creditcardgal.thetravelninjas.com Open in urlscan Pro
35.239.56.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://creditcardgal.thetravelninjas.com/
Submission: On April 02 via automatic, source certstream-suspicious (April 2nd 2022, 12:36:33 am UTC) — Scanned from DE

Summary HTTP 74 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 74 HTTP transactions. The main IP is 35.239.56.166, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is creditcardgal.thetravelninjas.com.
TLS certificate: Issued by R3 on April 1st 2022. Valid for: 3 months.

This is the only time creditcardgal.thetravelninjas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.239.56.166 35.239.56.166	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
74	16

1 35.239.56.166 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 166.56.239.35.bc.googleusercontent.com

creditcardgal.thetravelninjas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 pix.eu.criteo.net — Cisco Umbrella Rank: 7880 csm.eu.criteo.net — Cisco Umbrella Rank: 7886	131 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	255 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	22 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11668 ads.eu.criteo.com — Cisco Umbrella Rank: 7887 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10021	59 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8069	914 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	37 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	651 B
1	thetravelninjas.com creditcardgal.thetravelninjas.com	12 KB
0	creditcardgal.com Failed creditcardgal.com Failed
74	10

	Domain	Requested by
11	pix.eu.criteo.net	ads.eu.criteo.com
8	pagead2.googlesyndication.com	creditcardgal.thetravelninjas.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com creditcardgal.thetravelninjas.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	creditcardgal.thetravelninjas.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	creditcardgal.thetravelninjas.com
0	creditcardgal.com Failed	creditcardgal.thetravelninjas.com
74	16

This site contains links to these domains. Also see Links.

Domain
creditcardgal.com
generatepress.com

Subject Issuer	Validity	Valid
*.creditcardgal.thetravelninjas.com R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://creditcardgal.thetravelninjas.com/
Frame ID: 63C1B9F77C07A093EE5623FCC332EB89
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: AC90E47D9080B392B533D0F1A3894817
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5543897883073618&output=html&adk=1812271804&adf=3025194257&lmt=1648859788&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcreditcardgal.thetravelninjas.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648859788569&bpp=17&bdt=128&idt=92&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6524707540643&frm=20&pv=2&ga_vid=246778867.1648859789&ga_sid=1648859789&ga_hid=679408629&ga_fc=0&u_tz=0&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065921%2C31066013%2C44759848&oid=2&pvsid=1300783462363776&pem=273&tmod=1471011750&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=109
Frame ID: DBE0FCA2F7B0370A685259D8CEA527E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1
Frame ID: 57158DC2B3551CE56FA3138B5BD91347
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkeaiwAMvPMIu8oLAA3bzcqbDJYOSEtBI9SYkA&u=%7CnqiOenqwhcZD3XWb7MZbuMuUijfLpkMyWBrXpsZO%2Fu8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUJ_wK0R074RpU6iUP42pTUNwpGc5sTUWGvaNKjLAEJSys7Jxj2OCNRS1IuzD5PcP7QbLyEwucHyfRS4-OBU7NbvLkTK8wM7GdrMCu95-n4RazWDI9nuVyiAUyzS2eyd2cAKLSdl2b0ROA_zobhCPqTlLjBBIlQKZN-I-chq1mOosBz0ZPF4ZNNBGB_QisCQaIzYOePlKy2i-r-HICwtMTol21bUI2FShsWhWtiKn2EMmmcIHTd1Vin85prxmDkJMTcSsijhZpoRai1hepoa4hRJIkMzGH7dGTMz8EfIQUStu3to2bJO2SFhBMRDC4_yArH5ddnEzd-tZL0TI_Z7IXxriGIjXIcSlLnBh8XiRd1YOARJ7s1ZjuGoMCXfMwxc5focoI-goluDJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvxfni5pHYvP5MouU7_UPzbe3-AXJntKxXPWR3r6xAcCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NTQzODk3ODgzMDczNjE4oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBN8BT9Ctl9OLwX3c1de3J1AYe3zeVlxrO9gE64ydm2NawrrSO4PGU8Nj7mB9Cn2kh2yhc1f7rD5IsxNawxh-u1IkYL8HTwFYwpJndM0xfbjQ0Bjbe-CeVLMlvxnOTNI2vgvsyRDn-qyKaAc8jcWt5QJrQWrZj9Ai1YyiqjyyolZrgzd8kL8kDtPs5v7fCJtyzu3y4IVfG8Gg4A6IrPunEr0iA4RgqQsG6m_p6hSBEE44ONbb5TjPCCje9XSCMrvZh1OUyx4_NkqAiR60Um--F03J7Io_cGjeehaowfn9jr3VCYAGlNmIzZvkvpXwAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oKOiHUAAcC_z2yZ-4TrsFgIu_WA%26client%3Dca-pub-5543897883073618%26adurl%3D
Frame ID: 1F5A6DFAA49D82AC9DF7307D456A20CC
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1240CA046F6E8148E5A97149E04AA784
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDF2E39D25E9244F1E3E2ED7BBD78883
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Credit Card Gal - Learn How Credit Cards Work and Their Benefits

