www.pua-unemployment-login.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pua-unemployment-login.com/ohio
Submission: On May 10 via manual (May 10th 2022, 8:37:44 pm UTC) from US — Scanned from DE

Summary HTTP 180 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 25 domains to perform 180 HTTP transactions. The main IP is 2a06:98c1:3120::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pua-unemployment-login.com.
TLS certificate: Issued by E1 on March 19th 2022. Valid for: 3 months.

This is the only time www.pua-unemployment-login.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:1e00:1e:6a6f:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2.22.33.149 2.22.33.149	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
8	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:4800:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	184.87.213.205 184.87.213.205	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.157.4.90 108.157.4.90	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
7	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
12	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
3	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225f:1200:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
21	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:212... 2600:9000:2127:9600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	174.129.16.30 174.129.16.30	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:26d... 2600:1f18:26d4:7e04:a495:bd3b:3647:1ec1	14618 (AMAZON-AES) (AMAZON-AES)
12	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.157.4.52 108.157.4.52	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
180	37

26 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

www.pua-unemployment-login.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platform.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1e00:1e:6a6f:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.22.33.149 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-33-149.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:4800:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.87.213.205 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-205.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-90.dus51.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:1200:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:9600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.16.30 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-16-30.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:26d4:7e04:a495:bd3b:3647:1ec1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ipds.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-52.dus51.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	100 KB
27	googlesyndication.com d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130 pagead2.googlesyndication.com — Cisco Umbrella Rank: 95	119 KB
18	pua-unemployment-login.com www.pua-unemployment-login.com	375 KB
16	adform.net track.adform.net — Cisco Umbrella Rank: 3865 s1.adform.net — Cisco Umbrella Rank: 8427	168 KB
11	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1327 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2750 odb.outbrain.com — Cisco Umbrella Rank: 1442 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5708 mv.outbrain.com — Cisco Umbrella Rank: 3326	112 KB
9	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7544 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487	159 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9163	3 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187	197 KB
8	foremedia.net platform.foremedia.net — Cisco Umbrella Rank: 188956	9 KB
7	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4142 log.outbrainimg.com — Cisco Umbrella Rank: 2136 images.outbrainimg.com — Cisco Umbrella Rank: 1997	30 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	147 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3290	70 KB
3	cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 7839 obs.cheqzone.com — Cisco Umbrella Rank: 5035	20 KB
3	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1382	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 46884 go.trvdp.com — Cisco Umbrella Rank: 43463 s.trvdp.com — Cisco Umbrella Rank: 45366	187 KB
2	adrta.com 1 redirects adrta.com — Cisco Umbrella Rank: 1679 ipds.adrta.com — Cisco Umbrella Rank: 5060	971 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	106 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1429	63 KB
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 5451	739 B
1	gstatic.com www.gstatic.com	773 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 39518	4 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
180	25

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
18	www.pua-unemployment-login.com	www.pua-unemployment-login.com
16	tpc.googlesyndication.com	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
12	pix.eu.criteo.net	ads.eu.criteo.com
12	s1.adform.net	track.adform.net s1.adform.net www.pua-unemployment-login.com
8	mc.yandex.com	2 redirects www.pua-unemployment-login.com mc.yandex.ru
8	securepubads.g.doubleclick.net	platform.foremedia.net securepubads.g.doubleclick.net d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
8	platform.foremedia.net	www.pua-unemployment-login.com platform.foremedia.net
6	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	csm.eu.criteo.net	ads.eu.criteo.com
5	log.outbrainimg.com	widgets.outbrain.com
5	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	widgets.outbrain.com	www.pua-unemployment-login.com widgets.outbrain.com
4	track.adform.net	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com s1.adform.net
4	www.google.com	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.googletagservices.com	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
4	mc.yandex.ru	2 redirects www.pua-unemployment-login.com
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	secure-gl.imrworldwide.com	ads.eu.criteo.com
3	rtb.nl.eu.criteo.com	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
3	ads.eu.criteo.com	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.pua-unemployment-login.com www.google-analytics.com
2	obs.cheqzone.com	ob.cheqzone.com www.pua-unemployment-login.com
2	mv.outbrain.com	widgets.outbrain.com
2	mcdp-nydc1.outbrain.com	widgets.outbrain.com
2	www.googletagmanager.com	platform.foremedia.net www.googletagmanager.com
1	images.outbrainimg.com	www.pua-unemployment-login.com
1	ob.cheqzone.com	widgets.outbrain.com
1	code.createjs.com	s1.adform.net
1	data.ad-score.com	s.trvdp.com
1	ipds.adrta.com	ads.eu.criteo.com
1	adrta.com	1 redirects
1	s.trvdp.com	go.trvdp.com
1	odb.outbrain.com	widgets.outbrain.com
1	www.gstatic.com	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
1	fonts.googleapis.com	d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
1	stg.truvidplayer.com	go.trvdp.com
1	widget-pixels.outbrain.com	www.pua-unemployment-login.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	go.trvdp.com	cnt.trvdp.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cnt.trvdp.com	www.pua-unemployment-login.com
180	43

This site contains links to these domains. Also see Links.

Domain
www.outbrain.com
www.amazon.com

Subject Issuer	Validity	Valid
*.pua-unemployment-login.com E1	`2022-03-19` - `2022-06-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.cheqzone.com Amazon	`2022-01-22` - `2023-02-20`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.pua-unemployment-login.com/ohio
Frame ID: 81D8F2A13A146199211D5392F7DC49C6
Requests: 76 HTTP requests in this frame

Frame: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DC2F3DE04A9B95F16EA456D65B3379D2
Requests: 1 HTTP requests in this frame

Frame: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA0665E1674C7BCDEE7B4C2ADEE991CC
Requests: 4 HTTP requests in this frame

Frame: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 380A8461724625E142BAD41632F5D0C5
Requests: 10 HTTP requests in this frame

Frame: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12D6942D814AFED22F0017FB06DE62D3
Requests: 9 HTTP requests in this frame

Frame: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E1B1A8C25E7DF5578D478DEF4852D56
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeUHg4j4AAxBULdj5rIh4qu6MKDzrA&u=%7CB9ShcX1DkPpiVdGon0s3FcwNDPnAR9OQJtHZchFVCso%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3F43m2ZvVguMgR8HxIBqOfzKdeNvxoYPjuGtYVWpxol9TCxq8DpRHuTTUECIaUdWocdQx6c29NJs538babgIYT38VEb6dmSdkdCDR-wZc8YhluM0-F3GWvrriMuJyaYSwaNdinN7BmFZjqtzzBA03xzLTfLDg3hPaJa6WDggoFxqPTTbl8cFQg7NVQ7CszNoiNZVQ-kGc4U2tvYlietuRFa23X4GYDJBvAmFVpubiZwliZX8XOV2oRe_kMtnv5yRwA5DoVIHZdztuOwwZCauFn7WE1O74uslwIN8WKKStzYML5zO6gG4minvoisORKdD0g2cC-42KNyEF-JdhvO2T4DqHJNIBLSEng6FdTbJPG_Auzsjr3rVqEM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2ktwEs16YuXzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEigJP0JLKZXEHgSW3nwFeoQEmGzaC-y5U65jQuvnscy7SqGeTHPUHI50kl1QTa6xaYhLxPnDpc7bmlXTI9KJ_-IQmso5qtU8YvyvDBZMTOtcDqB3xDH7vki5OhvSWdAfuGkC3zwMsZ_5Ui91d32k4iNw4c2RdY71aUMEKt2kOXk7hm12LzqdhsgsWLxNZbMqGYaogEibk21wp-LDVxSAFbwrj7LPipZKDF5iOD6V93NNCzpXHdxVANsmP4nch8P_oxwA66DIXV1NuHaDpNbAyeZXx0Sa3yLuzTSNz7ZbXj9MlOTAsxwQhDLZoQxfepz9pQuwb-lWf9-h_MwsFqDIvDR2KIwhynxc2pFoR6eAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1cIANHSQH_oTpbmrNKedetLH8x-Q%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: 6C2D851CC2285D9795900943127CBE90
Requests: 22 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeoHg4j4AAxBUD35Vh4fw201f6RrSQ&u=%7CB9ShcX1DkPr9GtuUgqN%2BjmRIs42rdK%2Bg81LYFfGYoGQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xQmFH1Rvc9StwZQUKfaPOFa7rXaRvrF3Pcj87aF6o3ru7fkssSk4BFDMRtX6MhLeu8kpiX3GEXp5GpgOYZmcSeUE7AF8fJMvV8bVF8PwMkap_Jv_qVjq6oxi9z16N4_gj2BW0MnN1ws_WWV-EWncs-xJxTWYOzgUVw6h3jyAP0mE8v3YgdzP18ggvq33bCwHsU-1CQbTKQvWaxz_fQwm7pADGBlBRd048CpQAYxo7AeN1ICYFYZK0sQlAM2LF8HApPiT44mYQ74kZsd1CmFKQGYTqUUFBTEJXefwhaFIPn13WxIenoDIEV3K8s-AFHYxJntBQljjB9yNAtzqOnJGygXBRbCo3eQxlO-sKRBaVSkisxCEpBQbN_FIz03lMx7362FcotAeNxiO3WEnd_6eFGE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVIIPEs16YurzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhAJP0PtpMKwBNb8PFxt9_vjOxD08t9aM5vTZ2HKqU3zdZI-VyHSjaMvFHAvDVrCgqPIe6Qq2TvrVHHviTbpZwGXuMyYJooYo3Xmltyd9w-T3qnJBRqaWw_nghm-q3FkIzrXnPg1YLwgJAe9ywYjiaLZbubYHs0Pxh14ecP8FzQR2NUwl43p_7TfQzAu4Zu59EmDNak2jDDGv3IonOKcOBU8vk3jmy1p_ewD84uPIHRvsfFy18fPuKUly6IRnO3ju7o6eqezV6dc-W5ew_tPUAe7OnEESPnP-RgwrFNQ35sO8Kp0z_14jtAU2eq6gUNHT3Ev1Jrv68kIZEieBsCv3zDd2GaNja-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1IBw_DSonqTu-23Rt2SX698_XBew%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: 23E07FD6E017B07D0BC07E843F44B783
Requests: 13 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=54958152;rtbwp=YnrNEgAEOesHg4j4AAxBUA4stJpzTDCRW8sWFw;rtbdata=jMNqeDmYZHj1ZWqiLebJoomJ6j340_POjJ_N6O06xmPennmfNRiEo3ka8hPpbBFeB0Zv1VhWI64-u9NfcUXFn5I46W1du-_SRy65gPX5_fPN2mQVv_61wgFv_3CBxlGPIkbduINLTsNvRfAZKCm04jYJDlFPdyhrqerasIskYcMb_SLD-92ZP3GKWmtTriCtzAD5wNSrbhfZt8qTfVW1H96-i_obfT1F4K8DPMfHPsiXcVj9FCod5ivBvrwRSrZjor8g8xjG6XBolY1DvR3PyHogzW-FlRZ0p2i9wxCJiUEP-LdFTa6D-_SVq2sSBH4d10e59jRRZMvpfzsDp3jajBKlEctiPOln0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=ClCn8Es16YuvzEPiRjuwP0IKxgAjEs6CUXL7QuIXlAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi03MDExOTU4ODM0NDEwODkxyAEJqQKxc5N9pQWDPuACAKgDAaoEhgJP0O4fcjFK8oPFt-q9mBNqn3WGheezV4ynH8D8aNpdc7hfQKrAjibP3fujqkCm5WqUZPVdTklLNPdsQh4MRs6CvZxotrA7IVpJn3rbBupgQtg-KGMCurP2Yf1dHBsLl8FQwDxwLukeIRimDY8mteZPQ1V4JseZPMEMlMXHY8pt7ubtm47Rk1ixu__fOFoJS93Nh9eboUmwDs7E0YmmnTVsXHp7aK8v3O9AS1Q90xC1xen5-pwP-DFrJ3VaMyNZzcPA6mypV-kVJ-0bCudQMcn22n113FSYcO_DqaFED8BBAHdtwVrk1Wzl4dq66ZHydrqt7O5Oc4cq-zvl3NWFN6Y_8vEZwRFI4AQBgAa05_HM9ufFyV-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_05c8uIOdTemygGX0inhLpilN0etg&client=ca-pub-7011958834410891&adurl=
Frame ID: C02344A9194AA2184119B96AC3819514
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOecHg4j4AAxBUCBFKCfRqJMwy_uiFg&u=%7CB9ShcX1DkPr8FaPriBADfdeqR0TTwMTzcfxd6k2vYWM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5HgB65sIa2ZfT8cisJFKfDLdlwbGN5fjIhLxr4UO-VBjJjcfY8PaTEqcFumVa1Thb4CAh7qKa1WXykQucDoJtP2pg323g1bHk4AiIV-nTgjty9uwvnosDB7JZ3fYl4sdS6ghU15vYcRPuZaacbbCUfjBMnuIaKz0ZKDSSLTQoDHAAZVzhV3fEcM_yBReVhKWTaKLNkvaHg9bbR_wuc1rsrEWKcRxdDifLWE4w6ypKcEog7mjps6GYBhv5dN2kUaop2HlB0tmUZJ-m27eua70DJuVPReF4MI-qJLDF7OhakfPmC8tSZOFRTRl6PlbD7-OkMPMQ9xuaa4krv5ltGt5KY4d8tKPjFVDOvYlsVm97W4HKKX9EKJHYJpJEmJxm9xDGvjHE12Uwxoq2-m--jh4rHs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlqjEs16YufzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhQJP0Pqhi5dP0kn9AZc_B3LHC9ATlPl1gPm5vfNE51FqlIQ5wXcrUd5hHuFVpRCsw5ihVhChFZfSJYXf7PknTXFyImJmfBR8LhljdX5Jt226xrL41GHLzci2SjQSebVqOR7up2fQlJM-94cHz2CIzzzE_MbALWtUJkTKkJAcWtjvQ1tUM6-spbcrQNymNNxluFOr00VRchDMf8WmxHMbSxIjbI80WBPCA-HFDhS7B6X1_l7-UwnuiBtQ6sovCVVNiuL1kwAYnhKARUSRzXdX83CWF6oHoU6_yRdOx_b1hN9UwMNgn4S801kdWfWf8e2VHgDjbsG3-umrHQ81mlj8jPgNupNkE5fgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3nO5tjF22iQhRNoGSLPjNLRYJWKw%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: C1EFB163173FE2FC4C307FBBC5165334
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/33029/11213523/11213523.js?ADFassetID=11213523&bv=258
Frame ID: 391332237E107707595A0D7CE9ABFF86
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9B880E5B85DD6F24C43F6808F4316B4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1238D06DF145155F503C58CB690779D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - PUA Unemployment Login

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

180
Requests

98 %
HTTPS

62 %
IPv6

25
Domains

43
Subdomains

37
IPs

6
Countries

1907 kB
Transfer

4944 kB
Size

27
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/goldbox?&_encoding=UTF8&tag=morningdough-20&linkCode=ur2&linkId=addffa3820d795ad48814fb7181eb8e9&camp=1789&creative=9325

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Coupons/b?ie=UTF8&node=2231352011&_encoding=UTF8&tag=morningdough-20&linkCode=ur2&linkId=f770b179aa1c5f37c8dbab4b21375abd&camp=1789&creative=9325

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00R20MPW2/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00R20MPW2&linkCode=as2&tag=morningdough-20&linkId=7d94b02402bdd3500a59ca44da8ed8e8

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B004GJ6BY0/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B004GJ6BY0&linkCode=as2&tag=morningdough-20&linkId=ead5bcb530e5125f4b2a9dbb36190172

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mc.yandex.ru/watch/87761349 HTTP 302
https://mc.yandex.ru/watch/87761349/1

