpeg
static.criteo.net/design/dt/1895/220318/ Frame D9E9 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/1895/220318/3d1b6b7246e84d418b3ffe1f6151168b_cpn_728x90_1.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b0bc751d13f743f19e86cb66cf1918029bb4b5a2a70a673a4ef509d85d6b8600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:45 GMT
last-modified
Fri, 18 Mar 2022 12:41:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62347dea-f4c6"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
62662
expires
Thu, 16 Mar 2023 11:40:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0542
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=54a292ee-c372-406c-a983-941673e305bf&ssp=&expires=5&user_group=4&cb=674
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=950aaf85-bafb-4d74-82db-3f9563615570&gdpr=&gdpr_consent=&gdpr_pd=
1 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=950aaf85-bafb-4d74-82db-3f9563615570&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:540
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=950aaf85-bafb-4d74-82db-3f9563615570&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 21 Mar 2022 11:40:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
RX-a8be39b9-0c63-4557-84a6-6388033728ac-003
sync.targeting.unrulymedia.com/csync/ Frame 0542
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=54a292ee-c372-406c-a983-941673e305bf&ssp=&expires=5&user_group=4&cb=308
  • https://sync.1rx.io/usersync/bidswitch/950aaf85-bafb-4d74-82db-3f9563615570?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-a8be39b9-0c63-4557-84a6-6388033728ac-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a8be39b9-0c63-4557-84a6-6388033728ac-003
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:47 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-a8be39b9-0c63-4557-84a6-6388033728ac-003
pragma
no-cache
date
Mon, 21 Mar 2022 11:40:46 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
sd
us-u.openx.net/w/1.0/ Frame 0542
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=54a292ee-c372-406c-a983-941673e305bf&ssp=&expires=5&user_group=4&cb=439
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=950aaf85-bafb-4d74-82db-3f9563615570&gdpr=&gdpr_consent=
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=950aaf85-bafb-4d74-82db-3f9563615570&gdpr=&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:45 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=950aaf85-bafb-4d74-82db-3f9563615570&gdpr=&gdpr_consent=
Date
Mon, 21 Mar 2022 11:40:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/s/101/54a292ee-c372-406c-a983-941673e305bf/ Frame 0542 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/101/54a292ee-c372-406c-a983-941673e305bf/1.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p28.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:45 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
demconf.jpg
dpm.demdex.net/ Frame 0542
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=393426&dpuuid=54a292ee-c372-406c-a983-941673e305bf
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=54a292ee-c372-406c-a983-941673e305bf
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=54a292ee-c372-406c-a983-941673e305bf
Protocol
HTTP/1.1
Server