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

74
Requests

65 %
HTTPS

67 %
IPv6

10
Domains

16
Subdomains

16
IPs

3
Countries

519 kB
Transfer

1301 kB
Size

3
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://creditcardgal.com/

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/american-express-everyday-card-amex/
Title: American Express Everyday Card – AMEX

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/author/credit-card-gal/
Title: Credit Card Gal

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/category/credit-cards/
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/tag/how-to-use-amex-delta-creditcard-to-get-free-check-in-baggage/
Title: How To Use Amex Delta Creditcard To Get Free Check In Baggage

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/credit-card-offers-choosing-the-right-one/
Title: Credit Card Offers – Choosing the Right One

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/tag/where-can-you-get-delivery-with-credit-card-and-pay-online/
Title: Where Can You Get Delivery With Credit Card And Pay Online

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/avoid-negative-inputs-on-your-credit-report/
Title: Avoid Negative Inputs On Your Credit Report

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/tag/how-does-being-a-few-days-late-on-creditcard-payment-report/
Title: How Does Being A Few Days Late On Creditcard Payment Report

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/better-off-with-no-credit-card/
Title: Better Off With No Credit Card? Sometimes

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/tag/is-it-better-to-not-have-credit-cards/
Title: Is It Better To Not Have Credit Cards

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/getting-a-credit-card-is-a-huge-responsibility/
Title: Getting a Credit Card is a Huge Responsibility

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/tag/credit-card-responsibility-is-required/
Title: Credit Card Responsibility is Required

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/affiliate-disclaimer/
Title: Affiliate Disclaimer

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/earnings-disclaimer/
Title: Earnings Disclaimer

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

URL: https://creditcardgal.com/?blackhole=6323ad876d
Title: Credit Card Gal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
creditcardgal.thetravelninjas.com/ 56 KB
12 KB 1512ms
1110ms Document
text/html 35.239.56.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://creditcardgal.thetravelninjas.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.239.56.166 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 166.56.239.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12e46c86139b49c609b8df490090b67dd1c736e6d76b4648297b1b044ce1e309

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Apr 2022 00:36:27 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
link: <https://creditcardgal.com/wp-json/>; rel="https://api.w.org/"
pragma: no-cache
server: nginx
vary: Accept-Encoding Accept-Encoding
x-httpd: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_SET_COOKIE
x-ua-compatible: IE=edge

GET dashicons.min.css
creditcardgal.com/wp-includes/css/ 0
0

GET wunderground.css
creditcardgal.com/wp-content/plugins/wunderground/assets/css/ 0
0

GET style.min.css
creditcardgal.com/wp-includes/css/dist/block-library/ 0
0

GET affpages.css
creditcardgal.com/wp-content/plugins/WPRzComparisonPageCreator/affpagecss/ 0
0

GET all.min.css
creditcardgal.com/wp-content/themes/generatepress/assets/css/ 0
0

GET font-icons.min.css
creditcardgal.com/wp-content/themes/generatepress/assets/css/components/ 0
0

GET jquery.min.js
creditcardgal.com/wp-includes/js/jquery/ 0
0

GET jquery-migrate.min.js
creditcardgal.com/wp-includes/js/jquery/ 0
0

GET core.min.js
creditcardgal.com/wp-includes/js/jquery/ui/ 0
0

GET menu.min.js
creditcardgal.com/wp-includes/js/jquery/ui/ 0
0

GET regenerator-runtime.min.js
creditcardgal.com/wp-includes/js/dist/vendor/ 0
0

GET wp-polyfill.min.js
creditcardgal.com/wp-includes/js/dist/vendor/ 0
0

GET dom-ready.min.js
creditcardgal.com/wp-includes/js/dist/ 0
0

GET hooks.min.js
creditcardgal.com/wp-includes/js/dist/ 0
0

GET i18n.min.js
creditcardgal.com/wp-includes/js/dist/ 0
0

GET a11y.min.js
creditcardgal.com/wp-includes/js/dist/ 0
0

GET autocomplete.min.js
creditcardgal.com/wp-includes/js/jquery/ui/ 0
0

GET widget.min.js
creditcardgal.com/wp-content/plugins/wunderground/assets/js/ 0
0