Request Chain 43

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9634.oTzAp-XijAnWVjVAW8JPGzppBorX584BsIrI7EmLWcOgO8_4_7rRy_7myee1MZ9E.W5TAmCuFG98JmIXZ460nUomDJfg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9634.6ezb6-7Z2EDU6NEiTEyH6yJtmhst0S3FSnL9a5AXEutDB6zHN0rB1eDbFOLfXkr2XL5dv5B3SnpO_NRpn8XnEd3MnRL8anQwt3p_q3XXL-o%2C._pZVsSC0YdqpvpqV1jQbHenFCTA%2C

Request Chain 45

https://mc.yandex.com/watch/87761349?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1339%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A343134305818%3Ahid%3A273302223%3Az%3A0%3Ai%3A20220510203738%3Aet%3A1652215058%3Ac%3A1%3Arn%3A989817936%3Arqn%3A1%3Au%3A1652215058347808380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215056544%3Ads%3A11%2C186%2C756%2C1%2C0%2C0%2C%2C407%2C0%2C%2C%2C%2C1507%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215058%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1339%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A343134305818%3Ahid%3A273302223%3Az%3A0%3Ai%3A20220510203738%3Aet%3A1652215058%3Ac%3A1%3Arn%3A989817936%3Arqn%3A1%3Au%3A1652215058347808380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215056544%3Ads%3A11%2C186%2C756%2C1%2C0%2C0%2C%2C407%2C0%2C%2C%2C%2C1507%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215058%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 99

https://adrta.com/i?cb=627acd12d2b805bf2139c6557ade07f1&clid=co&paid=co&avid=1906&caid=278118&plid=11018983&publisherId=2892&kv1=300X600&kv2=https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/&kv3=64571a1c-8225-4f66-be15-090419c33bf9&kv4=2001:1b60:1010::&kv7=317&kv11=627acd12d2b805bf2139c6557ade07f1&kv12=70287&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&kv24=Windows_Web HTTP 302
https://ipds.adrta.com/i?__x=HFLFHFKFHGJCIJHBHAJJJONNGINLHLHGLGHIG@FNLGIIKFJNMMGBNIGFJQLNMHLGFIKPKJIAGKJJIFLHKOJKJBKMQJIFGOINGHGKFFHGJBILKGGILELQKLG@HBEBH&cb=627acd12d2b805bf2139c6557ade07f1&clid=co&paid=co&avid=1906&caid=278118&plid=11018983&publisherId=2892&kv1=300X600&kv2=https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/&kv3=64571a1c-8225-4f66-be15-090419c33bf9&kv4=2001:1b60:1010::&kv7=317&kv11=627acd12d2b805bf2139c6557ade07f1&kv12=70287&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&kv24=Windows_Web

180 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request ohio Show response
www.pua-unemployment-login.com/ 46 KB
11 KB 954ms
756ms Document
text/html 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e781551b26f8fdaaa828b555b92cf515e8a481a92ea4f544c25a982e7b9f75b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 70957948bdb5695b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 20:37:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 11 Jan 1984 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyE8%2BpvNCJwPjykFV7RFt5lifctDN5ubSxbybwz9DHUEcfKEPY8aPciiJ%2B2Pp6JfvuMbtq6RFYQOUmBYVsixIAymGe8rjCm1gww6doyW245dT1DC5r6Z%2FQV%2BvQMhGfTNDJEHRA0dtcUC3zVGSjVr9ChUDbcfi1%2BT6EMariM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
x-cache: MISS

GET
H2 200 analytics Show response
platform.foremedia.net/code/8428/ 1 KB
1010 B 175ms
117ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/analytics
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb02060fbb2cd5a6affe0d185aca6d9227a2c2fc53cd7b5be44ca9b95f2cec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaOtlcmjHc5rje4S1eWn2gxrEiFer2VrMVHzkAvCIfmjzXovTb73NwLBpk9HZ0xuLczgmq4RDYGU0lWKY8kqdSyjgWECRCEzVuF6dmoiYZHZwooSQy2PzFQtHfYL88NPHqE2r%2F8P4wmqHlER%2FbqJk2omy4ZA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 7095794de8565bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5681.js Show response
cnt.trvdp.com/js/1319/ 6 KB
2 KB 143ms
34ms Script
application/javascript 2600:9000:2156:1e00:1e:6a6f:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1319/5681.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1e00:1e:6a6f:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4257ae7fef496cc1b81dd5e2fab57e8c938400c10b11566bf3a7fe41ff622f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:39:48 GMT
content-encoding: br
last-modified: Wed, 24 Nov 2021 17:29:03 GMT
server: AmazonS3
age: 14439470
etag: W/"067d663d6cf48d47cd216775910d4fbb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PG897xfuoazRMsC0VBG7t5_6bT_Itr1Ypd_fU4uFoga3CzChs8yZKA==

GET
H2 200 style.min.css
www.pua-unemployment-login.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 202ms
201ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 09 Apr 2022 09:46:05 GMT
server: cloudflare
etag: W/"625155dd-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acfuYUWqw5PdlxFoiwmZ0ROlEf4wo7YqJJ57FfC%2Bzoog3dw3AWYBnc5i0vChHMDyqLTdV0408tDPBzIVJ6cN4AZJdwu4RDJBvNcySvOrZ26Rkx5UyfcX3LAUF1ledxuCMjyHmi0VHsOgo1kEjlnNbIEt3fbWEEF6q0AGuPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794d8f9c695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-options.css
www.pua-unemployment-login.com/wp-content/plugins/widget-options/assets/css/ 1 KB
591 B 214ms
212ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 03 Mar 2022 04:50:58 GMT
server: cloudflare
etag: W/"62204932-416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GltfD%2BfBpI560jeGhQ7F78k9C2ofX3%2BMftAdnIZclIVkZEMxrvJcCL90pYgdzxxDRXJ4FS1mr9L7Io%2BkBhi%2FLHR4LpAMSfeHu4UVdbQD1NgArsEpqqbLstRdh0XM7e0lCBC8PHxRuDDQizXCalsR3iZb7e9f0sryd%2BeuxVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794d8fa4695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/ 73 KB
14 KB 211ms
210ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/style.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16d8326116bc400f710c0fb751e4c151e84607f53dbc6ef0d7763a874998f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-12466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGFUCHbN2H1fgCZ08yPVtGUMoksUfy7MXSykbXhHMhm4fdYveAZtp3nhhwMbvV62%2BzQXCyGBx3oJCrVTkzteEamb6AZA%2B%2FfJxO%2B5ttsxD5fkHUBM%2BSLaE6IEGHVmPhuJjmo%2Fswp71TMi892lsfBYLskEWschy9vHegi0YQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794d8fa6695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/ 7 KB
2 KB 200ms
199ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/style.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4c85ed7df11b6e808802baa56fe5f5d4edf3fa3fa4b141a0907e41be4b7be79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 26 Mar 2022 05:10:16 GMT
server: cloudflare
etag: W/"623ea038-1d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kz5Y0jJSJsp7Y7yaNAOIs2jFJC6gvhBz2cVgO5gcb2xKzRK56Ddp8%2FwgtYtJmmEO%2BmDshwmH88xBhuSq8Ge1m3C%2FjEvUy5LsrxJ%2FA4sVjNIoZvh7pWgKJmk%2FUL5ZzPyqZa9yccgamO7oxc3xRteFKeN2dl3K9krBBwc5WIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794d8fae695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 genericons-vfbebe6833240b44e5b7683d3f72df194cc085824.css
www.pua-unemployment-login.com/wp-content/cache/asset-cleanup/css/item/ 28 KB
16 KB 287ms
286ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/cache/asset-cleanup/css/item/genericons-vfbebe6833240b44e5b7683d3f72df194cc085824.css
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daafcea2be239153d008ee199e76693625d34e974bacea85cf393dda0f8da096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 08:15:21 GMT
server: cloudflare
etag: W/"6278cd99-6fb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNT5wESmFhsEknkl1YXz0M9OXUVkBStU%2Bs7kMNlKXW41QNQcu%2FOU56X5Jxm5N3i6XecJkSGDkAjUcUsiug19%2BtT4c5iQX2R2tRYhVWmlGDtMk%2FUfG12sfit%2BskmQxaCu3vmUzcmCSAWyaImzfinwKfJOIP2Zf4SnRnE0cU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794d8fb2695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/ 7 KB
2 KB 205ms
204ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/style.css?ver=20201208
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4c85ed7df11b6e808802baa56fe5f5d4edf3fa3fa4b141a0907e41be4b7be79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 26 Mar 2022 05:10:16 GMT
server: cloudflare
etag: W/"623ea038-1d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daDZpME64hum2Qf%2FQo%2BjF58KimLUCDg7olGqacPDqm%2FUuI1CzD5SosH5xYfB9z66ux8Z75RUt%2BoEvr4go0498HWzWp4Te2Ur2bEo5AvcBzXUyPEdlm1FP7hDrRj7bLPUKFiQ6mYx8N7Xi8vT61%2BjoQ5nQSST8SJ87PySVgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794d8fb4695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 blocks.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/css/ 9 KB
2 KB 232ms
231ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20190102
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ae55eaf1a6ad0b0e57074a1699c9024be2fcff537128e887ca3b8db516d489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-241e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Cm8UWunRW4I9c%2B14Y62AqQoR10wQe1lPYsY6zcVi6KJSkMVSsH4rTpFrPnPrMU7%2FGG2tHGNZmRWCunI19EPwWX8fBbzoVs%2FU%2FmW7apd%2B%2BnQdLh1Jg0LByCnTn8eJ%2FmZ6YK2rghYrzdMRkTAJtsFOzq5jN8%2FxlwT8s0sxB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794d8fb5695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
www.pua-unemployment-login.com/wp-includes/js/jquery/ 87 KB
32 KB 288ms
286ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 13 Sep 2021 05:11:34 GMT
server: cloudflare
etag: W/"613edd86-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcbanjFRZZvvLeL7T4Bd43pAG8vZ8JGzmj6TPuct1u4F8MbOBHN2CX3tQJnPTini19PsMwHgF7mSbMhYqgsASx6uwSVp57R4H7TGXGk%2FaFMZx4eomZy%2FodX%2BacdCgU%2BisVGUuTP9X9TYDnq%2FiumrfeLwWPg6nOnCmCYvuxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794ea9349201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cropped-PUAUnemploymentLogin-logo.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/09/ 4 KB
5 KB 30ms
29ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/09/cropped-PUAUnemploymentLogin-logo.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93fbf26c7da3d17b1d602ee05d91d63af89666e1c7df99fa9ea7656973102c9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13098
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4036
last-modified: Mon, 27 Sep 2021 05:30:47 GMT
server: cloudflare
etag: "61515707-fc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQumAP23d2El68JoDFmhj4PoOrUPYYoWw46u8tE%2FXesTSEYU4PclC0zIZKhFhoX8xzaoSei3jrm9uDVsdcdqz6rC9JAT%2F7OjM3Xbp5bfCtEhX39f6CLRH0Mdfvb9Ydvb5dxSoKfMRVbVCjPv%2BXvhi2Ulbd2KtJGiP%2Bo8Aoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7095794ea9359201-FRA

GET
H3 200 c5 Show response
platform.foremedia.net/code/8428/ 1 KB
990 B 167ms
142ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/c5
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccceafbf83aec903f0974b23f6c94fac56cebb332adc6d7fb48f4d957ff6329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5flEmYtyweKOf6RPAKSTjoUOsx1tt%2FYwlUWTRMufdsj0vdGCxy4dsEGtAIMiIp01074KojK9wfVConLK52hPzYQfCCXJT8z1CqWTB8URAj%2BjA1NHc%2FCHFuSwIxT23u%2BmPTesxTewPVsQ3Cd%2F4M36ISImjYAO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 7095794eca248fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 199 KB
69 KB 982ms
849ms Script
application/x-javascript 2.22.33.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.33.149 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-33-149.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0f5a0cc806846ed2f58fbb2740c4c7ef9ad190e401368493c1442b7dcc9eecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 08:07:53 GMT
etag: "17-JFnhdNKXF6rpRO6vlr0R3LvmkLE"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: b40a1e7c98d8d64c8f8756c048a5eb48
timing-allow-origin: *, *

GET
H3 200 c3 Show response
platform.foremedia.net/code/8428/ 1 KB
990 B 172ms
147ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/c3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da524ab3b63b0729cef49c40106e10fe0f23483c0a761355cbbb7ee3742ccc28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk8NKuFo8WFTt97omBCE%2BgQtVfMtH%2F96euA096gOHdA0abi0syzeoyOOoT3U1TYU%2B%2FJMtPNWgvp2An7hsLuLue65GnYgLotdGk8k97B0f0cnug9%2BaE2etuJC9zjjYZ%2B84rsowhKyNZx2TfZ8DGWTM4PP%2BvR0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 7095794eca288fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Best-Amazon-Deals.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 55 KB
55 KB 388ms
387ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Best-Amazon-Deals.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe6a6b5b64bf6ea1a25fd5aa7c736f971111fa066ba856cde47432d02dc263b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:52 GMT
server: cloudflare
etag: "6072f1d8-daa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9NLwFrYy2Oy0cSEfERk%2BKNeaUWV%2FozUeqRFViKaa7Bbg0T%2FnjddsBx0Q%2BWTUHFEdCHL669DmUqW6Bu2a5m0CGJe6UR0vZ17Y1Bf4rhKAnzL7%2FpFKFG0cgO8dd31A9Ho1Uq1AwwCXWe2KmIL1IcK360LBkPXldqqw4a3ghY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7095794ea9369201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55972

GET
H3 200 Best-Amazon-Coupons.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 75 KB
75 KB 388ms
386ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Best-Amazon-Coupons.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40143e736f525cb284279c368de9f5a44ab9278dba7911c1157d5ec0ba0a810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:52 GMT
server: cloudflare
etag: "6072f1d8-12bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAK%2B6Bbcj7uhlU0mrwT1UIys%2FhRdLKFog3KStXM7HHURkNmFOLjcfzPKZt75XWI4tkA6ZMwY3TikGmPcsHtwMWusIcDou07Fxd14HXMCqm8mtDo7MeTHpjo%2Fh9pZgQn6gB5lFlUs%2F20TtaXC2hNbXwiJEuuL%2FFjiHcVEdqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7095794ea9379201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76715

GET
H3 200 Amazon-Prime_Now.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 49 KB
49 KB 368ms
366ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Amazon-Prime_Now.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df174ce03e6a22ad812e3301fa1cb4c94bb1c8fc36690e4077a958c4446eabb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:54 GMT
server: cloudflare
etag: "6072f1da-c398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gll%2FgIuhPO%2FUOxgoyxKSWKZKZajRpuTSjNfxBITqkyF7G0t9cP2nbD9PQ%2Bme%2FqZVIH7kFY8X27wSFZ6yTYLTgQcfFht4R2plNjFDNnF87lQagVEi875RZfk3HjyDQqoJENgiQohG5t0ri4vK0cnKQUi5NC8ZIgurKLMKrFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7095794ea9389201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50072

GET
H3 200 Audible-audiobooks-podcasts-audio_stories.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 56 KB
56 KB 418ms
417ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Audible-audiobooks-podcasts-audio_stories.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e467b8cb04f6f34bd50fa7f2f15a21d229f4403a8b88b25456219689377819ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:54 GMT
server: cloudflare
etag: "6072f1da-df53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WROQeq936pYjUGP9yd6aSYm5fZiRhHkHTqOU1X8stk3Og23sJbiCwb8GzJFrqbCtW3wV9VoF1FjNQ9F834BQdEtPTkYDo%2FIL1PBL9%2BkXEZqfIE0HuhA1Wh2pZmrsxkyZIQ4RWefFbQeVHtujDWHjnLma5tO94WocV2ghTo0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7095794ea9399201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57171