34.251.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v030-01952d331.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KVHWI4ZxTik=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v030-094108f3e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
9EXTjZWDQCg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=393426&dpuuid=54a292ee-c372-406c-a983-941673e305bf
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
p161
match.justpremium.com/match/ Frame 0542 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/p161?ex_uid=54a292ee-c372-406c-a983-941673e305bf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.47.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-47-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:45 GMT
content-length
43
content-type
image/gif
gcm
ads.creative-serving.com/ Frame 0542
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=platform161_direct_new&google_cm&google_sc
  • https://ads.creative-serving.com/gcm?google_gid=CAESEJ1TFoHtxLyIHHGmlRCNLd0&google_cver=1
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.creative-serving.com/gcm?google_gid=CAESEJ1TFoHtxLyIHHGmlRCNLd0&google_cver=1
Protocol
HTTP/1.1
Server
18.159.23.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-23-158.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 11:40:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 21 Mar 2022 11:40:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.creative-serving.com/gcm?google_gid=CAESEJ1TFoHtxLyIHHGmlRCNLd0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b3db0a949ce945899b0aa7ad95d7d8cf_cpn_300x250_1.jpeg
static.criteo.net/design/dt/4955/220222/ Frame 47FD 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/4955/220222/b3db0a949ce945899b0aa7ad95d7d8cf_cpn_300x250_1.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5869c6f986927ae74abcb2810724a17d4da067c78b7145692192525c2ff843ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:40:46 GMT
last-modified
Tue, 22 Feb 2022 11:19:22 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6214c6ba-32c5"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
12997
expires
Thu, 16 Mar 2023 11:40:46 GMT
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://nets4.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://nets4.com
date
Mon, 21 Mar 2022 11:40:46 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESELU9YLeIm0jZfQgWiLYCMsY&google_cver=1&google_push=AYg5qPIBW4-EgrmV2WWOJ2KktRCZpbyX7nvKvzfW6sz4kgYLv8H0UN_bz4iQp-Ir5iiIOxZ7jicX_ogZjYy3N3ruYgrw2CgwUFfyug

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| structuredClone object| oncontextlost object| oncontextrestored object| zarazData object| zaraz object| CloudflareApps object| __CF$cv$params object| __cfQR string| GoogleAnalyticsObject function| ga object| __cfBeacon object| dataLayer function| clarity object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| Popper object| bootstrap object| _0x4eef function| _0xf565 boolean| _purpleadsWasLoaded object| _purpleads object| a2a_config object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init object| icons string| svg_tag_open string| svg_tag_close undefined| svg_src undefined| svg_src_default number| a2apage_init object| _0x823e function| _0x5eb8 boolean| _purpleAdsDisplayInit string| purpleadsInstanceId object| purpleadsAgent object| L function| mytextcopyFunction object| map object| marker object| popup object| _leaflet_events function| submitForm boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| color object| recaptcha object| closure_lm_730189