GET jquery.js
creditcardgal.com/ 0
0

GET affcompare.js
creditcardgal.com/wp-content/plugins/WPRzComparisonPageCreator/affpagecss/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5543897883073618

Requested by

Host: creditcardgal.thetravelninjas.com
URL: https://creditcardgal.thetravelninjas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f56aa722f497580a1828865120de01de1f514297d5fae3dda70624171f810d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://creditcardgal.thetravelninjas.com/
Origin: https://creditcardgal.thetravelninjas.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54027
x-xss-protection: 0
server: cafe
etag: 2970706302544469734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 00:36:27 GMT

GET cropped-Credit-Card-Gal.jpg
creditcardgal.com/wp-content/uploads/2020/04/ 0
0

GET american-express.jpg
creditcardgal.com/wp-content/uploads/2020/05/ 0
0

GET zb.js
creditcardgal.com/wp-content/plugins/zerobounce/res/js/ 0
0

GET main.min.js
creditcardgal.com/wp-content/themes/generatepress/assets/js/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/ 297 KB
107 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543897883073618&plah=creditcardgal.thetravelninjas.com&bust=31065921

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5543897883073618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

672da4e517eb1a56dae657a2ebeffa694b1611a783cddff72a4790e38a80cd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109422
x-xss-protection: 0
server: cafe
etag: 5859547014358298380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 00:36:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame AC90 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5543897883073618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 4046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 23:29:01 GMT
etag: 4044455266028820542
expires: Fri, 15 Apr 2022 23:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET bB1ahh.gif
creditcardgal.com/wp-content/uploads/2020/05/ 0
0

GET YkMS7p.gif
creditcardgal.com/wp-content/uploads/2020/05/ 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 223 B
651 B 63ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=creditcardgal.thetravelninjas.com&callback=_gfp_s_&client=ca-pub-5543897883073618

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5543897883073618&plah=creditcardgal.thetravelninjas.com&bust=31065921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

67c4d5698cd26970bc799d9c347c595265ade87b75312f4a3e0413a70b37a706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=creditcardgal.thetravelninjas.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=creditcardgal.thetravelninjas.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBE0 37 KB
13 KB 145ms
130ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5543897883073618&output=html&adk=1812271804&adf=3025194257&lmt=1648859788&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcreditcardgal.thetravelninjas.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648859788569&bpp=17&bdt=128&idt=92&shv=r20220330&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6524707540643&frm=20&pv=2&ga_vid=246778867.1648859789&ga_sid=1648859789&ga_hid=679408629&ga_fc=0&u_tz=0&u_his=5&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065921%2C31066013%2C44759848&oid=2&pvsid=1300783462363776&pem=273&tmod=1471011750&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=109

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ce4e7da5365d23078712e621e5d28280c08d2fe0a826144660334eedd23522f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Apr 2022 00:36:27 GMT
expires: Sat, 02 Apr 2022 00:36:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/ 145 KB
51 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/reactive_library_fy2019.js?bust=31065921

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b46a7f2acd8995e718490e8d7949c2ad4a535f5923383926b327d437f075bf37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52591
x-xss-protection: 0
server: cafe
etag: 9196835487814764538
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 00:36:28 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=creditcardgal.thetravelninjas.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=creditcardgal.thetravelninjas.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/ Frame 5715 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 1857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Apr 2022 00:05:31 GMT
etag: 4044455266028820542
expires: Sat, 16 Apr 2022 00:05:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5715 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CslEIi5pHYvP5MouU7_UPzbe3-AXJntKxXPWR3r6xAcCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NTQzODk3ODgzMDczNjE4oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBNwBT9Ctl9OLwX3c1de3J1AYe3zeVlxrO9gE64ydm2NawrrSO4PGU8Nj7mB9Cn2kh2yhc1f7rD5IsxNawxh-u1IkYL8HTwFYwpJndM0xfbjQ0Bjbe-CeVLMlvxnOTNI2vgvsyRDn-qyKaAc8jcWt5QJrQWrZj9Ai1YyiqjyyolZrgzd8kL8kDtPs5v7fCJtyzu3y4IVfG8Gg4A6IrPunEr0iA4RgqQsG6m_p6hSBEE44ONbb5TjPCCic91UQtTRFlOwI373vC-x4gAq-5GWQD899JLeZgtfAVg4ta33uMYAGlNmIzZvkvpXwAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU1NDM4OTc4ODMwNzM2MTgYAA&sigh=Qn3dQ9MPf4s&uach_m=[UACH]&cid=CAQSGwCNIrLMmg1aZ5EO1IKrJeCjcJ8IdKv2BjVRmxgB