GET
H3 200 skip-link-focus-fix.js Show response
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/ 1 KB
1 KB 208ms
205ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e1f5f3bcc04d296fa4bd24e268a974667ea40eaaeacd747b0865b4595d33ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrzXXLjjjAU1GkvJMUZHHY1vAIDw64EsAUkDeSnkFkRKuCaE%2BctP%2FOjrTLgM0zIQdkOw0cEBB7a%2B9550w9fubQP4%2FmX1p24qO8rYo%2BAVkj8iqNl1wTSwiP9%2FNzp1qMjRDuV7tGqacL0HYnnKgo%2FjzvAQOYVk3W9nzoE4qsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794ea9319201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 functions.js Show response
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/ 7 KB
3 KB 202ms
200ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3616341a626ff768304cda8ac64aca4a6552ee71d542f2f5db100605ec798548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-1d76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dc0wsxHHgzqPEr%2FGsJEX%2BBwOwPLYkmvOvZMT4S1KO0keN1mRNFiuyOcvMMkQRc89U8dr2XKhmazByalKNeqTKGJERbbTsyR1m2HL28Cqx1KZ%2BVRuFQb6H8i%2Bq5%2F3GHbJ3Pyn4P4yje8Hh%2FpIbX%2FTc3wSPeJpDr1JpajqFPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794ea9339201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gtagv4.js Show response
www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/ 91 KB
35 KB 312ms
311ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Mar 2021 07:37:06 GMT
server: cloudflare
etag: W/"60506022-16ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv%2B161G7yizCYFIduTHVDA5MjEDeC7yWskX2gHFenZK4%2BYNAFgIVj2TLq6KU11WA%2FHprgPPhy0J87BMf4krMHxOsHOMJiAr68KgHp7%2BEwYAW7xBTvKWqKs%2BZRrCqevKebdgbSsMF8TOyEoEHqy6iMZn1jusxssXKOIs5BCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794ea93b9201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 footer_float Show response
platform.foremedia.net/code/8428/ 1 KB
1 KB 164ms
140ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/footer_float
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b69a3dd2271ada2d50dfe7bfaea402e8ae9d830cd245e34fac2437ca33158d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9VW8ZLmvgRVcUZnbuipsIzS4fPaDJrIFV3mbzlho3F%2F%2FiPPlHlO%2BjcSumnRZXC40YJ2jlDJD7Vil9zVpAR9ogEBekMdbDt8N8vStO6dvFZx3IHAoPT2GMztkBL0gmmXY0T6SnHhV16foAR8Kdj0KakMLlGf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 7095794eca298fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
www.pua-unemployment-login.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 46ms
45ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 May 2022 02:56:15 GMT
server: cloudflare
age: 13098
etag: W/"62748e4f-2063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE9Q6i1aH45K4WLfLa5kkMHv9sXoM3zM6hRZ7ruXaNFyTiobhAwwEjCt%2FWU9Q4L96gEkXeZp6%2FiPYCXjcGayjlxPV1ikh17yXQ6rpzotbHftIMWnp%2Bid0iMEkLLuP3L%2FMhfn00XQGw61UpDAS7DkLZZwjZkMKEYg9Dx7juE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7095794ea93d9201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics Show response
platform.foremedia.net/getcode/8428/ 8 KB
2 KB 175ms
152ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/analytics
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/analytics
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d637341e9d6d89752d08ae604391544a79e884fcb68c56a617c700b906555b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEFrk3RgJATKost07u1uNyTdCiZjE7w9pKuEBi2IL%2BsJ6ObK57lxG8cvckPoBVwlz78TOd2I%2B%2BkiuhCMmuBqjpgT5tXXCB%2FPY%2FfiA6ZVg7U4BaX4mV8r0clwKOlZ4QFSacAYZS6PoHyM%2FrimQdLcSLQxqj%2BR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 7095794eca268fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://www.pua-unemployment-login.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 c5 Show response
platform.foremedia.net/getcode/8428/ 1 KB
864 B 136ms
136ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/c5
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/c5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7efc48e5c37e8d392a52637dbdacc1b81c7ba29c8f10cd5a0ddb3cdd3fb180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQvpwlFtOpLFL1RTEKRow1RPQK%2B%2Fj2MqZaIHl%2BMnnvd7tO4K%2F6CXlgCxlsW8GfIpAqlgvIpry2NCDw%2BdI%2FE3ZE6N6Yk78iOw9%2BnWNYLELpnLa3%2FF8TyYjZvVaJcayTbCO1XRuYIIbcc4bu3aVb%2Fq2HCw%2BPmG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 7095794fcc098fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 c3 Show response
platform.foremedia.net/getcode/8428/ 1 KB
849 B 123ms
123ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/c3
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/c3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a9eaebd1e51360e20a453fd080f7dc7ce220eb009c50c3337b41cf1b0db975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ysa7m9fn7%2FXXNWc60fj7eqomU6%2Fl0J2oXsxTUlVlnLZGfy6jGlJM93KVrdByQ1s7gRUn4truNYzXX5AK2G1byoheHZKza0chDnjiW7oh6hX2s%2BzC8NCO72z2RSp5H3K7szgaYcw2EOa0ItA8YJB6br6pt4Ac"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 7095794fcc0f8fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 88ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8428/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4c0e2ad4dd273917ad642ae882a0f486a9563313287be961d1bc4201c04a09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38878
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 20:37:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 115ms
36ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8428/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f63c6de989281851ed59dfa1c06a7eecd4ab37f89453a7dd89150a2e1b8be469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28409
x-xss-protection: 0
server: sffe
etag: "1211 / 877 of 1000 / last-modified: 1652204103"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 May 2022 20:37:37 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 282ms
116ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-1149e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70814
expires: Tue, 10 May 2022 21:37:38 GMT

GET
H2

200

1
mc.yandex.ru/watch/87761349/
Redirect Chain

https://mc.yandex.ru/watch/87761349
https://mc.yandex.ru/watch/87761349/1

43 B
83 B

61ms
60ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/87761349/1

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Tue, 10-May-2022 20:37:38 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:37:38 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Tue, 10-May-2022 20:37:38 GMT
strict-transport-security: max-age=31536000
location: /watch/87761349/1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:37:38 GMT

GET
H3 200 footer_float Show response
platform.foremedia.net/getcode/8428/ 1 KB
879 B 122ms
122ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/footer_float
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/footer_float
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3a4411f186523148f4e4703a96f2259ee672b7b6133abe7953f243f571d7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PudT4XN%2BEE%2F4vR8FFEWo9P3JgYezPae%2Fr4j4yKTvVMMpSMsS%2BV2cqk2cEO%2B3Q4jT7KDLXiwDEDwjvbuaHO%2FdX9gpzLjAs995qYgeFl2BI1xI3lIuIQrbNiTIbDMLk%2FbfTWNbcDRbPX9SPHj5iDny3qRfOj2C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 7095794ffc7f8fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3768
date: Tue, 10 May 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 10 May 2022 21:34:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 83ms
38ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2X191KKTRE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dadd7fce256c34df27a78ae5ea520426e5b17e1843083ad31423dbe4d2d3d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69324
x-xss-protection: 0
expires: Tue, 10 May 2022 20:37:38 GMT

GET
H3 200 pubads_impl_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 60ms
19ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127685
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 20:34:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 139 B
134 B 75ms
31ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

60d0bdebd607dd365b347391a4803f1fbafd132d73f3b959a69c762cce4c1653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Tue, 10 May 2022 20:37:38 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
182 B 48ms
27ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2X191KKTRE&gtm=2oeae1&_p=1644382809&sr=1600x1200&ul=en-us&cid=599232910.1652215058&_s=1&dl=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&dr=&dt=Page%20not%20found%20-%20PUA%20Unemployment%20Login&sid=1652215058&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 69ms
28ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1644382809&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20PUA%20Unemployment%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1893612605&gjid=44024319&cid=599232910.1652215058&tid=UA-182103897-1&_gid=93164937.1652215058&_r=1&gtm=2ou590&z=1387702859

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 80ms
30ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 83ms
29ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 257 KB
30 KB 593ms
592ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1855880218855876&correlator=1478970094934776&eid=31067418%2C44755510&output=ldjh&gdfp_req=1&vrg=2022050501&ptt=17&impl=fifs&iu_parts=21863165165%2C22264204666&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%7C300x250%7C336x280%2C320x50%7C300x250%7C300x600%7C336x280%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C320x50%7C300x250%7C336x280%7C250x250%7C200x200%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C728x90%2C336x280%7C300x250%7C320x480&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2C0%2C0%2C0&ifi=1&adks=201602978%2C2183081903%2C3593666348%2C2311508265%2C574321577%2C2311508267%2C2311508266%2C201602981%2C2967810272&sfv=1-0-38&ecs=20220510&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&fsapi=false&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7C&sc=1&cookie_enabled=1&abxe=1&dt=1652215058201&lmt=1652215058&dlt=1652215057500&idt=673&biw=1600&bih=1200&adxs=-9%2C-9%2C1040%2C-9%2C1040%2C-9%2C-9%2C436%2C-9&adys=-9%2C-9%2C2369%2C-9%2C485%2C-9%2C-9%2C1110%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C360x0%7C0x-1%7C360x0%7C0x-1%7C0x-1%7C1600x6155%7C0x-1&msz=0x-1%7C0x-1%7C360x0%7C0x-1%7C360x0%7C0x-1%7C0x-1%7C1600x-1%7C0x-1&fws=2%2C2%2C0%2C2%2C0%2C2%2C2%2C512%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=599232910.1652215058&ga_sid=1652215058&ga_hid=1644382809&ga_fc=true&btvi=-1%7C-1%7C1%7C-1%7C0%7C-1%7C-1%7C0%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5ce78ae6cc6f5a47d2f4dfa7182c7112adcf159826b81d1724ec4d5e0e1adb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31182
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,5564880863,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,138368298499,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC2F 6 KB
4 KB 137ms
28ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:38 GMT
expires: Wed, 10 May 2023 20:37:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 20ms
19ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

babb18965e9ca0d1953890df5b83fd4d714854b55e5af46dbec4bf768ab534c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13436
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 May 2023 10:36:20 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9634.oTzAp-XijAnWVjVAW8JPGzppBorX584BsIrI7EmLWcOgO8_4_7rRy_7myee1MZ9E.W5TAmCuFG98JmIXZ460nUomDJfg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9634.6ezb6-7Z2EDU6NEiTEyH6yJtmhst0S3FSnL9a5AXEutDB6zHN0rB1eDbFOLfXkr2XL5dv5B3SnpO_NRpn8XnEd3MnRL8anQwt3p_q3XXL-o%2C._pZVsSC0YdqpvpqV1jQbHenFCTA%2C

43 B
333 B

60ms
59ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9634.6ezb6-7Z2EDU6NEiTEyH6yJtmhst0S3FSnL9a5AXEutDB6zHN0rB1eDbFOLfXkr2XL5dv5B3SnpO_NRpn8XnEd3MnRL8anQwt3p_q3XXL-o%2C._pZVsSC0YdqpvpqV1jQbHenFCTA%2C

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9634.6ezb6-7Z2EDU6NEiTEyH6yJtmhst0S3FSnL9a5AXEutDB6zHN0rB1eDbFOLfXkr2XL5dv5B3SnpO_NRpn8XnEd3MnRL8anQwt3p_q3XXL-o%2C._pZVsSC0YdqpvpqV1jQbHenFCTA%2C
date: Tue, 10 May 2022 20:37:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
100 B 64ms
58ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 10 May 2022 21:37:38 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/87761349/
Redirect Chain

https://mc.yandex.com/watch/87761349?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1339%3Afu%...
https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1339%3Af...

338 B
740 B

62ms
61ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1339%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A343134305818%3Ahid%3A273302223%3Az%3A0%3Ai%3A20220510203738%3Aet%3A1652215058%3Ac%3A1%3Arn%3A989817936%3Arqn%3A1%3Au%3A1652215058347808380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215056544%3Ads%3A11%2C186%2C756%2C1%2C0%2C0%2C%2C407%2C0%2C%2C%2C%2C1507%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215058%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4948f3b292cfc7a18cddfa3b4520917c9441680feef4b8266d29219b6de87476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 10-May-2022 20:37:38 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:37:38 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Tue, 10-May-2022 20:37:38 GMT
location: /watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1339%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A343134305818%3Ahid%3A273302223%3Az%3A0%3Ai%3A20220510203738%3Aet%3A1652215058%3Ac%3A1%3Arn%3A989817936%3Arqn%3A1%3Au%3A1652215058347808380%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215056544%3Ads%3A11%2C186%2C756%2C1%2C0%2C0%2C%2C407%2C0%2C%2C%2C%2C1507%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215058%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:37:38 GMT

GET
H2 200 5681.js Show response
go.trvdp.com/init/ 6 KB
6 KB 130ms
22ms Script
binary/octet-stream 2600:9000:214f:4800:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5681.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1319/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4800:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 930eb3f887b0f657812c12b21e1648e6955384adedca8aacab2855ed1d0b1acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:50:39 GMT
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:05:49 GMT
server: AmazonS3
age: 805620
etag: "641671317bf70963ec45e1c50edb6c0f"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: X3QaGt22t2IFNdS-DJRvRpwGEo97EDfK7y9z1TenTlzX3dC5xrHUqw==

GET
H/1.1 200
OK d3d3LnB1YS11bmVtcGxveW1lbnQtbG9naW4uY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 227ms
39ms XHR
application/json 184.87.213.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnB1YS11bmVtcGxveW1lbnQtbG9naW4uY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.205 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 10 May 2022 20:37:38 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31269
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: a7a6e7adb8215d5261c4e854f96a81d8
Content-Length: 15
Expires: Wed, 11 May 2022 05:18:47 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 326ms
286ms Image
image/gif 2.22.33.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.33.149 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-33-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 09 Jun 2022 20:37:38 GMT

GET
H3 200 container.html Show response
d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA06 6 KB
3 KB 70ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:38 GMT
expires: Wed, 10 May 2023 20:37:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 380A 6 KB
3 KB 57ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:38 GMT
expires: Wed, 10 May 2023 20:37:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 12D6 6 KB
3 KB 49ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:38 GMT
expires: Wed, 10 May 2023 20:37:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E1B 6 KB
3 KB 49ms
27ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:38 GMT
expires: Wed, 10 May 2023 20:37:38 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 7 KB
4 KB 245ms
141ms XHR
application/json 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1319&wid=5681&cb=4141.39828217452&pid=4272&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a048be9df8723108966307b161c3489ebd0f16c06b2befada7857425bdea3db4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.pua-unemployment-login.com
access-control-allow-credentials: true
x-amz-cf-id: lnfpvwM8SnkluNQsH2Mb2xSwghyIl94pekfg1Sji6B42iYhsPHerpQ==
via: 1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6C2D 204 KB
58 KB 312ms
140ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeUHg4j4AAxBULdj5rIh4qu6MKDzrA&u=%7CB9ShcX1DkPpiVdGon0s3FcwNDPnAR9OQJtHZchFVCso%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3F43m2ZvVguMgR8HxIBqOfzKdeNvxoYPjuGtYVWpxol9TCxq8DpRHuTTUECIaUdWocdQx6c29NJs538babgIYT38VEb6dmSdkdCDR-wZc8YhluM0-F3GWvrriMuJyaYSwaNdinN7BmFZjqtzzBA03xzLTfLDg3hPaJa6WDggoFxqPTTbl8cFQg7NVQ7CszNoiNZVQ-kGc4U2tvYlietuRFa23X4GYDJBvAmFVpubiZwliZX8XOV2oRe_kMtnv5yRwA5DoVIHZdztuOwwZCauFn7WE1O74uslwIN8WKKStzYML5zO6gG4minvoisORKdD0g2cC-42KNyEF-JdhvO2T4DqHJNIBLSEng6FdTbJPG_Auzsjr3rVqEM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2ktwEs16YuXzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEigJP0JLKZXEHgSW3nwFeoQEmGzaC-y5U65jQuvnscy7SqGeTHPUHI50kl1QTa6xaYhLxPnDpc7bmlXTI9KJ_-IQmso5qtU8YvyvDBZMTOtcDqB3xDH7vki5OhvSWdAfuGkC3zwMsZ_5Ui91d32k4iNw4c2RdY71aUMEKt2kOXk7hm12LzqdhsgsWLxNZbMqGYaogEibk21wp-LDVxSAFbwrj7LPipZKDF5iOD6V93NNCzpXHdxVANsmP4nch8P_oxwA66DIXV1NuHaDpNbAyeZXx0Sa3yLuzTSNz7ZbXj9MlOTAsxwQhDLZoQxfepz9pQuwb-lWf9-h_MwsFqDIvDR2KIwhynxc2pFoR6eAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1cIANHSQH_oTpbmrNKedetLH8x-Q%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