65 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 63ddfce7a6a644e4910c7cbefb7b3a46.20220321.20230321
.nets4.com/ Name: _ga
Value: GA1.2.688344210.1647862839
.nets4.com/ Name: _gid
Value: GA1.2.1407191915.1647862839
.nets4.com/ Name: _gat
Value: 1
.nets4.com/ Name: __cf_bm
Value: uhMueFQKpZgegBKr7mQ6rCfxlfhsjJKQmYUgurGS8fM-1647862839-0-ATYpJYUuo/O7RKwi6VK2fnlJLYJzrtxK3T9d7F8sutLQvA057UA4c9e5aOjsKGCgNn2li8EvqoySf7CePqHrdHRrcH84o8uuamdalAzMatTR8jxXxSPeiADMGbxXsn5h/Q==
.nets4.com/ Name: _clck
Value: ib5612|1|ezy|0
.nets4.com/ Name: _clsk
Value: d3avs7|1647862840291|1|1|j.clarity.ms/collect
.c.bing.com/ Name: SRM_B
Value: 28C4BE0A7C3C6B262D67AF647DEE6ADE
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 28C4BE0A7C3C6B262D67AF647DEE6ADE
.c.clarity.ms/ Name: ANONCHK
Value: 0
.adfarm1.adition.com/ Name: UserID1
Value: 7077517010430067944
.doubleclick.net/ Name: IDE
Value: AHWqTUkumzdPyGPkS-8sMI-Q11MSnU3hR0BsbtGfHWTjwDQu-afvZpNssOcY-8w9Wsk
.casalemedia.com/ Name: CMPS
Value: 3274
.casalemedia.com/ Name: CMID
Value: YjhkOpf8zZv1BkpaMl0qvwAA
.casalemedia.com/ Name: CMPRO
Value: 1136
.adnxs.com/ Name: uuid2
Value: 4383075721814274125
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 48836434983a2c7b
.ad-srv.net/ Name: pwzdy6wsn8n7_uid
Value: 3c29a6fb7580febe
.nets4.com/ Name: __gads
Value: ID=bf36699824cc9ccb:T=1647862841:S=ALNI_MZ_N5wsBSevM6mKNBjxL6dBNvCt2w
.awin1.com/ Name: awpv11830
Value: 296283|1647862842|bd6a08a1-a90b-11ec-892c-22623498ce3d
pb.media01.eu/ Name: DTU
Value: 4962313BB2913FC7C929C3FB63B02E29
.emp.de/ Name: HtLpTx
Value: Awin
.3lift.com/ Name: tluid
Value: 4182571874349004122951
.bidswitch.net/ Name: tuuid
Value: 950aaf85-bafb-4d74-82db-3f9563615570
.bidswitch.net/ Name: c
Value: 1647862843
.bidswitch.net/ Name: tuuid_lu
Value: 1647862843
.mathtag.com/ Name: uuid
Value: 1ee76238-643a-4f00-9953-4f65da041bf0
.mathtag.com/ Name: mt_mop
Value: 4:1647862842
.blismedia.com/ Name: b
Value: 6238643B223C487688569EC7BLIS
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%228394FADE-B7A4-49F7-A073-349A23F88DFD%22%7D
.lijit.com/ Name: ljt_reader
Value: 16f9783c7e0893c2225cef8f
.bidswitch.net/ Name: google_push
Value: AYg5qPJSL5g45zhdkB7Qb5FrcUa6nx8ZRec1KwpcASG5DyCvFUOAEq0RKNu9h_gGer_-VHbFHK8_Iw6GwIhtKKpHQDqSwnHCQsqcpw
.awin1.com/ Name: awpv14172
Value: 473322|1647862843|bdb47f20-a90b-11ec-9413-2263ccb3da92
.awin1.com/ Name: AWSESS
Value: 372905:2481855
.casalemedia.com/ Name: CMST
Value: YjhkOmI4ZDsA
.casalemedia.com/ Name: CMRUM3
Value: 2d6238643b2760CAESECBYObjZVKDSpzSvm3h-4q4
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlbdZwLw!]td!8i_iqf!oN/@E'zz<*Z0QA%yj4Huwy(`!airiXoxL5hI*w21:%g0U_$sTD._*PlZ[C[-kX-1L+#w
.adsrvr.org/ Name: TDID
Value: 6eb0a9a6-2037-40c6-8874-95ce80b881d1
.retailads.net/ Name: ppb2172
Value: 1284527989
.de17a.com/ Name: guid2
Value: 1.417695836795709919
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YjhkOwACfbnZNQA-
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a8be39b9-0c63-4557-84a6-6388033728ac-003%22%7D
.adform.net/ Name: uid
Value: 3314606506590659150
.futalis.de/ Name: raSIDb