Requested by

Host: creditcardgal.thetravelninjas.com
URL: https://creditcardgal.thetravelninjas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 02 Apr 2022 00:36:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Apr 2022 00:36:28 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5715 0
0 82ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UNrxEsz6RO0HfJ2DYgICAAAAvPvIqGgbMnUQi5pHYkCUd4Lg5n_FMAIoABI&wp=YkeaiwAMvPMIu8oLAA3bzcqbDJYOSEtBI9SYkA

Requested by

Host: creditcardgal.thetravelninjas.com
URL: https://creditcardgal.thetravelninjas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 232057
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1F5A 238 KB
58 KB 107ms
79ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YkeaiwAMvPMIu8oLAA3bzcqbDJYOSEtBI9SYkA&u=%7CnqiOenqwhcZD3XWb7MZbuMuUijfLpkMyWBrXpsZO%2Fu8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUJ_wK0R074RpU6iUP42pTUNwpGc5sTUWGvaNKjLAEJSys7Jxj2OCNRS1IuzD5PcP7QbLyEwucHyfRS4-OBU7NbvLkTK8wM7GdrMCu95-n4RazWDI9nuVyiAUyzS2eyd2cAKLSdl2b0ROA_zobhCPqTlLjBBIlQKZN-I-chq1mOosBz0ZPF4ZNNBGB_QisCQaIzYOePlKy2i-r-HICwtMTol21bUI2FShsWhWtiKn2EMmmcIHTd1Vin85prxmDkJMTcSsijhZpoRai1hepoa4hRJIkMzGH7dGTMz8EfIQUStu3to2bJO2SFhBMRDC4_yArH5ddnEzd-tZL0TI_Z7IXxriGIjXIcSlLnBh8XiRd1YOARJ7s1ZjuGoMCXfMwxc5focoI-goluDJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvxfni5pHYvP5MouU7_UPzbe3-AXJntKxXPWR3r6xAcCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NTQzODk3ODgzMDczNjE4oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBN8BT9Ctl9OLwX3c1de3J1AYe3zeVlxrO9gE64ydm2NawrrSO4PGU8Nj7mB9Cn2kh2yhc1f7rD5IsxNawxh-u1IkYL8HTwFYwpJndM0xfbjQ0Bjbe-CeVLMlvxnOTNI2vgvsyRDn-qyKaAc8jcWt5QJrQWrZj9Ai1YyiqjyyolZrgzd8kL8kDtPs5v7fCJtyzu3y4IVfG8Gg4A6IrPunEr0iA4RgqQsG6m_p6hSBEE44ONbb5TjPCCje9XSCMrvZh1OUyx4_NkqAiR60Um--F03J7Io_cGjeehaowfn9jr3VCYAGlNmIzZvkvpXwAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oKOiHUAAcC_z2yZ-4TrsFgIu_WA%26client%3Dca-pub-5543897883073618%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9d210ad0cfaaef244a786d9e397f4f14845fc044a2563edba9f35538329aa315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 02 Apr 2022 00:36:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2xiH-hOJdj7O6S_t3LMbc2lqXjZgIQ42GVMvlUjDCpEzFjJ8drJOH7G35jVBkwe_-dhdn1VbQ5Qy-UuFc_7JWGz2L_tfpNdJD4ygnjHAOo5TJa77v9wGgeC1k61peCVZDJIoGjfHxfEHm4jYyxccy3clMCzo7rWayMo1Zd1e-dnZk4BfaaE-mVw_T7oary6DLpj2xjATw3JWDPLjsY6zVhT1FYEN5GcOZwFNbRE1XeqQnj5J7Usr87FZAZuTLgVwNyNbHQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 63765011
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 5715 2 KB
1 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 00:30:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5715 119 KB
37 KB 59ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Apr 2022 00:36:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 5715 15 KB
7 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Apr 2022 00:21:06 GMT