41541470dcd51cbfe35710b989773f4cb8e7703f863766c47a4b412108ee08cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1YDSsXDPO5gxJOppQ1kn5TIT6nSrnFY_qttCldHkI86Gb_2EXoSC6RHk-fYn6BYWf-vS_8iH1inwe7nuSNo99-pasExQd8Y2pJIAG5sIs8uM8PmUTU-r56iCKTy_RKrZfcws8s4T72mMUXS7ClCbyRNkN27s769EtJZtdxdup9h7mNOTljBK0cpUpfUZV5eZ5wV2GtNAcZflxpQ74lPQSGWrqLp-90i7kJyAHeGQx5W2k2g9qze6MpmRSHhbReDk5Plu5w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 109476692
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 12D6 3 KB
1 KB 108ms
57ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12D6 120 KB
37 KB 116ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:37:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 12D6 15 KB
7 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:29:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 12D6 0
0 83ms
31ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDEtGdLheDsQZQsTLHU1F7_QEZ3NE4c1Xu-LAPVAzzSCqCB50nW09xATofj5XKnSEtn1QeghTTAcsEtsAzFi0F0D_yTw
Requested by: Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 12D6 22 KB
7 KB 96ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 06 May 2022 09:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 May 2023 09:45:02 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 23E0 149 KB
50 KB 385ms
217ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeoHg4j4AAxBUD35Vh4fw201f6RrSQ&u=%7CB9ShcX1DkPr9GtuUgqN%2BjmRIs42rdK%2Bg81LYFfGYoGQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xQmFH1Rvc9StwZQUKfaPOFa7rXaRvrF3Pcj87aF6o3ru7fkssSk4BFDMRtX6MhLeu8kpiX3GEXp5GpgOYZmcSeUE7AF8fJMvV8bVF8PwMkap_Jv_qVjq6oxi9z16N4_gj2BW0MnN1ws_WWV-EWncs-xJxTWYOzgUVw6h3jyAP0mE8v3YgdzP18ggvq33bCwHsU-1CQbTKQvWaxz_fQwm7pADGBlBRd048CpQAYxo7AeN1ICYFYZK0sQlAM2LF8HApPiT44mYQ74kZsd1CmFKQGYTqUUFBTEJXefwhaFIPn13WxIenoDIEV3K8s-AFHYxJntBQljjB9yNAtzqOnJGygXBRbCo3eQxlO-sKRBaVSkisxCEpBQbN_FIz03lMx7362FcotAeNxiO3WEnd_6eFGE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVIIPEs16YurzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhAJP0PtpMKwBNb8PFxt9_vjOxD08t9aM5vTZ2HKqU3zdZI-VyHSjaMvFHAvDVrCgqPIe6Qq2TvrVHHviTbpZwGXuMyYJooYo3Xmltyd9w-T3qnJBRqaWw_nghm-q3FkIzrXnPg1YLwgJAe9ywYjiaLZbubYHs0Pxh14ecP8FzQR2NUwl43p_7TfQzAu4Zu59EmDNak2jDDGv3IonOKcOBU8vk3jmy1p_ewD84uPIHRvsfFy18fPuKUly6IRnO3ju7o6eqezV6dc-W5ew_tPUAe7OnEESPnP-RgwrFNQ35sO8Kp0z_14jtAU2eq6gUNHT3Ev1Jrv68kIZEieBsCv3zDd2GaNja-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1IBw_DSonqTu-23Rt2SX698_XBew%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a8da945d44fd2a251a72b10d1205a8f34ecc48b015c320822a6ec781a8d13077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:38 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=O4N1aXDPO5gxJOppCvGLTDGf0ZEb0rEgfRaiWk6G0n2O8ZX31YlBw7kGTU3SKzyQ84rLPLkgvNeMvBWV9sOiaHTMxhO3WHcHIzyltg-OaPzVOmHHr35gwH9PTLy9jKbpkFhp2Su5XnbLCXKXLzJubPnPky1iwLL_hpXfQ8U54rJ7wr7y7lt6iFzVkkSX8_sV70VI-0DrGkfs3waoj08VUdnsBmtmYJ_3KRTyG0QLIu4Ulw5N1kj12u_TmJ1gOwTLa8ePBQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 160015667
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 380A 3 KB
1 KB 108ms
60ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 380A 120 KB
37 KB 161ms
75ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:37:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 380A 15 KB
6 KB 71ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:29:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 380A 0
0 81ms
33ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyUEZq-7vNlkvSK1O97RvOfx2X7sAwOu0hnje6pe9VkwyA6g-xwecyoNp0wcCr_kdVahLTm9sMPZIZ10W7zo_Thf0soA
Requested by: Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 380A 22 KB
7 KB 98ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 06 May 2022 09:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 May 2023 09:45:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DA06 2 KB
1 KB 83ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:59:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 10 May 2022 20:37:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 May 2022 20:37:38 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame C023 2 KB
2 KB 123ms
34ms Script
text/javascript 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=54958152;rtbwp=YnrNEgAEOesHg4j4AAxBUA4stJpzTDCRW8sWFw;rtbdata=jMNqeDmYZHj1ZWqiLebJoomJ6j340_POjJ_N6O06xmPennmfNRiEo3ka8hPpbBFeB0Zv1VhWI64-u9NfcUXFn5I46W1du-_SRy65gPX5_fPN2mQVv_61wgFv_3CBxlGPIkbduINLTsNvRfAZKCm04jYJDlFPdyhrqerasIskYcMb_SLD-92ZP3GKWmtTriCtzAD5wNSrbhfZt8qTfVW1H96-i_obfT1F4K8DPMfHPsiXcVj9FCod5ivBvrwRSrZjor8g8xjG6XBolY1DvR3PyHogzW-FlRZ0p2i9wxCJiUEP-LdFTa6D-_SVq2sSBH4d10e59jRRZMvpfzsDp3jajBKlEctiPOln0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=ClCn8Es16YuvzEPiRjuwP0IKxgAjEs6CUXL7QuIXlAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi03MDExOTU4ODM0NDEwODkxyAEJqQKxc5N9pQWDPuACAKgDAaoEhgJP0O4fcjFK8oPFt-q9mBNqn3WGheezV4ynH8D8aNpdc7hfQKrAjibP3fujqkCm5WqUZPVdTklLNPdsQh4MRs6CvZxotrA7IVpJn3rbBupgQtg-KGMCurP2Yf1dHBsLl8FQwDxwLukeIRimDY8mteZPQ1V4JseZPMEMlMXHY8pt7ubtm47Rk1ixu__fOFoJS93Nh9eboUmwDs7E0YmmnTVsXHp7aK8v3O9AS1Q90xC1xen5-pwP-DFrJ3VaMyNZzcPA6mypV-kVJ-0bCudQMcn22n113FSYcO_DqaFED8BBAHdtwVrk1Wzl4dq66ZHydrqt7O5Oc4cq-zvl3NWFN6Y_8vEZwRFI4AQBgAa05_HM9ufFyV-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_05c8uIOdTemygGX0inhLpilN0etg&client=ca-pub-7011958834410891&adurl=

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

32bab4915c2794e770c2efc2a08bbd1399e17a116fcdfb041fcdd8ca9ef424e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1768
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame C023 3 KB
1 KB 99ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C023 120 KB
37 KB 142ms
66ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:37:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame C023 15 KB
6 KB 78ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:29:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C023 0
0 69ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAFFzZKCwG1VuOVkErsbY1gFxhe9PqP8KmavffX9qiCwE4ceLs6RpMbT38Qr9U1K-qGaZW6ol8X0HS1QbQMbwCvuTx9w
Requested by: Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C023 22 KB
7 KB 92ms
55ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 06 May 2022 09:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 May 2023 09:45:02 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/ Frame DA06 19 KB
8 KB 80ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:37:38 GMT

GET
H2 200 more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DA06 233 B
773 B 96ms
18ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 09 May 2022 16:01:42 GMT
x-content-type-options: nosniff
age: 102957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 May 2023 16:01:42 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C1EF 160 KB
49 KB 356ms
202ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOecHg4j4AAxBUCBFKCfRqJMwy_uiFg&u=%7CB9ShcX1DkPr8FaPriBADfdeqR0TTwMTzcfxd6k2vYWM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5HgB65sIa2ZfT8cisJFKfDLdlwbGN5fjIhLxr4UO-VBjJjcfY8PaTEqcFumVa1Thb4CAh7qKa1WXykQucDoJtP2pg323g1bHk4AiIV-nTgjty9uwvnosDB7JZ3fYl4sdS6ghU15vYcRPuZaacbbCUfjBMnuIaKz0ZKDSSLTQoDHAAZVzhV3fEcM_yBReVhKWTaKLNkvaHg9bbR_wuc1rsrEWKcRxdDifLWE4w6ypKcEog7mjps6GYBhv5dN2kUaop2HlB0tmUZJ-m27eua70DJuVPReF4MI-qJLDF7OhakfPmC8tSZOFRTRl6PlbD7-OkMPMQ9xuaa4krv5ltGt5KY4d8tKPjFVDOvYlsVm97W4HKKX9EKJHYJpJEmJxm9xDGvjHE12Uwxoq2-m--jh4rHs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlqjEs16YufzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhQJP0Pqhi5dP0kn9AZc_B3LHC9ATlPl1gPm5vfNE51FqlIQ5wXcrUd5hHuFVpRCsw5ihVhChFZfSJYXf7PknTXFyImJmfBR8LhljdX5Jt226xrL41GHLzci2SjQSebVqOR7up2fQlJM-94cHz2CIzzzE_MbALWtUJkTKkJAcWtjvQ1tUM6-spbcrQNymNNxluFOr00VRchDMf8WmxHMbSxIjbI80WBPCA-HFDhS7B6X1_l7-UwnuiBtQ6sovCVVNiuL1kwAYnhKARUSRzXdX83CWF6oHoU6_yRdOx_b1hN9UwMNgn4S801kdWfWf8e2VHgDjbsG3-umrHQ81mlj8jPgNupNkE5fgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3nO5tjF22iQhRNoGSLPjNLRYJWKw%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d1bae6ec107ade4ece859c8bf1bb73b274c731c230eb376f112cbc68873cafda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:38 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OhWPNHDPO5gxJOpp3Ax4Ua-LboF0G9R7FNjvS13vpGSb9_j0qZoSInXcXNM5iQIU7k338lIHLEwOSSmXeA4IMoPkX6NilWBKHaEZQbhYxzM81-OMKillLdt5Dh2houmAhZX_stUeMo8iy_9FrrpqEcRvxnHVgmgqOOxOB9fH3DpT0ip2ODkM-J8K8AmMIZnw8TDRY7z-ZUmsz6LfDcxOXjaiddixrBR86LBRiduwLgJVYUbT1XnoTUmx2k948_JupXIgyA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 113839019
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 4E1B 3 KB
1 KB 95ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:08:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E1B 120 KB
37 KB 123ms
51ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:37:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 4E1B 15 KB
6 KB 59ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:29:03 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4E1B 22 KB
7 KB 82ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 06 May 2022 09:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 May 2023 09:45:02 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 491ms
107ms XHR
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1652215058977&sessionId=03b0d0e9-26ca-be42-8c0b-70f0029f1c63&url=www.pua-unemployment-login.com&cheqSource=1&cheqEvent=3&responseTime=229
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:37:39 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 4890ae860daea4d41601a1773fb0bdf6
Content-Length: 4
Expires: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame C023 33 KB
16 KB 229ms
79ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54958152;rtbwp=YnrNEgAEOesHg4j4AAxBUA4stJpzTDCRW8sWFw;rtbdata=jMNqeDmYZHj1ZWqiLebJoomJ6j340_POjJ_N6O06xmPennmfNRiEo3ka8hPpbBFeB0Zv1VhWI64-u9NfcUXFn5I46W1du-_SRy65gPX5_fPN2mQVv_61wgFv_3CBxlGPIkbduINLTsNvRfAZKCm04jYJDlFPdyhrqerasIskYcMb_SLD-92ZP3GKWmtTriCtzAD5wNSrbhfZt8qTfVW1H96-i_obfT1F4K8DPMfHPsiXcVj9FCod5ivBvrwRSrZjor8g8xjG6XBolY1DvR3PyHogzW-FlRZ0p2i9wxCJiUEP-LdFTa6D-_SVq2sSBH4d10e59jRRZMvpfzsDp3jajBKlEctiPOln0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=ClCn8Es16YuvzEPiRjuwP0IKxgAjEs6CUXL7QuIXlAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi03MDExOTU4ODM0NDEwODkxyAEJqQKxc5N9pQWDPuACAKgDAaoEhgJP0O4fcjFK8oPFt-q9mBNqn3WGheezV4ynH8D8aNpdc7hfQKrAjibP3fujqkCm5WqUZPVdTklLNPdsQh4MRs6CvZxotrA7IVpJn3rbBupgQtg-KGMCurP2Yf1dHBsLl8FQwDxwLukeIRimDY8mteZPQ1V4JseZPMEMlMXHY8pt7ubtm47Rk1ixu__fOFoJS93Nh9eboUmwDs7E0YmmnTVsXHp7aK8v3O9AS1Q90xC1xen5-pwP-DFrJ3VaMyNZzcPA6mypV-kVJ-0bCudQMcn22n113FSYcO_DqaFED8BBAHdtwVrk1Wzl4dq66ZHydrqt7O5Oc4cq-zvl3NWFN6Y_8vEZwRFI4AQBgAa05_HM9ufFyV-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_05c8uIOdTemygGX0inhLpilN0etg&client=ca-pub-7011958834410891&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 12 May 2022 00:18:15 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 10 KB
3 KB 248ms
178ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=%27.get_permalink().%27&idx=0&rand=4489&key=NANOWDGT01&widgetJSId=GS_6&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=1055&py=911&vpd=0&cw=324&activeTab=true&darkMode=false&settings=true&recs=true&version=2000718&sig=szi9gL1o&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 73c1aea897e8cab316b35982aedaf5471a82db36bfc5c9dc498fda6ca395d284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1652215059.166984,VS0,VE157
accept-ranges: bytes
x-served-by: cache-lga21928-LGA, cache-hhn4058-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 0742024e86c887857ef7509f0b40eff2
content-encoding: gzip
content-length: 3266
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.742/ 658 KB
179 KB 160ms
36ms Script
application/javascript 2600:9000:225f:1200:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.742/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:1200:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 14:40:17 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 06:41:24 GMT
server: AmazonS3
age: 2354243
etag: W/"d40fd85fcbb9dac1ff245ac8cec6aeb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 00d7096d979158a97e3d45ef36d6ae4a.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: RYx9VZB3hiCc_GKu_3oJeUp8mb5QA21hdRurjwfxXtFd8pmIWAy7Yw==