Value: 1284527989
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a8be39b9-0c63-4557-84a6-6388033728ac-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aInseFqkaHbBykt9Zbxq5ucZaG3QR9w5f6JUNqaRyHW05h7u5cfBADs3Oe30xoreuy3EWRnbVYws2cFsN3wFi9
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1647862844311,"clickCookie":false}}
.creative-serving.com/ Name: tuuid
Value: 54a292ee-c372-406c-a983-941673e305bf
.creative-serving.com/ Name: c
Value: 1647862845
.creative-serving.com/ Name: tuuid_lu
Value: 1647862845
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.justpremium.com/ Name: jpxumaster
Value: um-4ff82ebf-eda2-46cc-b8fa-39b80aed62f6-1647862845
.justpremium.com/ Name: jpxumatched
Value: p161
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-950aaf85-bafb-4d74-82db-3f9563615570
.pubmatic.com/ Name: PugT
Value: 1647862845
.pubmatic.com/ Name: PUBMDCID
Value: 3
.demdex.net/ Name: demdex
Value: 13858730213095029110719607379784737359
.dpm.demdex.net/ Name: dpm
Value: 13858730213095029110719607379784737359

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

035b523d4da31ddff179f9b37cf4ed4e.safeframe.googlesyndication.com
1e709b9d6f90218a070eddf58f9b714c.safeframe.googlesyndication.com
48c868b366244e7d7770a8f4adab9561.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
5fd3b64ba09b669362261d7035670824.safeframe.googlesyndication.com
605ddd431ccb9d0d325cc9f8ea31a9d0.safeframe.googlesyndication.com
6f3bb8c6a59dda0a6715cd9ba37a37b7.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
81a1960e6551bc8368f7353dd7facd76.safeframe.googlesyndication.com
a.tile.openstreetmap.org
a.tribalfusion.com
ad-server.eu
ad.ad-srv.net
ad13.adfarm1.adition.com
ad29.ad-srv.net
ads.creative-serving.com
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.purpleads.io
api.webgains.io
b.tile.openstreetmap.org
c.bing.com
c.clarity.ms
c.tile.openstreetmap.org
c1.adform.net
cat.fr.eu.criteo.com
cdn.contentspread.net
cdn.purpleads.io
cdn.retailads.net
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
google2waycm.netmng.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90002.redintelligence.net
hal90006.redintelligence.net
htlp.emp.de
ib.adnxs.com
id5-sync.com
imagesrv.adition.com
img.nets4.com
insight.adsrvr.org
j.clarity.ms
js.adsrvr.org
match.adsrvr.org
match.justpremium.com
media.acfrg.com
medialead.de
nets4.com
pagead2.googlesyndication.com
pb.media01.eu
pix.eu.criteo.net
pixel.rubiconproject.com
pv.medialead.de
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.tribalfusion.com
s0.nets4.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.addtoany.com
static.cloudflareinsights.com
static.criteo.net
static2.creative-serving.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
us-u.openx.net
www.awin1.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
google2waycm.netmng.com
104.111.239.217
108.157.1.118
13.248.245.213
138.201.63.150
138.201.63.164
142.250.185.130
142.250.185.166
142.250.185.66
143.204.98.127
143.204.98.40
145.239.193.130
151.101.130.49
151.139.128.11
167.233.14.134
178.250.0.160
178.250.0.162
178.250.2.135
18.159.23.158
18.184.212.115
185.29.132.245
185.33.221.50
185.64.190.80
20.85.30.134
213.155.156.165
213.19.147.45
216.52.2.39
217.79.188.54
217.79.188.59
23.218.208.246
2600:9000:2156:2c00:c:6264:8240:93a1