GET
DATA 200
OK truncated
/ Frame 5715 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fea8ed52e80f15aa98ec5496ebe3f7a7486f65b3b6e894dd20f57cd8228a500f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1F5A 2 KB
1 KB 51ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkeaiwAMvPMIu8oLAA3bzcqbDJYOSEtBI9SYkA&u=%7CnqiOenqwhcZD3XWb7MZbuMuUijfLpkMyWBrXpsZO%2Fu8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUJ_wK0R074RpU6iUP42pTUNwpGc5sTUWGvaNKjLAEJSys7Jxj2OCNRS1IuzD5PcP7QbLyEwucHyfRS4-OBU7NbvLkTK8wM7GdrMCu95-n4RazWDI9nuVyiAUyzS2eyd2cAKLSdl2b0ROA_zobhCPqTlLjBBIlQKZN-I-chq1mOosBz0ZPF4ZNNBGB_QisCQaIzYOePlKy2i-r-HICwtMTol21bUI2FShsWhWtiKn2EMmmcIHTd1Vin85prxmDkJMTcSsijhZpoRai1hepoa4hRJIkMzGH7dGTMz8EfIQUStu3to2bJO2SFhBMRDC4_yArH5ddnEzd-tZL0TI_Z7IXxriGIjXIcSlLnBh8XiRd1YOARJ7s1ZjuGoMCXfMwxc5focoI-goluDJ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvxfni5pHYvP5MouU7_UPzbe3-AXJntKxXPWR3r6xAcCNtwEQASAAYJWCgICsB4IBF2NhLXB1Yi01NTQzODk3ODgzMDczNjE4oAHVttLqA8gBCakC2OGiowiJsj6oAwGqBN8BT9Ctl9OLwX3c1de3J1AYe3zeVlxrO9gE64ydm2NawrrSO4PGU8Nj7mB9Cn2kh2yhc1f7rD5IsxNawxh-u1IkYL8HTwFYwpJndM0xfbjQ0Bjbe-CeVLMlvxnOTNI2vgvsyRDn-qyKaAc8jcWt5QJrQWrZj9Ai1YyiqjyyolZrgzd8kL8kDtPs5v7fCJtyzu3y4IVfG8Gg4A6IrPunEr0iA4RgqQsG6m_p6hSBEE44ONbb5TjPCCje9XSCMrvZh1OUyx4_NkqAiR60Um--F03J7Io_cGjeehaowfn9jr3VCYAGlNmIzZvkvpXwAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oKOiHUAAcC_z2yZ-4TrsFgIu_WA%26client%3Dca-pub-5543897883073618%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 Mar 2023 00:36:28 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1F5A 2 KB
1 KB 46ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 Mar 2023 00:36:28 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1F5A 308 B
637 B 39ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 28 Mar 2023 00:36:28 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 1F5A 507 B
835 B 39ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 28 Mar 2023 00:36:28 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 1F5A 43 B
348 B 53ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=3CC_JaNfMz_MUYM0i3wwDHkIlIbzwx4UzY2RPMhO3VzeO5AGaqfhAp7FKvUZmEuq3D9Pd5NPALtaqzSeeXVUWHsj43R-1I2e27PWbcapfvGveqyYBTrdq43C9zAks8eWQCnqLWzFPyWoxMz5jE15XVMkwiGQYugcDGPVeAQWkzXMva26k9SdMr5-GCKNRPSLFk8Urb03PRe1op7geo1D5Ns5M7n3hGqHY8Vzq6GaSnGWqOUmnXcTE9X8k3OIOwNklYVkksWayd0NiNxQWwW7wNTxi8N74btmC5dz5pKEJAWACU6HbYRB3N619lVxNn0wDh_FcxEb01BPEbtlnw9wVdoLlVmSKgC4_Fm9q-UxZ9SEMsf3E-DwKmsCtgzaL_dKsxX9E_t42wi6AYb97T5BQqyp8wz6YUsyxtMlV2ktzDyIGHDg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 00:36:27 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2661817
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1F5A 12 KB
6 KB 25ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 Mar 2023 00:36:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 2 KB
3 KB 190ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=32517&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F32517%2F161005%2F3ff0bb1ca05c4f9cb0e79d86aa5244d3_logo.jpg&v=3&w=196&s=TrQwgiO--HQSNALBudQjXUQQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2fb62e42c955493af8927d3c4456eee35815435a98b2420edcadb50a28e3f0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29639386
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2330
expires: Sat, 11 Mar 2023 01:46:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 6 KB
6 KB 190ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F47%2FDoctor_Nap_9902_GRAN_1.jpg&v=3&w=800&s=MXZGBYzs3rfE_tzPNbVinE9L&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4679b454701662dcfba44da4dfd7a161698be4aba1aa232f9e0af291947e09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=876523
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5664
expires: Tue, 12 Apr 2022 04:05:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 16 KB
16 KB 216ms
42ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F23%2FNaturana_73233_F.jpg&v=3&w=800&s=ckNV4gdMUQLO7L0l2r90TWu2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