GET
DATA 200
OK truncated
/ Frame 12D6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0e57e4adf565605936e6970da52f6813df6ca71c08c3a27e5ff5ac4a6e63146

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4E1B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7dc0a0e4d445653b89cc1f805d5e0f4be8ee99567287075bc983e95671f5efe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 12D6 0
0 59ms
59ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHNuDEs16YuXzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhwJP0JLKZXEHgSW3nwFeoQEmGzaC-y5U65jQuvnscy7SqGeTHPUHI50kl1QTa6xaYhLxPnDpc7bmlXTI9KJ_-IQmso5qtU8YvyvDBZMTOtcDqB3xDH7vki5OhvSWdAfuGkC3zwMsZ_5Ui91d32k4iNw4c2RdY71aUMEKt2kOXk7hm12LzqdhsgsWLxNZbMqGYaogEibk21wp-LDVxSAFbwrj7LPipZKDF5iOD6V93NNCzpXHdxVANsmP4nch8P_oxwA66DIXV1NuHaDpNbAyeZXx0Sa3yLuzTSNz7ZbXj9MlOTBuxSWzizn0UKhCs5y5f0rj80GVQeJRK4mxYA-J_6KUDxD3NZMlG-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzAxMTk1ODgzNDQxMDg5MRjT2nM&sigh=kbr3xqw_IAw&uach_m=[UACH]&cid=CAQSPgCNIrLMpqnSv8o0FpOuzyhOF422NTCU3zxBSCKCHIrV_4IUnpCSI1MoPayDXchFagApKPL1bSFk6-AleownGAE&cbvp=2&vis=1
Requested by: Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 12D6 0
126 B 159ms
36ms Image
text/plain 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EI-lBKwC2ASdg2ICAgAAALri8-6L2MhMEBLNemJrec7XofRAxq5bdQASAAA&wp=YnrNEgAEOeUHg4j4AAxBULdj5rIh4qu6MKDzrA&cbvp=2

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 143489
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4E1B 0
0 62ms
61ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYvbMEs16YufzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEggJP0Pqhi5dP0kn9AZc_B3LHC9ATlPl1gPm5vfNE51FqlIQ5wXcrUd5hHuFVpRCsw5ihVhChFZfSJYXf7PknTXFyImJmfBR8LhljdX5Jt226xrL41GHLzci2SjQSebVqOR7up2fQlJM-94cHz2CIzzzE_MbALWtUJkTKkJAcWtjvQ1tUM6-spbcrQNymNNxluFOr00VRchDMf8WmxHMbSxIjbI80WBPCA-HFDhS7B6X1_l7-UwnuiBtQ6sovCVVNiuL1kwAYnhKARUSRzXdX83CWF6oHoU6_yRdOx_b1xt11UkTvA5cDT02-icg5CeSBFLbpQNk1TiGWu_2KhHTkCVKJqSzgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTcwMTE5NTg4MzQ0MTA4OTEY09pz&sigh=219TnsEFtH4&uach_m=[UACH]&cid=CAQSPgCNIrLMpqnSv8o0FpOuzyhOF422NTCU3zxBSCKCHIrV_4IUnpCSI1MoPayDXchFagApKPL1bSFk6-AleownGAE&cbvp=2&vis=1
Requested by: Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4E1B 0
125 B 159ms
37ms Image
text/plain 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8ELikCdACmAKdg2ICAgAAALri8-6L2MhMEBHNemI4CXQx2mzAjrML2AASAAA&wp=YnrNEgAEOecHg4j4AAxBUCBFKCfRqJMwy_uiFg&cbvp=2

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 233390
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 380A 0
0 60ms
59ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbMMrEs16YurzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEgQJP0PtpMKwBNb8PFxt9_vjOxD08t9aM5vTZ2HKqU3zdZI-VyHSjaMvFHAvDVrCgqPIe6Qq2TvrVHHviTbpZwGXuMyYJooYo3Xmltyd9w-T3qnJBRqaWw_nghm-q3FkIzrXnPg1YLwgJAe9ywYjiaLZbubYHs0Pxh14ecP8FzQR2NUwl43p_7TfQzAu4Zu59EmDNak2jDDGv3IonOKcOBU8vk3jmy1p_ewD84uPIHRvsfFy18fPuKUly6IRnO3ju7o6eqezV6dc-W5ew_tPUAe7OnEESPnP-RgwrFNR15OIurRKv7OG_oKbmRwhYWcXZakHbPjlOOn-_4JifnDNyZrNlpuAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzAxMTk1ODgzNDQxMDg5MRjT2nM&sigh=e2GqYnfFu38&uach_m=[UACH]&cid=CAQSPgCNIrLMpqnSv8o0FpOuzyhOF422NTCU3zxBSCKCHIrV_4IUnpCSI1MoPayDXchFagApKPL1bSFk6-AleownGAE&cbvp=2&vis=1
Requested by: Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 380A 0
125 B 149ms
36ms Image
text/plain 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMg12AVanYNiAgIAAAC64vPui9jITBARzXpiDQaOFtBHdIzgr2kAEgAA&wp=YnrNEgAEOeoHg4j4AAxBUD35Vh4fw201f6RrSQ&cbvp=2

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 294062
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
DATA 200
OK truncated
/ Frame 380A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e423158984ab619843546ee2c2efa472a104c53d2bb7b6ab52cc155b5aa62544

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6C2D 2 KB
1 KB 116ms
39ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeUHg4j4AAxBULdj5rIh4qu6MKDzrA&u=%7CB9ShcX1DkPpiVdGon0s3FcwNDPnAR9OQJtHZchFVCso%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3F43m2ZvVguMgR8HxIBqOfzKdeNvxoYPjuGtYVWpxol9TCxq8DpRHuTTUECIaUdWocdQx6c29NJs538babgIYT38VEb6dmSdkdCDR-wZc8YhluM0-F3GWvrriMuJyaYSwaNdinN7BmFZjqtzzBA03xzLTfLDg3hPaJa6WDggoFxqPTTbl8cFQg7NVQ7CszNoiNZVQ-kGc4U2tvYlietuRFa23X4GYDJBvAmFVpubiZwliZX8XOV2oRe_kMtnv5yRwA5DoVIHZdztuOwwZCauFn7WE1O74uslwIN8WKKStzYML5zO6gG4minvoisORKdD0g2cC-42KNyEF-JdhvO2T4DqHJNIBLSEng6FdTbJPG_Auzsjr3rVqEM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2ktwEs16YuXzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEigJP0JLKZXEHgSW3nwFeoQEmGzaC-y5U65jQuvnscy7SqGeTHPUHI50kl1QTa6xaYhLxPnDpc7bmlXTI9KJ_-IQmso5qtU8YvyvDBZMTOtcDqB3xDH7vki5OhvSWdAfuGkC3zwMsZ_5Ui91d32k4iNw4c2RdY71aUMEKt2kOXk7hm12LzqdhsgsWLxNZbMqGYaogEibk21wp-LDVxSAFbwrj7LPipZKDF5iOD6V93NNCzpXHdxVANsmP4nch8P_oxwA66DIXV1NuHaDpNbAyeZXx0Sa3yLuzTSNz7ZbXj9MlOTAsxwQhDLZoQxfepz9pQuwb-lWf9-h_MwsFqDIvDR2KIwhynxc2pFoR6eAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1cIANHSQH_oTpbmrNKedetLH8x-Q%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6C2D 2 KB
1 KB 116ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6C2D 308 B
636 B 147ms
73ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 6C2D 507 B
835 B 146ms
73ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6C2D 0
690 B 232ms
132ms Image
text/plain 2600:9000:2127:9600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215058
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeUHg4j4AAxBULdj5rIh4qu6MKDzrA&u=%7CB9ShcX1DkPpiVdGon0s3FcwNDPnAR9OQJtHZchFVCso%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3F43m2ZvVguMgR8HxIBqOfzKdeNvxoYPjuGtYVWpxol9TCxq8DpRHuTTUECIaUdWocdQx6c29NJs538babgIYT38VEb6dmSdkdCDR-wZc8YhluM0-F3GWvrriMuJyaYSwaNdinN7BmFZjqtzzBA03xzLTfLDg3hPaJa6WDggoFxqPTTbl8cFQg7NVQ7CszNoiNZVQ-kGc4U2tvYlietuRFa23X4GYDJBvAmFVpubiZwliZX8XOV2oRe_kMtnv5yRwA5DoVIHZdztuOwwZCauFn7WE1O74uslwIN8WKKStzYML5zO6gG4minvoisORKdD0g2cC-42KNyEF-JdhvO2T4DqHJNIBLSEng6FdTbJPG_Auzsjr3rVqEM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2ktwEs16YuXzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEigJP0JLKZXEHgSW3nwFeoQEmGzaC-y5U65jQuvnscy7SqGeTHPUHI50kl1QTa6xaYhLxPnDpc7bmlXTI9KJ_-IQmso5qtU8YvyvDBZMTOtcDqB3xDH7vki5OhvSWdAfuGkC3zwMsZ_5Ui91d32k4iNw4c2RdY71aUMEKt2kOXk7hm12LzqdhsgsWLxNZbMqGYaogEibk21wp-LDVxSAFbwrj7LPipZKDF5iOD6V93NNCzpXHdxVANsmP4nch8P_oxwA66DIXV1NuHaDpNbAyeZXx0Sa3yLuzTSNz7ZbXj9MlOTAsxwQhDLZoQxfepz9pQuwb-lWf9-h_MwsFqDIvDR2KIwhynxc2pFoR6eAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1cIANHSQH_oTpbmrNKedetLH8x-Q%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:39 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: HYZ8vF2O0Ok8u8kOJWOux63A7yPwpNk-OYItgmJpIRe7ZhGIM999aw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6C2D 43 B
348 B 338ms
35ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=i_Qpi-eY1lTfXKpfqTBHIEZqRfQPzlI6nMJz29cY2jTRc3hDkPAGZfX2k56fHQwA1hEb3guAHswF_H1CAvca6V4GAJrdbqAnqJb6C-Q8NFm11Uku3zyoGrvpxnufLy2Fg8K9opvHKtVspeE0o-fi2-zr7Q29O1dN7NuztfPyPS0osv0X1fHzzq4vAB-NACsEams702j74pxsdbmIErAuxdjxXru7e3pqrF8sTxOBiLXgQSTZs8imkypeQ65096g7-apr9-Smozs0p4KcSrOLZ6SkO9AAk-tiFnJCQfAlrqcgtWF8dGNrJtIjvQJH2xPr8anpQMrLGkxscAsW_xuLsFSU4NhJWJVtV28UOLQcC-BK1P0wEMxvTe2qh0WMsqfFp08zEz_qs1CAnSZntFKCgt3IOK2MsnZHsuIHgex8u72TImk2tvj13AnrlOemGM5sdv69B_MORyERaoUfnb3J_EwgvHg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:39 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2863739
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i
ipds.adrta.com/ Frame 6C2D
Redirect Chain

https://adrta.com/i?cb=627acd12d2b805bf2139c6557ade07f1&clid=co&paid=co&avid=1906&caid=278118&plid=11018983&publisherId=2892&kv1=300X600&kv2=https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googl...
https://ipds.adrta.com/i?__x=HFLFHFKFHGJCIJHBHAJJJONNGINLHLHGLGHIG@FNLGIIKFJNMMGBNIGFJQLNMHLGFIKPKJIAGKJJIFLHKOJKJBKMQJIFGOINGHGKFFHGJBILKGGILELQKLG@HBEBH&cb=627acd12d2b805bf2139c6557ade07f1&clid=c...

43 B
211 B

339ms
107ms

Image
image/gif

2600:1f18:26d4:7e04:a495:bd3b:3647:1ec1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipds.adrta.com/i?__x=HFLFHFKFHGJCIJHBHAJJJONNGINLHLHGLGHIG@FNLGIIKFJNMMGBNIGFJQLNMHLGFIKPKJIAGKJJIFLHKOJKJBKMQJIFGOINGHGKFFHGJBILKGGILELQKLG@HBEBH&cb=627acd12d2b805bf2139c6557ade07f1&clid=co&paid=co&avid=1906&caid=278118&plid=11018983&publisherId=2892&kv1=300X600&kv2=https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/&kv3=64571a1c-8225-4f66-be15-090419c33bf9&kv4=2001:1b60:1010::&kv7=317&kv11=627acd12d2b805bf2139c6557ade07f1&kv12=70287&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&kv24=Windows_Web
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeUHg4j4AAxBULdj5rIh4qu6MKDzrA&u=%7CB9ShcX1DkPpiVdGon0s3FcwNDPnAR9OQJtHZchFVCso%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3F43m2ZvVguMgR8HxIBqOfzKdeNvxoYPjuGtYVWpxol9TCxq8DpRHuTTUECIaUdWocdQx6c29NJs538babgIYT38VEb6dmSdkdCDR-wZc8YhluM0-F3GWvrriMuJyaYSwaNdinN7BmFZjqtzzBA03xzLTfLDg3hPaJa6WDggoFxqPTTbl8cFQg7NVQ7CszNoiNZVQ-kGc4U2tvYlietuRFa23X4GYDJBvAmFVpubiZwliZX8XOV2oRe_kMtnv5yRwA5DoVIHZdztuOwwZCauFn7WE1O74uslwIN8WKKStzYML5zO6gG4minvoisORKdD0g2cC-42KNyEF-JdhvO2T4DqHJNIBLSEng6FdTbJPG_Auzsjr3rVqEM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2ktwEs16YuXzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEigJP0JLKZXEHgSW3nwFeoQEmGzaC-y5U65jQuvnscy7SqGeTHPUHI50kl1QTa6xaYhLxPnDpc7bmlXTI9KJ_-IQmso5qtU8YvyvDBZMTOtcDqB3xDH7vki5OhvSWdAfuGkC3zwMsZ_5Ui91d32k4iNw4c2RdY71aUMEKt2kOXk7hm12LzqdhsgsWLxNZbMqGYaogEibk21wp-LDVxSAFbwrj7LPipZKDF5iOD6V93NNCzpXHdxVANsmP4nch8P_oxwA66DIXV1NuHaDpNbAyeZXx0Sa3yLuzTSNz7ZbXj9MlOTAsxwQhDLZoQxfepz9pQuwb-lWf9-h_MwsFqDIvDR2KIwhynxc2pFoR6eAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1cIANHSQH_oTpbmrNKedetLH8x-Q%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Server: 2600:1f18:26d4:7e04:a495:bd3b:3647:1ec1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:39 GMT
cache-control: no-cache
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=HFLFHFKFHGJCIJHBHAJJJONNGINLHLHGLGHIG@FNLGIIKFJNMMGBNIGFJQLNMHLGFIKPKJIAGKJJIFLHKOJKJBKMQJIFGOINGHGKFFHGJBILKGGILELQKLG@HBEBH&cb=627acd12d2b805bf2139c6557ade07f1&clid=co&paid=co&avid=1906&caid=278118&plid=11018983&publisherId=2892&kv1=300X600&kv2=https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/&kv3=64571a1c-8225-4f66-be15-090419c33bf9&kv4=2001:1b60:1010::&kv7=317&kv11=627acd12d2b805bf2139c6557ade07f1&kv12=70287&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/101.0.4951.64%20Safari/537.36&kv24=Windows_Web
date: Tue, 10 May 2022 20:37:39 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6C2D 12 KB
6 KB 88ms
40ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 16 KB
16 KB 323ms
26ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=VmpB6zKqWSQPc8u3HQtDjREj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29478960
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16600
expires: Mon, 17 Apr 2023 01:13:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 2 KB
2 KB 349ms
52ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2Flogodrivetech-Fahrversuch-GmbH-171567DE.gif%3Feb%3D1&v=3&w=800&s=1GTJgbcAiVvY7_ggstT1IrP4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=845404
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1538
expires: Fri, 20 May 2022 15:27:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 2 KB
3 KB 350ms
53ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoAmprio-GmbH-201935DE-2106231706.gif%3Feb%3D1&v=3&w=800&s=HokYZuKMzPY0PkFyJnXtNULS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=996062
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Sun, 22 May 2022 09:18:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 2 KB
2 KB 347ms
51ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoStepStone-GmbH-148733DE.gif%3Feb%3D1&v=3&w=800&s=3Z7pKamwHk51W_XnQuTU03dr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=398773
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1770
expires: Sun, 15 May 2022 11:23:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 3 KB
3 KB 349ms
53ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoABF-Pharmazie-GmbH-Co-KG-276589DE-2112061114.gif%3Feb%3D1&v=3&w=800&s=vJeTBViTBA0akNWov1NPb446&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