2600:9000:2156:c800:13:99a2:1280:93a1
2606:4700:10::ac43:2794
2606:4700:440e::6812:2fe6
2606:4700::6810:125e
2606:4700::6812:c05
2620:1ec:27::cafe:1846
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:803::2008
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a01:4f8:d0a:2321::2
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a02:2638::2
2a02:fa8:8806:12::1370
2a04:4e42:600::649
2a04:4e42::649
2a06:98c1:3121::7
2a0b:4d07:102::1
3.33.220.150
34.227.128.233
34.251.93.43
34.96.105.8
34.98.64.218
35.158.47.202
35.190.0.66
37.157.2.238
46.236.13.147
46.4.10.47
51.89.7.205
52.142.114.2
52.30.107.253
54.76.176.197
69.173.144.165
85.114.131.234
88.198.250.30
88.99.219.174
94.23.99.218
056579895d708974dbf56de4ce37da8762ee657fdfb0544a342cb0a405fcda34
05f7f72511e19aab44be3f209fd8b6d4d11c2dc61b082c266dad33bd0dae4629
065fd7bf5982c6caca5f042871f953f9a4d6ec1598a53ec6690792a4c33bd9d2
06d6cc041b35c0dfe98da96288ff01642e217ed8642154f8e15bc727234160cd
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a7fcb2b9c3f4d18eb22187d746a67082a4e1a0573d63efbe2243e780cb0e145
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129d8ac5444c8d3b57b235122956eaa2866d7c3548c7e43fad08ada5087600a6
1415e79e90a9d44842a47430fbf3be51f06c4d44d3f1dbf548f7adca3a0a6f05
15afe2c2b219d226a289b424aa49b2e92ead83a79dd1781b78cba876905a606c
15f97543ff4d546609111ebf1c117bbe16c5fe852fa7e826204b74566e91a8f7
17a97981604a1fe56f8804e77655010e70cbfbbac2c66e03a303e876dfd72640
18e8fbd37854b0c1f896d8709e1ff4358220c5f458c63d6c1654bd15827c40df
1cbf38da8d5e1d59a0fde805fa77444183bde3c24a29447cce14f8a2b56247a0
1ceb05f5f74e286cca62b90b21a91368222e900ddd0357df6b1d5d88ba618440
1d07bcab4c15f3ff3b56d0b5c9f44c3dd1c7266eb5788bfbc09f02822b07de0c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f9198526bb382bdfa81ff720f42ad1b51195d45f6dba3969e390506730c85c0
21af66f64bb18b1159ee363a933d5630e27419c83915d4d5ef42d8154f3921da
2255ec4c3254a41b448889224b2cc5c32f8d6f8a6165d3c58aa6523f86c0957c
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
231b47c1d314a648abeaf2eb87f622c465b28aee9eb0088c2b7e28cf1e87ba4c
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23b98bc774ec832603abe91bba58e4eeb33660e208bf8b623d5ca4c81b258b2a
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
23e0af8c18039609b97c6d39a885161fc02218fb0483abc5c81c9a214cbdc9fc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264f5c640339f042dd729062cfc04c17f8ea0f29882b538e3848ed8f10edb4da
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27377803f0c1923c3d5d32c5b85d3794a7452e1fe27dc165fa6c11d94fa3c064
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f2c78d11d003e80352b2d13a775d2a137299302b3893210b68427a7d5ee3a72
2ff65b0600fe7250809e82ea0c84552439ab72f585bf50a814698cbcd0db7d57
300df2b4fdd7daf4d9b291c810b0b4a881c8563ec7dff0695dd9b2d409f02ff3
32a97e6497cd6c3a611286892f51f127409221715c0cb3f2795f8c480bc76de4
32d66c0ad91c4d07700285ee0b684ad515b3298f18bd993c185df9f09548a12b
354250586e7d9cc8bf4ec0d55891b23913ad970f1ad32139d3b71fed215737ba
356d53b9879dc2e455d2201a932b1ee73dd51f38d6593e522e5b6decb7df3e2a
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb236e11f99ddbfc498c9e21b22a1cbc48da9c51f173be370db2f8a69ee9bd
39184c5d24b37db1eb01bfa5170eb2fa23b8a3955a4e73c5a83bf382ec91ef8a
3ac1f54c43f059ff5751b38fd511e18f7db88c9844d25528f37eaf2f8454ed4e