73aca396084254257f3a1c8b59275f10234355f87f062a9ee935c7b2f5d75d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1164751
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16238
expires: Fri, 15 Apr 2022 12:08:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 10 KB
10 KB 231ms
58ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F52%2Fkoszulka-viki.jpg&v=3&w=800&s=0fsHG9CtKrk9fUnsAHPppbCw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

36b05fb5ab41ba80b28588ebee524996c96a42cc2a2e65ade06cc351947d9ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1156872
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9906
expires: Fri, 15 Apr 2022 09:57:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 17 KB
17 KB 216ms
43ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F51%2Fhalka_harper.jpg&v=3&w=800&s=swLmf_k9Z3fTP3lflhz30vst&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a3a8e543082bab8820b7d35b235d65509a16ca974fe4f5ae03358987f0db831f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=856336
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17014
expires: Mon, 11 Apr 2022 22:28:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 17 KB
18 KB 190ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F51%2Fhalka_jennifer_.jpg&v=3&w=800&s=Wx2sWfKxlsgQ_N5bB4AD6P5b&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c80cfaee8bb1f1d6aeb2385f094df2e5de924eddf98384da420fecb4fec1343b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1136000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17724
expires: Fri, 15 Apr 2022 04:09:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 6 KB
6 KB 41ms
40ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F56%2Ffigi-julimex-bellie.jpg&v=3&w=800&s=9aXoSgwdZ79TQ6nIInPTVYmD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

61c64f4a28af6deda9d463ef15de6647cce26e705b370326c77af06d23894e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=639942
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5884
expires: Sat, 09 Apr 2022 10:22:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 7 KB
7 KB 42ms
40ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F52%2Fnela_na_bieli_263976047.jpg&v=3&w=800&s=nc_hs9rMZH252g6E13voANR0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2bbde16d7fbf5e40f2a1c0360540ac65ac1a282069a577a00b29d27b7ba70010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=457065
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6690
expires: Thu, 07 Apr 2022 07:34:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 9 KB
9 KB 42ms
41ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F23%2Fbmh012-czar_10.jpg&v=3&w=800&s=sKrcP0HH2x0ai9A_q5PSADu6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b25f5858b0297dc7fc1c54da8b80eaf385617341f32546b78c01bc4df6082604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1158658
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8974
expires: Fri, 15 Apr 2022 10:27:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 22 KB
22 KB 42ms
41ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=32517&q=80&r=0&u=https%3A%2F%2Fwww.e-dessous.de%2Fimages%2Fdetailed%2F51%2Fpodomka_adelaide_biaa_koronka_przd_.jpg&v=3&w=800&s=1Hep692I9elKh2VTvn2_5G1B&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