511dfce7c1f8030304d0d886e6f4a408a84e76c4a8ca8a1ca1a3414dcaf54dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2212900
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2770
expires: Sun, 05 Jun 2022 11:19:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 1 KB
1 KB 346ms
50ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=800&s=kazlmmYaf1I4CAPjpV7VMXGz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=776350
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1100
expires: Thu, 19 May 2022 20:16:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 1 KB
2 KB 33ms
30ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoIlle-Papier-Service-GmbH-280332DE-2111180848.gif%3Feb%3D1&v=3&w=800&s=74XW6ztms1yLBuCIA2_W-hQs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d5ea9fcb2a448ba0c621ea95e22d27827e79c5aabee99a0ccea258665e5f40a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1469705
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1450
expires: Fri, 27 May 2022 20:52:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 1 KB
2 KB 35ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoTechnogroup-IT-Service-GmbH-45652DE.gif%3Feb%3D1&v=3&w=800&s=dYdFw1alVZl6jWGEHJsx_qRL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b39349eebb957b335ca10b8c2b561e02fb2312c5d5f7429db47901c567262737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1031
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1494
expires: Tue, 10 May 2022 20:54:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 5 KB
5 KB 34ms
30ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoZenJob-GmbH-Extern-253922DE-2011231050.gif%3Feb%3D1&v=3&w=800&s=yNtVSyMvGQ7vNe6i3CJi6U6k&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:38 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4833
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6C2D 990 B
1 KB 34ms
31ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoLUTZ-ABEL-Rechtsanwalts-PartG-mbB-163976DE-1912191143.gif%3Feb%3D1&v=3&w=800&s=4TqPF-lDJlc4kgjixhAEUcsV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

926ec2b77636aee554d9f5515f6522825dac771f3e4f9e011cba46d5decf322e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2040633
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 990
expires: Fri, 03 Jun 2022 11:28:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6C2D 0
128 B 434ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=1YDSsXDPO5gxJOppQ1kn5TIT6nSrnFY_qttCldHkI86Gb_2EXoSC6RHk-fYn6BYWf-vS_8iH1inwe7nuSNo99-pasExQd8Y2pJIAG5sIs8uM8PmUTU-r56iCKTy_RKrZfcws8s4T72mMUXS7ClCbyRNkN27s769EtJZtdxdup9h7mNOTljBK0cpUpfUZV5eZ5wV2GtNAcZflxpQ74lPQSGWrqLp-90i7kJyAHeGQx5W2k2g9qze6MpmRSHhbReDk5Plu5w&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:37:38 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6C2D 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6C2D 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C1EF 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOecHg4j4AAxBUCBFKCfRqJMwy_uiFg&u=%7CB9ShcX1DkPr8FaPriBADfdeqR0TTwMTzcfxd6k2vYWM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5HgB65sIa2ZfT8cisJFKfDLdlwbGN5fjIhLxr4UO-VBjJjcfY8PaTEqcFumVa1Thb4CAh7qKa1WXykQucDoJtP2pg323g1bHk4AiIV-nTgjty9uwvnosDB7JZ3fYl4sdS6ghU15vYcRPuZaacbbCUfjBMnuIaKz0ZKDSSLTQoDHAAZVzhV3fEcM_yBReVhKWTaKLNkvaHg9bbR_wuc1rsrEWKcRxdDifLWE4w6ypKcEog7mjps6GYBhv5dN2kUaop2HlB0tmUZJ-m27eua70DJuVPReF4MI-qJLDF7OhakfPmC8tSZOFRTRl6PlbD7-OkMPMQ9xuaa4krv5ltGt5KY4d8tKPjFVDOvYlsVm97W4HKKX9EKJHYJpJEmJxm9xDGvjHE12Uwxoq2-m--jh4rHs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlqjEs16YufzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhQJP0Pqhi5dP0kn9AZc_B3LHC9ATlPl1gPm5vfNE51FqlIQ5wXcrUd5hHuFVpRCsw5ihVhChFZfSJYXf7PknTXFyImJmfBR8LhljdX5Jt226xrL41GHLzci2SjQSebVqOR7up2fQlJM-94cHz2CIzzzE_MbALWtUJkTKkJAcWtjvQ1tUM6-spbcrQNymNNxluFOr00VRchDMf8WmxHMbSxIjbI80WBPCA-HFDhS7B6X1_l7-UwnuiBtQ6sovCVVNiuL1kwAYnhKARUSRzXdX83CWF6oHoU6_yRdOx_b1hN9UwMNgn4S801kdWfWf8e2VHgDjbsG3-umrHQ81mlj8jPgNupNkE5fgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3nO5tjF22iQhRNoGSLPjNLRYJWKw%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C1EF 2 KB
1 KB 58ms
58ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C1EF 308 B
636 B 40ms
39ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame C1EF 507 B
835 B 40ms
39ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame C1EF 0
689 B 131ms
131ms Image
text/plain 2600:9000:2127:9600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215058
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOecHg4j4AAxBUCBFKCfRqJMwy_uiFg&u=%7CB9ShcX1DkPr8FaPriBADfdeqR0TTwMTzcfxd6k2vYWM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5HgB65sIa2ZfT8cisJFKfDLdlwbGN5fjIhLxr4UO-VBjJjcfY8PaTEqcFumVa1Thb4CAh7qKa1WXykQucDoJtP2pg323g1bHk4AiIV-nTgjty9uwvnosDB7JZ3fYl4sdS6ghU15vYcRPuZaacbbCUfjBMnuIaKz0ZKDSSLTQoDHAAZVzhV3fEcM_yBReVhKWTaKLNkvaHg9bbR_wuc1rsrEWKcRxdDifLWE4w6ypKcEog7mjps6GYBhv5dN2kUaop2HlB0tmUZJ-m27eua70DJuVPReF4MI-qJLDF7OhakfPmC8tSZOFRTRl6PlbD7-OkMPMQ9xuaa4krv5ltGt5KY4d8tKPjFVDOvYlsVm97W4HKKX9EKJHYJpJEmJxm9xDGvjHE12Uwxoq2-m--jh4rHs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLlqjEs16YufzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhQJP0Pqhi5dP0kn9AZc_B3LHC9ATlPl1gPm5vfNE51FqlIQ5wXcrUd5hHuFVpRCsw5ihVhChFZfSJYXf7PknTXFyImJmfBR8LhljdX5Jt226xrL41GHLzci2SjQSebVqOR7up2fQlJM-94cHz2CIzzzE_MbALWtUJkTKkJAcWtjvQ1tUM6-spbcrQNymNNxluFOr00VRchDMf8WmxHMbSxIjbI80WBPCA-HFDhS7B6X1_l7-UwnuiBtQ6sovCVVNiuL1kwAYnhKARUSRzXdX83CWF6oHoU6_yRdOx_b1hN9UwMNgn4S801kdWfWf8e2VHgDjbsG3-umrHQ81mlj8jPgNupNkE5fgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3nO5tjF22iQhRNoGSLPjNLRYJWKw%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:39 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: v1-j9pu0JiVNDBOMitgZ6JSwRqhAajfbNIWDYEM4yUlgghxcmPzWnA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame C1EF 43 B
347 B 225ms
36ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Zq-2NzACq-ghFkGvPg4D7jpfanof93K0dZziglNx0aMrXMVMMyiHHSAobDVhj3D8li01KvaoxTe-rCNNbolBQQljk5pWuq9qHWupBuluP3WgFplNbdUy2Up8TngpmlIi-tWKXvpb7_BFhxs20V2RBH-ehFI9nIdu6hVcrJSwVVNkh5El3imiEoUdlWanPmkzQaAPlxdz33uN9KoUpPYD2SN_DIH3vWrVkCjCKZZsldS45KDyYl5lDpOqALKWbinjHit5o2i6l3DQMEXKkcTGyLvj-ogTXwt9n71TFEAXNMytNb9tVf7JNQ3WatCKGvhTB68K6tYNf8nZkz7yIaWZ924FM3WvijDNAulVKQYh5FQqrLnGv3YBTmrFdoDhnLZ6_6swlNUWuX6wsfRM7utvKvEN96vjAWZYFWOiH8bAflZ0Iycom3MnNsWzIqYw555vRvDqLQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:38 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3310188
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame C023 7 KB
4 KB 34ms
34ms Script
text/javascript 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=54958152;rtbwp=YnrNEgAEOesHg4j4AAxBUA4stJpzTDCRW8sWFw;rtbdata=jMNqeDmYZHj1ZWqiLebJoomJ6j340_POjJ_N6O06xmPennmfNRiEo3ka8hPpbBFeB0Zv1VhWI64-u9NfcUXFn5I46W1du-_SRy65gPX5_fPN2mQVv_61wgFv_3CBxlGPIkbduINLTsNvRfAZKCm04jYJDlFPdyhrqerasIskYcMb_SLD-92ZP3GKWmtTriCtzAD5wNSrbhfZt8qTfVW1H96-i_obfT1F4K8DPMfHPsiXcVj9FCod5ivBvrwRSrZjor8g8xjG6XBolY1DvR3PyHogzW-FlRZ0p2i9wxCJiUEP-LdFTa6D-_SVq2sSBH4d10e59jRRZMvpfzsDp3jajBKlEctiPOln0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=ClCn8Es16YuvzEPiRjuwP0IKxgAjEs6CUXL7QuIXlAsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi03MDExOTU4ODM0NDEwODkxyAEJqQKxc5N9pQWDPuACAKgDAaoEhgJP0O4fcjFK8oPFt-q9mBNqn3WGheezV4ynH8D8aNpdc7hfQKrAjibP3fujqkCm5WqUZPVdTklLNPdsQh4MRs6CvZxotrA7IVpJn3rbBupgQtg-KGMCurP2Yf1dHBsLl8FQwDxwLukeIRimDY8mteZPQ1V4JseZPMEMlMXHY8pt7ubtm47Rk1ixu__fOFoJS93Nh9eboUmwDs7E0YmmnTVsXHp7aK8v3O9AS1Q90xC1xen5-pwP-DFrJ3VaMyNZzcPA6mypV-kVJ-0bCudQMcn22n113FSYcO_DqaFED8BBAHdtwVrk1Wzl4dq66ZHydrqt7O5Oc4cq-zvl3NWFN6Y_8vEZwRFI4AQBgAa05_HM9ufFyV-gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_05c8uIOdTemygGX0inhLpilN0etg&client=ca-pub-7011958834410891&adurl=;js=1;adfxid=1x;10042;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.pua-unemployment-login.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c438177875f2623a1d17bf5ba633914aaca696b052d403c7c949848164da616f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3314
expires: -1

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 23E0 2 KB
1 KB 50ms
49ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeoHg4j4AAxBUD35Vh4fw201f6RrSQ&u=%7CB9ShcX1DkPr9GtuUgqN%2BjmRIs42rdK%2Bg81LYFfGYoGQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xQmFH1Rvc9StwZQUKfaPOFa7rXaRvrF3Pcj87aF6o3ru7fkssSk4BFDMRtX6MhLeu8kpiX3GEXp5GpgOYZmcSeUE7AF8fJMvV8bVF8PwMkap_Jv_qVjq6oxi9z16N4_gj2BW0MnN1ws_WWV-EWncs-xJxTWYOzgUVw6h3jyAP0mE8v3YgdzP18ggvq33bCwHsU-1CQbTKQvWaxz_fQwm7pADGBlBRd048CpQAYxo7AeN1ICYFYZK0sQlAM2LF8HApPiT44mYQ74kZsd1CmFKQGYTqUUFBTEJXefwhaFIPn13WxIenoDIEV3K8s-AFHYxJntBQljjB9yNAtzqOnJGygXBRbCo3eQxlO-sKRBaVSkisxCEpBQbN_FIz03lMx7362FcotAeNxiO3WEnd_6eFGE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVIIPEs16YurzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhAJP0PtpMKwBNb8PFxt9_vjOxD08t9aM5vTZ2HKqU3zdZI-VyHSjaMvFHAvDVrCgqPIe6Qq2TvrVHHviTbpZwGXuMyYJooYo3Xmltyd9w-T3qnJBRqaWw_nghm-q3FkIzrXnPg1YLwgJAe9ywYjiaLZbubYHs0Pxh14ecP8FzQR2NUwl43p_7TfQzAu4Zu59EmDNak2jDDGv3IonOKcOBU8vk3jmy1p_ewD84uPIHRvsfFy18fPuKUly6IRnO3ju7o6eqezV6dc-W5ew_tPUAe7OnEESPnP-RgwrFNQ35sO8Kp0z_14jtAU2eq6gUNHT3Ev1Jrv68kIZEieBsCv3zDd2GaNja-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1IBw_DSonqTu-23Rt2SX698_XBew%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 23E0 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 23E0 308 B
636 B 42ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 23E0 507 B
835 B 41ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 23E0 0
689 B 135ms
134ms Image
text/plain 2600:9000:2127:9600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215058
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNEgAEOeoHg4j4AAxBUD35Vh4fw201f6RrSQ&u=%7CB9ShcX1DkPr9GtuUgqN%2BjmRIs42rdK%2Bg81LYFfGYoGQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xQmFH1Rvc9StwZQUKfaPOFa7rXaRvrF3Pcj87aF6o3ru7fkssSk4BFDMRtX6MhLeu8kpiX3GEXp5GpgOYZmcSeUE7AF8fJMvV8bVF8PwMkap_Jv_qVjq6oxi9z16N4_gj2BW0MnN1ws_WWV-EWncs-xJxTWYOzgUVw6h3jyAP0mE8v3YgdzP18ggvq33bCwHsU-1CQbTKQvWaxz_fQwm7pADGBlBRd048CpQAYxo7AeN1ICYFYZK0sQlAM2LF8HApPiT44mYQ74kZsd1CmFKQGYTqUUFBTEJXefwhaFIPn13WxIenoDIEV3K8s-AFHYxJntBQljjB9yNAtzqOnJGygXBRbCo3eQxlO-sKRBaVSkisxCEpBQbN_FIz03lMx7362FcotAeNxiO3WEnd_6eFGE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVIIPEs16YurzEPiRjuwP0IKxgAjJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLhi7zj7a-xPuACAKgDAaoEhAJP0PtpMKwBNb8PFxt9_vjOxD08t9aM5vTZ2HKqU3zdZI-VyHSjaMvFHAvDVrCgqPIe6Qq2TvrVHHviTbpZwGXuMyYJooYo3Xmltyd9w-T3qnJBRqaWw_nghm-q3FkIzrXnPg1YLwgJAe9ywYjiaLZbubYHs0Pxh14ecP8FzQR2NUwl43p_7TfQzAu4Zu59EmDNak2jDDGv3IonOKcOBU8vk3jmy1p_ewD84uPIHRvsfFy18fPuKUly6IRnO3ju7o6eqezV6dc-W5ew_tPUAe7OnEESPnP-RgwrFNQ35sO8Kp0z_14jtAU2eq6gUNHT3Ev1Jrv68kIZEieBsCv3zDd2GaNja-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1IBw_DSonqTu-23Rt2SX698_XBew%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:39 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: k0NTYwbZ-3YtHhYA4xoOjywqfnN-joLj4kITAo0A25nCXH59ECd5Wg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 23E0 43 B
347 B 208ms
36ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=t7y4keFtwMx5BkCzaq8HKeJFXfMZ0PGs6rg9j_J8iK2twFhkQeluBoXPJS9qzR5hSVlUioMmNCaK-5Jiq2xscaeODmvpj_6iHvzj48Ys9anQ5CMoj4th0Y_N_eFOEDMrQFM9Pfx9D5UyPkQsS71WBiTR_j18EUjMa_-gFS8K43V5khJCkSaSuuqYXjoR3_zwGOyD4oJ4jOvPZ98bTIPVRGC9AsS15Ssp3fnAAurYGzSnQ1MeM65k1uUQ9AW47lPh6YmKpIelfJiEosD9So3kXOjrUQXsqZdo04lKnGYNMfPL68R7tLkhTZ_mFFkCob6un3LdK1k41_AsMOxVJ1spYb76ffXII0JaoLrE00WHaAu7xdGoKiUeeMCnGRyFgnEiyea5UJ1MijYC7O6x2bH2VBVi0Zvts_jQvTeAYXOvCcipfTuqIoTJIfOQrRNRdwbVxW9ojA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:38 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3102132
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
739 B 523ms
135ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.pua-unemployment-login.com&l1=5681&l2=pua-unemployment-login.com&l3=DE&l4=desktop&l5=5.742&cb=0.12228525304956661
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.742/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:37:39 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.pua-unemployment-login.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 44ms
44ms Image
image/svg+xml 2.22.33.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.33.149 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-33-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1651391295.775433"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 09 Jun 2022 20:37:39 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 401ms
102ms Fetch
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=d07ef5000cf3d78f224488353e267e3c_122703_1652215059277&tm=670&eT=0&widgetWidth=324&widgetHeight=33&widgetX=1055&widgetY=899&wRV=2000718&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=329&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
X-TraceId: a55ef66f6de0fa5960258449cda853e9
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000718/module/ 37 KB
14 KB 52ms
52ms Script
application/x-javascript 2.22.33.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.33.149 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-33-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f8aadd68eb9c6abebf719b41cefb6466283be19d3154c9e51f38f0bac1bb7b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 08:06:56 GMT
server: AkamaiNetStorage
etag: "33b936cbf673d430f7f9f967c3a4310d:1652176804.781598"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13600
expires: Wed, 11 May 2022 00:37:39 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 12 KB
12 KB 44ms
44ms Image
image/svg+xml 2.22.33.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.33.149 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-33-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "65df986ae65cffdf92a926e7c42a25a8:1651391311.776385"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 12268
expires: Thu, 09 Jun 2022 20:37:39 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 23E0 12 KB
6 KB 39ms
38ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 23E0 7 KB
7 KB 230ms
51ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=OoHbAbMjs34limBOASsMBFuJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29478960
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7142
expires: Mon, 17 Apr 2023 01:13:39 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 23E0 0
127 B 318ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=O4N1aXDPO5gxJOppCvGLTDGf0ZEb0rEgfRaiWk6G0n2O8ZX31YlBw7kGTU3SKzyQ84rLPLkgvNeMvBWV9sOiaHTMxhO3WHcHIzyltg-OaPzVOmHHr35gwH9PTLy9jKbpkFhp2Su5XnbLCXKXLzJubPnPky1iwLL_hpXfQ8U54rJ7wr7y7lt6iFzVkkSX8_sV70VI-0DrGkfs3waoj08VUdnsBmtmYJ_3KRTyG0QLIu4Ulw5N1kj12u_TmJ1gOwTLa8ePBQ&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:37:38 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 23E0 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 23E0 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C1EF 12 KB
6 KB 40ms
40ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C1EF 18 KB
18 KB 230ms
79ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=92&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=668&s=zZ9XXdLqBPrx8VhOI0CLOKLn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