3b322c9030883acdb559f857024b4ef3ab7574712b635b6e3db135749e32e1fe
3c03c1806aaf39197764436ff012cb0828851863170e7928a49e8e3f40097e62
3c865f9ba19b80bbab61230ac6f099d6c605af2b21615415338a9bfa471c863a
42fc11f1eb6e64d09407430fb1e40a20a59ea6e3f35d50fa4d9f38e436c6c5dc
43f9404d1c54b94c7b75fa0be7cfad2fbb01ad9af84c21a40a7accdc38c959b4
43fd715c6570eb9750e5d82381fded2db6bdde5bfdae7adc0eddbe0918862fc9
4548a814aab9889f80fdc4b4969e22438b97b56ed1b340ad411530dd1ade5bb4
48e500d506c0da35c8731c86b94c8c0ce31257f86c334ec50ea7b5d237efee8e
495058bb3a9c6a456ef765ecb77fa816ad5dced2653c081a2ac5b1aca67d2781
4964deabbe43777aca99c7e19c2908ab9b14723b346a22aa42ed06830bce2635
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
4c854935444458a4ff41b6b35cc5d4efb33da0b95c11b73f96d300b69ac2ed41
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e44c88ea55c8d17867c766ddfcb743cc879dda55999ba0ff9982c37ee5d9cc9
4fef239ebd936e96f316dee1aca599952e7adaaba26fab72b45328871855ac4b
4ff82d7d56a120e8d1a4a9c51ceb6ed24b949e854871799cc5ca09c9b1bc43c5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
516fadf20aefdc9565d38ff12fd35aa4262d20408dace2f5849cd191119496c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56386db6fedf5475ff6ac57939cfaac58722f519fdce666cee7494b993c84e81
574c3a5cca85f4114085b6841596d62f00d7c892c7b03f28cbfa301deb1dc437
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5869c6f986927ae74abcb2810724a17d4da067c78b7145692192525c2ff843ed
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
5976dbe797a12437bc9f8ac3b7df55f4ebe57b642e83d304ba5a5f5a041fe3d6
59b1cf1bf839e1f80a40ac0bcbf54f1edc79d6bbc0af4b96a97daa507bc77432
5ad4775e1fe1f79812db4a03e8a5385a2b542639587bbadfed3f6fe83752f8b5
5afd2da25b2454109b998af1d57ab83e2d84a214be7831823fb9582073400bd9
5c274e9f1399f06e6b77a2c148af95365783e8b54b16c82b9babdfa8ca314553
5c34b3b59e11b70ed4bfc261aef303c82a5a9709636dd60fb29106f1fc405aaa
5c6ad9879f2708229595269908c145e7307d38c82dcf4c7cead3da09bc23b5b3
5e96abef75b98a0a702fdd6999338ee5e1cf489544f8bbccd5e2adbe217f6fd4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f006e862de7376ac64823e987c351c10f6cc9fd1cfa8dad4780f47b477a8d1
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68a2107705cf7c5836443d888f2673f9c59e78986dea1d7f9635c1c4ea1f7910
691d4bd7b9b31f9ab1b1837e7d956e0e3041ef63c1ee0edee8ca6208a4234efd
69c0a8d5284b247bd724d3c3742bdb8d61c5cd8cc5df7fe1144679ec3531d7dc
6ad584690f7fa3e788ea1df9a6a567211be5d9d627908e9339e84e99efe70126
6b9d73532300cce789de292a30a5d56f3014464d1b203287362e91220b4534ae
6bb77d20dd85b4bfae78affeef6ee91869bffa0ef53ed9c8ab9c2a526d0180c5
6d863e02e4dba282053a441dbc266f4f25fcad271a974cd3c464b162b46f07b4
6f83a93fc84060cd64a1ffdae24119f3395f51f54e1b82ad07bea31a73166765
6fb5a0222f604b6096c3cf7c93e9d5fa47059e8c5d227735285e0863c63de31e
704f6f54ae77cd5ea0a0bf47ebb70727a9bd76a311d7e54788ad3dc79b366739
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
711ebe8c725a2944bf95e92c7e939b6723df6efe1b6923e0353c29b355f2df2f
722c5b95144aaf980dafacd36b1df0a3a0cff78962e8eee8f56e40c423f00b6f
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
7565007599a504c3ab52a3fd293842489952a0b1039f6ba2b3b365bc62b3fb9b
797da9d06297d00d2d867b3457f2165102f2da1cfb5388cc9a08e5441d4ac069
7ab7c7063d0b0bce789cf1ea1caee6c7ee598d8ab306699d029e066bdf5b20b4