994afd8d6666f055692ce2b6f4d2f82abb00a1effce5dcce1dc961ddcce17330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=632181
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 22514
expires: Sat, 09 Apr 2022 08:12:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1F5A 0
128 B 405ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=2xiH-hOJdj7O6S_t3LMbc2lqXjZgIQ42GVMvlUjDCpEzFjJ8drJOH7G35jVBkwe_-dhdn1VbQ5Qy-UuFc_7JWGz2L_tfpNdJD4ygnjHAOo5TJa77v9wGgeC1k61peCVZDJIoGjfHxfEHm4jYyxccy3clMCzo7rWayMo1Zd1e-dnZk4BfaaE-mVw_T7oary6DLpj2xjATw3JWDPLjsY6zVhT1FYEN5GcOZwFNbRE1XeqQnj5J7Usr87FZAZuTLgVwNyNbHQ&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 02 Apr 2022 00:36:27 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1F5A 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 Mar 2023 00:36:28 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1F5A 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 Mar 2023 00:36:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 40ms
21ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d13acbdbc348e28073295d477b67e459f6317ca8397429a65a822a62fc1a4b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10664
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Apr 2022 00:36:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1240 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 19821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Apr 2022 19:06:07 GMT
expires: Sat, 01 Apr 2023 19:06:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DDF2 783 B
1 KB 40ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73dfdb0f78c0e9eb956b342c719dbcd522852920a420f6a48fba00eb039656bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aaiT64CxTSlQCBa3PHhjlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-aaiT64CxTSlQCBa3PHhjlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Apr 2022 00:36:28 GMT
expires: Sat, 02 Apr 2022 00:36:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js Show response
pagead2.googlesyndication.com/bg/ Frame 1240 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 14:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13680
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 14:39:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DDF2 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=1300783462363776&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1240 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?I5LyQQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=1300783462363776&bg=!s7ClsPTNAAZku-1yRLs7ACkAdvg8WkDHLFns-ImdWeu7WGYeuihuk2T3ed9e-p98Lni6WTAtLDj1xAIAAADcUgAAAAJoAQeZAuIV9LVW2hOeTfeGn9MhIgY-1sUelpDZTs6kGEsfyVav9MWm_NCgWvK1Ca5NTf9AjdS6v2XwNPNrtzNKEsRtb4-jIdb49xhU4bCjDO-a6e94SpESeuXNtCNty5xVFXreYzqsU98g5BCLbye9Z0p5qN2DF18nHoSiJOVVZCpSHpDNy0sAYlKcIKcmUn42uPn7HqH2SgINfB_5RDZCq-NPkIlmZB_WxuP1tH44V1_zlQpv7WZVCuJqjfizkaZoD22Mf5lhyUi8qCjyrwQfM6wLTHea48AGMxpsXEX8H0UOBkoO8SAQJnX68YLV3N1i7PWL1wT5RgLQVB6XckDLsJlj_Puc4nWebZ3nrdENI4pWVzQZ0kb9Mk0xdhWRCku0yoEOTn5XMRCs-XMyvkc3y3Jwvt5qqjYIGylUoD6xXpTKdF5UKzqM1BpanCTwZK7DHLubX1Aie2QWHeR_4dllosKHKDMRa0uSop4E-x0FsA9iwVtsT9905C9QX5wXYVAMfTjkWepJuR7Avs7WeHCIqNpQ0L7UkN-II8O8sSJxeJYvjRHOI1SmYlWfrFiu7Kf-1w6jIDWSLplDMdkgSoMZZkQPcMhJfE1eGgQuatt-o16O1-WiZK8RDJomJO57PjA8eiREskVl_RiPzq9FywOx9p5yGhclo-ObNddfYjrgwSiIISkmsGgxjyRvgXRZ-wgwaRK5wkQDdOoCz2u1B1dhH4J3NgJTEOGjLxQbPMG-pX0BmDtVVoUzHKfeMnXALcfkpJxTc-zvjJnFy5Wn8sazDgQ6TYjqfBU0RSAPZIFlNaSoyvpL47fn1Bwu8tGDRtgqRLwvNemLBf6bcdfPIeAGpRVlFwCjYE0E8uzAoF7pGJ7umF4Zf2qmfaa4NKXg709ntYheh7BSc_5DjZkM4oy95wIAxayaDac2fvYxHVCqKt7PJHt-ZBOWQGcJgihjcCDae6c0jD0ClorkSEDex6LInd_Wuz13K5k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creditcardgal.thetravelninjas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 00:36:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5715 42 B
64 B 41ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaJBySXxA8I1WHxh_UmrKQrE1V8PE9oR-EBs0YnQOZQ0tHauoxf4LuH9EFBISnRnOzjnR2QLTN32zeed-7ZvHAHg&sig=Cg0ArKJSzPtyy5j0ogmNEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,767,1000,1116,1254&tos=83,684,233,116,138&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648859788959&rpt=140&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 00:36:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1F5A 0
127 B 15ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 02 Apr 2022 00:36:29 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1F5A 6 KB
6 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4679b454701662dcfba44da4dfd7a161698be4aba1aa232f9e0af291947e09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 00:36:31 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=876520
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5664
expires: Tue, 12 Apr 2022 04:05:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/css/dashicons.min.css?ver=5.9.2

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/plugins/wunderground/assets/css/wunderground.css?ver=2.1.3

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/plugins/WPRzComparisonPageCreator/affpagecss/affpages.css?ver=5.9.2

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.0.4

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.0.4

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/plugins/wunderground/assets/js/widget.min.js?ver=2.1.3

Domain: creditcardgal.com
URL: https://creditcardgal.com/jquery.js?ver=5.9.2

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/plugins/WPRzComparisonPageCreator/affpagecss/affcompare.js?ver=5.9.2

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/uploads/2020/04/cropped-Credit-Card-Gal.jpg

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/uploads/2020/05/american-express.jpg

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/plugins/zerobounce/res/js/zb.js?ver=1.0