63fcc9fc6cf4e04b4c3190ae61fbdd2540d37d73ea1d665a4ffd6d7324847a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30024269
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 18609
expires: Sun, 23 Apr 2023 08:42:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C1EF 0
127 B 291ms
28ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=OhWPNHDPO5gxJOpp3Ax4Ua-LboF0G9R7FNjvS13vpGSb9_j0qZoSInXcXNM5iQIU7k338lIHLEwOSSmXeA4IMoPkX6NilWBKHaEZQbhYxzM81-OMKillLdt5Dh2houmAhZX_stUeMo8iy_9FrrpqEcRvxnHVgmgqOOxOB9fH3DpT0ip2ODkM-J8K8AmMIZnw8TDRY7z-ZUmsz6LfDcxOXjaiddixrBR86LBRiduwLgJVYUbT1XnoTUmx2k948_JupXIgyA&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:37:39 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C1EF 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C1EF 2 KB
1 KB 44ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:37:39 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 102ms
101ms Fetch
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d07ef5000cf3d78f224488353e267e3c&pvId=d07ef5000cf3d78f224488353e267e3c&sid=8537982&pid=122703&idx=0&wId=834&pad=0&org=0&tm=759&eT=3&cnsnt=no_consent&wRV=2000718&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:37:39 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 45b31fd81bec6af04f98d54713851308
Content-Length: 4
Expires: 0

GET
H2 200 /
track.adform.net/jsmetrics/ Frame C023 43 B
208 B 32ms
32ms Image
image/gif 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?adfserve=129&asset=229&sid=276&rid=10633&cid=2383

Requested by

Host: d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
URL: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Thu, 11 Apr 2019 08:33:12 GMT
server: nginx
etag: "5caefbc8-2b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame C023 90 KB
39 KB 61ms
61ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5d7d1539a987f98302973ede727da3e6044d7c2c9b827d2f01e8ebb6cef18756

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 11 May 2022 23:25:35 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 17 KB
6 KB 446ms
426ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%27.get_permalink().%27&settings=true&recs=true&widgetJSId=GS_6&key=NANOWDGT01&version=2000718&apv=false&sig=szi9gL1o&format=html&rand=75564&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZDA3ZWY1MDAwY2YzZDc4ZjIyNDQ4ODM1M2UyNjdlM2M=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11520-0&layeredTestInfo=11520-0-&dpr=1&cw=324&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c1da4965db00a6b3297a62e991cd146b6b5441cb973983e7f705310de2239059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1652215060.585322,VS0,VE405
accept-ranges: bytes
x-served-by: cache-lga21977-LGA, cache-hhn4058-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: f393af7975a49b2f4b57d656041a0ae8
content-encoding: gzip
content-length: 6001
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame C023 35 B
502 B 32ms
32ms Ping
image/gif 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=54958152&csi=0wL7pmCrVljnE5X-VKZ2IfIiQ07t8vblN8MgIP9rijLrygPkIxxfk1mX8JXCdeIxHuHR9Dc-DyxSOj2XjtopumQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:39 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 11213523.js Show response
s1.adform.net/Banners/Elements/Files/33029/11213523/ Frame 3913 4 KB
2 KB 40ms
40ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/11213523.js?ADFassetID=11213523&bv=258

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

57bc62415bf9ea84cbbc1a8df11b217821ce18fa3622ccc948717a0fb305ce2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 07:22:02 GMT
server: nginx
etag: W/"626b921a-ff1"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 3913 30 KB
13 KB 46ms
45ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:38 GMT
server: nginx
etag: W/"609e6e9a-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 3913 236 KB
63 KB 130ms
44ms Script
text/javascript 2a02:26f0:ef::5c7b:c2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 10 May 2022 20:52:39 GMT

GET
H2 200 300-600-pegas-2022.js Show response
s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/ Frame 3913 18 KB
5 KB 48ms
48ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/300-600-pegas-2022.js?1650621381292

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

774c4f380cb7d19df646efc8077d755b2b58434d740de30fd5be51be1fc839d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 07:22:02 GMT
server: nginx
etag: W/"626b921a-46d6"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 bg.jpg
s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/ Frame 3913 10 KB
10 KB 45ms
45ms Image
image/jpeg 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/bg.jpg?1650876643926

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f49cd336dc4b247c64f8e9d3eac88801fdd9a52ffbea1a3976d519d25278d437

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Fri, 29 Apr 2022 07:22:03 GMT
server: nginx
etag: "626b921b-2770"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 10096

GET
H2 200 lednak_1.png
s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/ Frame 3913 22 KB
22 KB 49ms
49ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/lednak_1.png?1650876643926

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

77c2cdbf6c593c72091c97ba2d4032e7e1b8b46a732484eea6dcbff5049a337f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Fri, 29 Apr 2022 07:22:02 GMT
server: nginx
etag: "626b921a-5877"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 22647

GET
H2 200 lednak_2.png
s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/ Frame 3913 20 KB
20 KB 48ms
48ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/lednak_2.png?1650876643926

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fdc0512d5203e758edebfbd19570c298f7c2dd8ee24d65f761904859ded82905

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:39 GMT
last-modified: Fri, 29 Apr 2022 07:22:02 GMT
server: nginx
etag: "626b921a-506e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 20590

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000718/module/ 503 B
812 B 49ms
49ms Script
application/x-javascript 2.22.33.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000718/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.33.149 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-33-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e442afceada3ad856d11b90bcc9ccfa5ee84182e6fa2125e5656ab00221f3f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:40 GMT
last-modified: Tue, 10 May 2022 08:06:56 GMT
server: AkamaiNetStorage
etag: "d26ce1388f9514ff5e64d329df699a87:1652176799.408778"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Wed, 11 May 2022 00:37:40 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 102ms
102ms Fetch
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=d1ebcfc36ded1cdc7348b15d08d9d1d0_122703_1652215059948&tm=1260&eT=0&widgetWidth=324&widgetHeight=342&widgetX=1055&widgetY=944&wRV=2000718&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=449&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:37:40 GMT
content-encoding: gzip
X-TraceId: 711f92db19ca73b28a3c6fbe2b87e312
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 109ms
32ms Script
text/javascript 108.157.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-52.dus51.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:34:14 GMT
content-encoding: gzip
server: Caddy
age: 11006
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: DUS51-P2
content-length: 18458
x-amz-cf-id: t7z6vI89BOsbL1bdwu0jg1SJLlT4unJfc4s-cGYR98671MUG8V_uBg==
expires: Wed, 11 May 2022 05:34:14 GMT

GET
H2 200 eyJpdSI6IjFlNGM4ZjNiNTUwNTgwYTZjMjg3NjM5N2ZmMDc4YzBmOGRkYWUwNWE5MTY4ZmQ1MTM4NzM5Y2U2MWU4Mzc5YWUiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjaCI6NDk0NTk1NTU1LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 28 KB
28 KB 146ms
30ms Image
image/webp 184.87.213.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFlNGM4ZjNiNTUwNTgwYTZjMjg3NjM5N2ZmMDc4YzBmOGRkYWUwNWE5MTY4ZmQ1MTM4NzM5Y2U2MWU4Mzc5YWUiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjaCI6NDk0NTk1NTU1LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.205 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8eb16c0eab583526e5aceef87b6fdd3f9d7074a1902bc09a9c7492fbd07c8117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:40 GMT
cache-control: max-age=341783
last-modified: Mon, 11 Apr 2022 16:29:17 GMT
x-traceid: 77ca6604dbb008f5bcc82d3038a05539
timing-allow-origin: *
content-length: 28502
content-type: image/webp

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 5 KB
2 KB 182ms
182ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%27.get_permalink().%27&settings=true&recs=true&widgetJSId=GS_6&key=NANOWDGT01&version=2000718&apv=false&sig=szi9gL1o&format=html&rand=62180&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZDA3ZWY1MDAwY2YzZDc4ZjIyNDQ4ODM1M2UyNjdlM2M=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=1&fAB=11520-0&layeredTestInfo=11520-0-&clid=03b0d0e9-26ca-be42-8c0b-70f0029f1c63&fdu=www.pua-unemployment-login.com&dpr=1&cw=324&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 170dbb36f10b1f915b867a02f5a5ccf71e662f6bb4bc9dd46d91399e9eaea9a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:40 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1652215060.028053,VS0,VE161
accept-ranges: bytes
x-served-by: cache-lga13624-LGA, cache-hhn4058-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: daf02ce77ff6ff7b1a7c2898bb2261c4
content-encoding: gzip
content-length: 2166
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 103ms
103ms Fetch
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d1ebcfc36ded1cdc7348b15d08d9d1d0&pvId=d07ef5000cf3d78f224488353e267e3c&sid=8537982&pid=122703&idx=1&wId=1515&pad=1&org=0&tm=1271&eT=3&cnsnt=no_consent&wRV=2000718&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:37:40 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b7d2a0e8a9fc03cf76899db837c70394
Content-Length: 4
Expires: 0

GET
H2 200 logopegas.png
s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/ Frame 3913 9 KB
9 KB 44ms
43ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/logopegas.png?1650876643926

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a73687d6961d99b66c38fc326544aa745d73acaf4f13e500934fdcf17fa89420

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:40 GMT
last-modified: Fri, 29 Apr 2022 07:22:02 GMT
server: nginx
etag: "626b921a-24a6"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 9382

GET
H2 200 logosmetana.png
s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/ Frame 3913 13 KB
13 KB 49ms
49ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/logosmetana.png?1650876643926

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

09cb1f5a8a219adeca6a5b873fea6e1c3fd82281a33617da7b29020987cf25a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:40 GMT
last-modified: Fri, 29 Apr 2022 07:22:03 GMT
server: nginx
etag: "626b921b-3487"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 13447

GET
H2 200 logozabka_.png
s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/ Frame 3913 7 KB
7 KB 44ms
42ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/logozabka_.png?1650876643926

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

42fe1fb659e442a8ecde088b8deb881c9e0f7911bd0747e7d662e8df107f80bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:40 GMT
last-modified: Fri, 29 Apr 2022 07:22:02 GMT
server: nginx
etag: "626b921a-1bf1"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 7153