7f52c1a6ea2c51d53378bc1b1d6d31807e1204f88b40524b7f24f6803d667cc3
7fdf893519118f4c6ee34653a6f14eff463a94908af05c9fe958a83038d52b89
836bae9498e9db21675330bbb3fd34be2ad5b19fe20c751b2a7e83152db5e685
83dda045a82007d863e18a06f7c4fad7267bad1ecdcd62052cb93cce59fc5bca
866075e9f9540d3fbc1af75076631d86c71404b40ce5252d4e5085b0d9964e5b
872db65edd71fe352f99ee191b3d101e34d61af2f3d96311d5d49611db3f3bf1
8af85e8f32dd701c3dae3bbaa0fd3d1de702780059d4d07f84203e1f2d781385
8b098d6fdce955fd509d960d01a9e2bd6eb1e1a374d808ceebb95fa2bcda3029
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c1971597100f2dc7d4f0b39b56b0a842f2852c70a76811d360bd18472e22b3
9259e6ae55bb8524e8474ac12522184db2f9aa294800d8171ee3055eed68098b
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94b5582b970ffb64a798f0d8e453a503c202d991ed53a08b5fb3bfac6a869ff6
958c23bb0566f078df7982889e7f3e11ee1e790f0a0da9694ec47fe91f293cc5
9681c0a0a13d8581f202bfaf62e53563ea6d0d6bd8e542b35b6d7c09b0e7b41b
97eafbfc7d4d2c5f1932e354466b4611b6441d864cc7ec3e3969aa057107de74
9895f9373b5803a4ff18da4ce38f1fdd0f8695ce4c87b5c44f3625e2f4d0f6a6
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
997b911237bf1ba3ae866d21754fd8e3873582aece25276fbb6b4877a61e1a80
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bbde4e879f5cc6d8e98b1e5605898a933825190f867b66285b084bc3ee785e9
9cb1733fd77ae45309144400e7553dce9f310ef476dcd00357a91a91a538c31f
9dae37b207226c0acff5993099a617e19d737ba27eddd7d15ea97f0a6d23dab3
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9f64ac05d9de5d35a6a2d0ae82ba2f8c1454fb6b36d22461ebbaa538fa1b950d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a169ad9478744440d80f65bf8c21ce91ec4198f22144bdce408c3f4952b63981
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4654e7e10214b521a74dfa0ba9de3b97190c8769245452b4393bd628a36661d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f6236d1fa4c95d4ec446fc7200e1997a0764ceb1cf27264c208ca25ddc7025
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8420c38c95a7d59c6438466cb6796daff1f607aef1ba95a153aa22459839286
a942bb9cf114959e0102a1ed5adef054d4b06ddff5980a4bd8414165bd5457d4
a9edc4098c6c3d05ddef466d5fb2ae4bc9e917c58c3e419de40945455b720dd9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abf9d562a837cf7396635dc87669c0d96d42732f8ec3a85d2069bf9e8021e69a
b0bc751d13f743f19e86cb66cf1918029bb4b5a2a70a673a4ef509d85d6b8600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a4954032531fc135cb9b5744c899a1ccf195c9ad4f11fdb4b19a61c86a8c75
b2bc8cfbf80f6a8f18a4eebffa392003613a70bd924d7b8d323ac3313781572f
b4b326975dd11639f7751af70356d62d04af79c6a1a6dcab5d2a3316b30315a8
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
b9f590b71a56c0601f7977e5fb4a4126964a8324cae426e43d454ee92978f8eb
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
c0424bf17c093260bb3019ccb6e24448532bcbf6b96aea97c039058af67bce54
c16987e09d4faefed37d4634ba988a44ce14f9367ebe966833fed43e7ab6943f
c2885456121d4d87bd6653a7f2d2415f26a51dd05ff983b9ed37977752a8f8a4
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c6cd28b8f48cd9c890723dbd16c6847083e7c322af81fc3da91b9730ac576658
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6d84a42a2574f25cc71b9daf2e223d02da455b36438aac048e7430354f95de6
c7a47ad3ec622ef014b2417c3e084660e37c71e38d44b44e6529086a3c08c294
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