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.4

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/uploads/2020/05/bB1ahh.gif

Domain: creditcardgal.com
URL: https://creditcardgal.com/wp-content/uploads/2020/05/YkMS7p.gif

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
creditcardgal.thetravelninjas.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9713e625ad93a80ef6e12607d682c868
.thetravelninjas.com/	1970-01-20 11:22:35	Name: __gads Value: ID=a9c8ae13fd0dbcea-22cba4096ccd005c:T=1648859787:RT=1648859787:S=ALNI_MbSfpRQU5IA5ODV9jFcty_28Y-Evw
.doubleclick.net/	1970-01-20 11:22:35	Name: IDE Value: AHWqTUmsaTCF2eoJ2z0d0wKML1hBm-polUUri-Lz0G-fvjrWbsrheUEnU_09I_GBkUk

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://creditcardgal.com/wp-includes/css/dashicons.min.css?ver=5.9.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/plugins/wunderground/assets/css/wunderground.css?ver=2.1.3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/plugins/WPRzComparisonPageCreator/affpagecss/affpages.css?ver=5.9.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.0.4 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.0.4 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/plugins/wunderground/assets/js/widget.min.js?ver=2.1.3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/jquery.js?ver=5.9.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/plugins/WPRzComparisonPageCreator/affpagecss/affcompare.js?ver=5.9.2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/plugins/zerobounce/res/js/zb.js?ver=1.0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.4 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/uploads/2020/04/cropped-Credit-Card-Gal.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/uploads/2020/05/american-express.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/uploads/2020/05/bB1ahh.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://creditcardgal.com/wp-content/uploads/2020/05/YkMS7p.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
creditcardgal.com
creditcardgal.thetravelninjas.com
csm.eu.criteo.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
creditcardgal.com
142.250.184.194
178.250.0.139
178.250.2.148
178.250.2.150
2a00:1450:4001:809::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
35.239.56.166
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
12e46c86139b49c609b8df490090b67dd1c736e6d76b4648297b1b044ce1e309
1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882
2bbde16d7fbf5e40f2a1c0360540ac65ac1a282069a577a00b29d27b7ba70010
2f56aa722f497580a1828865120de01de1f514297d5fae3dda70624171f810d5
2fb62e42c955493af8927d3c4456eee35815435a98b2420edcadb50a28e3f0f5
36b05fb5ab41ba80b28588ebee524996c96a42cc2a2e65ade06cc351947d9ac0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ce4e7da5365d23078712e621e5d28280c08d2fe0a826144660334eedd23522f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c64f4a28af6deda9d463ef15de6647cce26e705b370326c77af06d23894e5e
672da4e517eb1a56dae657a2ebeffa694b1611a783cddff72a4790e38a80cd14
67c4d5698cd26970bc799d9c347c595265ade87b75312f4a3e0413a70b37a706
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
73aca396084254257f3a1c8b59275f10234355f87f062a9ee935c7b2f5d75d27
73dfdb0f78c0e9eb956b342c719dbcd522852920a420f6a48fba00eb039656bf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
994afd8d6666f055692ce2b6f4d2f82abb00a1effce5dcce1dc961ddcce17330
9d210ad0cfaaef244a786d9e397f4f14845fc044a2563edba9f35538329aa315
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3a8e543082bab8820b7d35b235d65509a16ca974fe4f5ae03358987f0db831f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b25f5858b0297dc7fc1c54da8b80eaf385617341f32546b78c01bc4df6082604
b46a7f2acd8995e718490e8d7949c2ad4a535f5923383926b327d437f075bf37
c80cfaee8bb1f1d6aeb2385f094df2e5de924eddf98384da420fecb4fec1343b
d13acbdbc348e28073295d477b67e459f6317ca8397429a65a822a62fc1a4b38
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4679b454701662dcfba44da4dfd7a161698be4aba1aa232f9e0af291947e09f
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fea8ed52e80f15aa98ec5496ebe3f7a7486f65b3b6e894dd20f57cd8228a500f

creditcardgal.thetravelninjas.com Open in urlscan Pro 35.239.56.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

65 %HTTPS

67 %IPv6

10 Domains

16 Subdomains

16 IPs

3 Countries

519 kBTransfer

1301 kBSize

3 Cookies

18 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

creditcardgal.thetravelninjas.com Open in urlscan Pro
35.239.56.166 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

65 %
HTTPS

67 %
IPv6

10
Domains

16
Subdomains

16
IPs

3
Countries

519 kB
Transfer

1301 kB
Size

3
Cookies

74 HTTP transactions
1 data transactions