c837347a297c1a35852aa375392cc74950a2b868214e8b1909c4637b8b63ee24
c87dc7d9c212984118785676c741a202f5cac746b7b003298a930ed56316e51f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca134a3b68cce730dba945e5fef7c733db6f222f4eef52f25b554ce9b8a62e7d
cb275581c42b9338672e43207346d88de00252bc93f4feb49fe5821345bab243
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce39ef00d17505611658006a2744c5693bcd76caebdf3802599775eb4163cb05
d115d2b09aa07cc6ba7bec52861c6699d021420e2a9d4a6e1077f639b7d178b1
d3014990fc3c3ac542c5d08de1b0fd51d08428b645a7cdfb9d7b52f87ffb90c7
d4c757c1708af5584345f484e7289628a03851bba8c4b1951eab263dc474f002
d621d2bafec0ddf24ffe8be838e7269db6944811d1f977d09c09b2c1b3b1e76d
d75e52b4da9ad1860a394aa703089360cc41d85577c709ab8cec30f9d6c64615
d7e9eb19d45155e233a826620d29f729101625bbf965484c25008bd72d996846
d81da1c2333ea18b9649d21dd0dbb2a09141d43d18ef3e2eea1157f3e56d6277
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
dbfb5b3502c0b7d66a6dcec87db859e7a08f9eb601093d610fa17b92d4b7f587
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1892cb87a74dac682a6207344909a96f23d342670b32063a4f4bae614805dd
dd26eb1d09b3d47113a5e19f5105444a87d32facaabb7966faffd2fcca417695
de7e81afabff7b3149ffcf6e174b4f91be625d6816204f265233951797c4d352
dea6d9b977b06e1be6dbf3fc5118a1d8bfca410f14b6c4ad64ec07c057d4783c
df16ae2f3f4c003e55aa93796b78c0ab73e0155ae32bea72cee59d1e0832f92d
df3e76cc73aef3839907d88e63bcc89373746b5639e6563e03886f27ad9d708f
dfe484b6bf9bfeea3b9ade60ded9977672146e08b1eac03c07fb9328285d2f0a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0fa838ef67490c2d700006a9babaa296a1f4641863593e677c6cd930d038ead
e24eb7a4642d3f2f44d92d0fee0e2aca88ff4a66970bd7144fdb6a04077754fd
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e488f59eb48880c37d0c071f011eb19d1df68b5de804e20797dffb0c0fa7e439
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6a93f480cbf33a2e016fd777ca2e7a0944773d2f1d3874b1a44765794a84d19
e7fde36613328100bd90fe00f6a224f5ca22c98615f159ad918c0561fda041ed
ea4e56c29d46feb542cf3a8f874433c3d58992455ff13d05430ce88ce9fba7a6
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0449242120b20fce599f611cafd7ee1fb6d0f9754ca540a9c2ba5d7d7db0bfb
f0bd31b71a040ff2e49359179fc7c35db64d750e75d5e23e1534da255f64136e
f0f382f3320ade05dd14f969ff7dd9d894c6a6571165ab6d7fcdade2f4836dfc
f11fff9e7d7a19d85f2460b2b094ce472e6117411ce763d8429d237eb85de21a
f1cd3feadbea9256e5be2495f1f8bc3af7f80eb0dfa1c86e2b4719d27c61d5bb
f37e90bde6c10ace3c876270475f8097130179b6000f7f6514d50c964a149533
f3811661ae9084101dd990b6900dcb9a18e2d1edd1bf71a5941cc3bc26021e72
f50a9e6bc3e6b495d323fd384ca126c33f0e11c68edc8dc43939408c0404da6e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70751d4b3f5d5c9f208ea16e8cbcac3c6abf1bda80357da3fcd21dde4333449
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f78b02cd5cee4e5290d252d8e4828c3030aa149bf92b21d5a6436f13c38cf01f
f7ea54f9d61d984b5750bf54b282231b154b5649116a8df9eec82dfcb8eafeb7
fb8138fe467ac4fd833c97df11108432d9a0f84486b05f08d34159aff9f104b8
fbd9597150a07c43e90f3e5ed9e4872a8ebbb43813f982f141cdb067d47bf42d
fbea3a849eb5eb451604cb7ce1b603b968f8de6d5283b7751daa3c5c016bcfb9
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd194a0e52340c8689348e10a12e93bdc46d1502861db24c4d55b97a74444218
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e