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E1B 42 B
497 B 117ms
56ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpD4YY0vPS6inpvwXb5WpfNbwPB6yhStREKr9qRVSB9UZsCoPqMQm-hAY9_xM-8mSlsePPKq4KyJzYhpe6SGbC&sig=Cg0ArKJSzPzdUTjSMrXDEAE&id=lidar2&mcvt=1002&p=485,1052,765,1388&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=574321577&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652215058852&rpt=273&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 2 KB
2 KB 364ms
115ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=74182207660808860267960145800605640112225877696069725821197054127251&nc=0&tsf=0&tsfmi=&pv=0&cb=1652215060242&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1738489652&at=&bid=e30%3D&di=W1siZWYiLDgxMDJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyKVwi%0D%0ALFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJv%0D%0AbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixc%0D%0AImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MTQsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0%0D%0AIHdlYmdsXCIsXCJzZWZcIjoxMDUxNjk0MDg5LFwic2VjXCI6XCJcIn0iXSxbLTEsIi0iXSxbLTIs%0D%0AIjksZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhKTDg2TDIzQUNHVWhCSXdJU1NF%0D%0ARUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4NzB1eHFGeCJdLFstMywiW1wi%0D%0AaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlc%0D%0AIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3%0D%0AXCI6W1wiMFwiLFwiY2hyb21lXCIsXCJhbGxvd2VkXCIsXCJibG9ja2VkTGlzdFwiLFwiaVwiLFwi%0D%0AZm9yZW1lZGlhX2ZyYW1lXCIsXCJmb3Jlc2hvcE1lZGlhRHluYW1pY1RhZ1wiLFwiZWxlbWVudFwi%0D%0ALFwiZlwiLFwiX2NyZWF0ZUNsYXNzXCIsXCJfY2xhc3NDYWxsQ2hlY2tcIixcIlJvY2tldEJyb3dz%0D%0AZXJDb21wYXRpYmlsaXR5Q2hlY2tlclwiLFwiUm9ja2V0UHJlbG9hZExpbmtzQ29uZmlnXCIsXCJm%0D%0Ab3Jlc2hvcE1lZGlhRHluYW1pY1RhZzFcIixcImZvcmVzaG9wTWVkaWFEeW5hbWljVGFnMlwiLFwi%0D%0AZm9yZXNob3BNZWRpYUR5bmFtaWNUYWczXCIsXCJmb3JtZWRpYUFkT2JqZWN0XCIsXCJndGFnXCIs%0D%0AXCJkYXRhTGF5ZXJcIixcImludGVyc3RpdGlhbFNsb3RcIixcInN0YXRpY1Nsb3RcIixcImdvb2ds%0D%0AZXRhZ1wiLFwieW1cIixcImFkVGFnc1wiLFwic2NyZWVuUmVhZGVyVGV4dFwiLFwiR0FfSURcIixc%0D%0AImxhenlMb2FkT3B0aW9uc1wiLFwibGF6eUxvYWRUaHVtYlwiLFwibGF6eUxvYWRZb3V0dWJlSWZy%0D%0AYW1lXCIsXCJMYXp5TG9hZFwiLFwiaW1hZ2VzXCIsXCJpc19pbWFnZVwiLFwiaWZyYW1lc1wiLFwi%0D%0AaXNfaWZyYW1lXCIsXCJyb2NrZXRfbGF6eVwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJnb29n%0D%0AbGVfdGFnX2RhdGFcIixcIkdvb2dsZUFuYWx5dGljc09iamVjdFwiLFwiZ2FcIixcIiRcIixcImpR%0D%0AdWVyeVwiLFwiZ29vZ19wdnNpZFwiLFwiZ2dlYWNcIixcImdvb2dsZV9qc19yZXBvcnRpbmdfcXVl%0D%0AdWVcIixcImdhR2xvYmFsXCIsXCJvbllvdVR1YmVJZnJhbWVBUElSZWFkeVwiLFwiZ2FwbHVnaW5z%0D%0AXCIsXCJnYURhdGFcIixcImdvb2dsZV9tZWFzdXJlX2pzX3RpbWluZ1wiLFwiZ29vZ2xlX3JlYWN0%0D%0AaXZlX2Fkc19nbG9iYWxfc3RhdGVcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04%0D%0ALCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRp%0D%0AdGxlXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMTMyMDc1NDcx%0D%0ANjk4MTEzMn0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0i%0D%0AXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2%0D%0AMDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI1OTkyMzI5MTAu%0D%0AMTY1MjIxNTA1OCJdLFstMjEsInN6aTlnTDFvIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMs%0D%0AIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6NDc0MDAwMDAsXCJ1amhz%0D%0AXCI6MzMxMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixu%0D%0AdWxsXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAs%0D%0AMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIs%0D%0AIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjUyMjE1MDYwMjIzLDBdIl0sWy0zNiwi%0D%0AW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDAs%0D%0AMCwxLDAsMTEsMTg2LDc1Nyw0MDcsMCwxMzM5LjMsMTMzOS4zLDM2NzksMzY4MCJdLFstMzksIltc%0D%0AIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVs%0D%0AbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQy%0D%0AOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUi%0D%0AXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29y%0D%0AeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDgxXV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A1055%2C%22y%22%3A919%2C%22w%22%3A324%2C%22h%22%3A440%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=sMRmeH5rLf&sdd=%7B%7D&pto=3699
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d80712ee2b669dbb1ad6c5849745b37b83c7a53db21e85ffe1879940e09352cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:40 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1488
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 380A 42 B
108 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmLXKzSVzElQ7L-pyMKVJcSjTVfP5nzX8nDF94MwoAIlBm5u8-QEDv_2I1VYOVLRNIH-7LSSovdYruEutODTHh&sig=Cg0ArKJSzJ5v80ozoFX0EAE&id=lidar2&mcvt=1091&p=1079,436,1169,1164&mtos=1091,1091,1091,1091,1091&tos=1091,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=201602981&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652215058842&rpt=308&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_prima_gold.png
s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/ Frame 3913 3 KB
4 KB 45ms
45ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/33029/11213523/bvpath_258/images/logo_prima_gold.png?1650876643926

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e011a8a52c19a824ce9e0561671077f379b531ff09764d987ee66fba7575e56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:40 GMT
last-modified: Fri, 29 Apr 2022 07:22:03 GMT
server: nginx
etag: "626b921b-d05"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3333

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 103ms
103ms Fetch
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=27c617781aff2f6ee781cb27ea834d8b&pvId=d07ef5000cf3d78f224488353e267e3c&sid=8537982&pid=122703&idx=2&wId=1515&pad=0&org=0&tm=1505&eT=0&cnsnt=no_consent&widgetWidth=324&widgetHeight=0&widgetX=1055&widgetY=1309&wRV=2000718&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=235&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:37:40 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 0aa10baff8de2d4a1ac66bc337c0bb7d
Content-Length: 4
Expires: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 23E0 0
127 B 28ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:37:40 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame C1EF 0
127 B 28ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:37:40 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 107ms
107ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136fecc534ef478c9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d75062f578aee6d7e3474fbd498cbd38e820d861c151d7542aa67b57ff1e4f5129cc5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1908f77f6ba195157ae8dceb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f82d6eaf287efb64d2df27cb1eaf32f5933bbd661c5b743e7464707de5f5a8c82d1888fbc9227c32c90c6f5ae53df5f5b1aa35e64c7c59714768bbe70af02e4c0199623f92f134b50cd61ec598dc1aa2eefd66a9c5ca9cfcbcb69ce010478e84b5841694a31d0a064bb57dac19c2ba29273b29e21df89e5b27c82bfaa526c7585a91004ddb0490251baacf233f579c5b44ee5e332a03efc239f38d708d4a835db1925e2b291633723630229174111aae09071d402b35953402ffca852dc9e1810e3bedfb8d170d0bef6f6948cdae3575d6ee94d87aa4b2bd2516f1fcb711e242eb02eed054687b5853ad437c52fcfe96998a41fda3b1d2b204f&cb=1652215060639&cri=sMRmeH5rLf
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:40 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 88ms
42ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b785e8352a2e001b741721fef5de99ffd82a1fa82b6a5f4a325493cc2e831a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10719
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 80ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:37:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9B88 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:08 GMT
expires: Wed, 10 May 2023 20:37:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B123 783 B
533 B 77ms
33ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

12fbe4394afff79e0d070e02554bb2fddb513f10c43b77f2cdbb682f087cc041

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dKygwmzrZooLhNv7LbaQDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-dKygwmzrZooLhNv7LbaQDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:37:40 GMT
expires: Tue, 10 May 2022 20:37:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B88 35 KB
13 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 09 May 2022 17:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13472
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 May 2023 17:58:22 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9B88 0
9 B 19ms
19ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-jt4UA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:37:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B123 0
0 68ms
68ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050501&jk=1855880218855876&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
145 B 342ms
58ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=1&wv-hit=273302223&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&rn=14829625&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652215061%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510203741%3Au%3A1652215058347808380%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215061&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:41 GMT
last-modified: Tue, 10-May-2022 20:37:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:37:41 GMT

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
110 B 60ms
60ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=1&wv-hit=273302223&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&rn=1044737350&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1652215062%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510203741%3Au%3A1652215058347808380%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215062&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:41 GMT
last-modified: Tue, 10-May-2022 20:37:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:37:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
71ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050501&jk=1855880218855876&bg=!7-yl7KjNAAZX5TVhd-U7ACkAdvg8WpKmRXlF9Yyk9oTUjzA_dEKV4sdm7NIl1jhla9DCxKXwOF6mrgIAAABJUgAAAAFoAQeZAsJFVuY5NmK47UBIy8wp1LjmQf9kPuqLqXF5nNrUk7DVwpHNmmXoETVwtjuFDrUi4yeHBEFTptZoauF9K322CAmaRpm6tAwQrk4oz0DnGrLxhesk_GFEYrEmLLjubTiJ0_SQPnJGs7X1m8nCKs9FmKcZc06JsUEmAeC7wr2GTzFS90bSsdyoW4wEwiD_PGNdWTa4ZkVQoALZJx4zsKUSQ-RFFW8HfnewoompmlYyl5J9DFqo_UWNA0ZIILY-o2JP9X7EsQQ6UKenzB3BcCN4xYlaZGM3sOKniSAqARCKSC-Pxpu3aQw4Jf9O4b0v-v2Vu6JFEQkQUfYpAuUuBS-27-twBgjrlcesSWXYsRGK9TtllE0_1JGJi4GLvtX4W39uWUkvA4yCI37FwdHvXSTXgfMRJsF8ts84O7vfzIBLxIDX-Q7PlXKSDZnLGFU2V15Mck_7KMRXuhenHHIow5HmiVSYkR9pcsbWIfRTGt-bfwJVGyqyuMJE02mF9MPhNLJP8asw-hctlivQ1AEtwZ7N9NCwiQ3pzJ5jmY1-HAl_-01YeRf1Pvdkkb1WuNCf3wSGY1Naigyjmm_s-w6HPV37Fg052rlg5Uti_fGM7IcbRaV0takLeGaAZEIoxfMpLgSdhNRwVUDi9RxEfsHAVbu861gWp5wz_MIB7LULSRmVmUGfj-8-oywhD0MFBgqVvH4blytS0j36HuZpYP_BkVO37HihE3nxk4LTgzqqygl6QGbZuYH45PPXuk15nV__I_KwI66LAh0wxHE_xXy8KRRaNbP2EZz0UUoN_m3H1hgZEyX8Qp60F39b_m1_AgCPr9n5-p01SfjCb0WWt62MUnKoyWs2qpQ1Mmb2uPz5_Kx4lc8Wf97gu_TIjpfF14wa07fdy7hAyWUroDH6exxIbVR3KduBUK8u80EW-othV6SwLIqO_eet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
325 B 409ms
104ms Ping
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:37:42 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e79727e17687d86c9bf7e90d7897df87
Content-Length: 4
Expires: 0

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
205 B 66ms
65ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=2&wv-hit=273302223&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&rn=216814437&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652215063%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510203742%3Au%3A1652215058347808380%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215063&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:37:42 GMT
last-modified: Tue, 10-May-2022 20:37:42 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:37:42 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pua-unemployment-login.com/	1970-01-20 20:28:07	Name: _ga_2X191KKTRE Value: GS1.1.1652215058.1.0.1652215058.0
.pua-unemployment-login.com/	1970-01-20 20:28:07	Name: _ga Value: GA1.2.599232910.1652215058
.pua-unemployment-login.com/	1970-01-20 02:58:21	Name: _gid Value: GA1.2.93164937.1652215058
.pua-unemployment-login.com/	1970-01-20 02:56:55	Name: _gat_gtag_UA_182103897_1 Value: 1
.yandex.ru/	1970-01-20 11:42:31	Name: yandexuid Value: 3352688291652215058
.yandex.ru/	1970-01-20 11:42:31	Name: yuidss Value: 3352688291652215058
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2560557141652215058
.yandex.ru/	1970-01-23 18:32:55	Name: i Value: Vn6wZIpYRANhgRcxXE4a8LOPKIQrOT5y7GDOCoGCmCuy2oQAf6AuoV10AKFelsOuijKFZIZXZLCzPZ9wnaM5XwvsnyA=
.yandex.ru/	1970-01-20 11:42:31	Name: ymex Value: 1683751058.yrts.1652215058#1683751058.yrtsi.1652215058
.pua-unemployment-login.com/	1970-01-20 11:42:31	Name: _ym_uid Value: 1652215058347808380
.pua-unemployment-login.com/	1970-01-20 11:42:31	Name: _ym_d Value: 1652215058
.mc.yandex.com/	1970-01-20 02:56:55	Name: sync_cookie_csrf Value: 1739703368fake
.pua-unemployment-login.com/	1970-01-20 02:58:07	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 02:56:55	Name: sync_cookie_csrf Value: 1216890516fake
.yandex.com/	1970-01-20 11:42:31	Name: yandexuid Value: 3352688291652215058
.yandex.com/	1970-01-20 11:42:31	Name: yuidss Value: 3352688291652215058
.mc.yandex.com/	1970-01-20 02:58:21	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1534149151652215058
.yandex.com/	1970-01-23 18:32:55	Name: i Value: oOsaorLS9ZTWtJBabQ4aGhr/FXzq1400quJ2WPiPR0dCWRE9u2+URRMQMY4VnW3AkoTu3I837nalg1HZ2qPgnpFzylM=
.yandex.com/	1970-01-20 11:42:31	Name: ymex Value: 1683751058.yrts.1652215058#1683751058.yrtsi.1652215058
.pua-unemployment-login.com/	1970-01-20 02:56:56	Name: _ym_visorc Value: w
.pua-unemployment-login.com/	1970-01-20 12:18:31	Name: __gads Value: ID=0a773e2c5f09db37-22580a1992cd0037:T=1652215058:S=ALNI_MaTw2_fm3v8ymNgWSyEqZad081D1w
.adform.net/	1970-01-20 03:41:33	Name: C Value: 1
.doubleclick.net/	1970-01-20 12:18:31	Name: IDE Value: AHWqTUmZ69DUDP-CwVyZpj2OAtftf-__hGfjYT8DGA-k5GpfG7Txq8QDMEbpDcjlKbA
.adform.net/	1970-01-20 04:23:19	Name: uid Value: 7116297252054265309
.adform.net/	1970-01-20 03:06:59	Name: TPC Value: 1652215059385
data.ad-score.com/	1970-01-21 22:46:19	Name: token Value: nNxhgtLRLmgBw-m78d-rmObQCrxGLNgD

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.pua-unemployment-login.com/ohio Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cnt.trvdp.com
code.createjs.com
csm.eu.criteo.net
d4955e2030125d88aaad3a9beaa1ef44.safeframe.googlesyndication.com
data.ad-score.com
fonts.googleapis.com
go.trvdp.com
images.outbrainimg.com
ipds.adrta.com
log.outbrainimg.com
mc.yandex.com
mc.yandex.ru
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pagead2.googlesyndication.com
pix.eu.criteo.net
platform.foremedia.net
rtb.nl.eu.criteo.com
s.trvdp.com
s1.adform.net
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static.criteo.net
stg.truvidplayer.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
track.adform.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pua-unemployment-login.com
108.157.4.52
108.157.4.90
130.211.115.4
142.250.74.194
151.101.114.132
174.129.16.30
178.250.0.160
178.250.2.135
178.250.2.150
184.87.213.205
2.22.33.149
2600:1f18:26d4:7e04:a495:bd3b:3647:1ec1
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2127:9600:1e:a43d:b640:93a1
2600:9000:214f:4800:3:7e1c:5b40:93a1
2600:9000:2156:1e00:1e:6a6f:9700:93a1
2600:9000:225f:1200:d:3c0f:bcc0:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a02:26f0:ef::5c7b:c2a1
2a02:6b8::1:119
2a06:98c1:3120::a
37.157.2.248
37.157.6.242
70.42.32.31
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
04e1f5f3bcc04d296fa4bd24e268a974667ea40eaaeacd747b0865b4595d33ea
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09cb1f5a8a219adeca6a5b873fea6e1c3fd82281a33617da7b29020987cf25a2
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09
0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e
12fbe4394afff79e0d070e02554bb2fddb513f10c43b77f2cdbb682f087cc041
170dbb36f10b1f915b867a02f5a5ccf71e662f6bb4bc9dd46d91399e9eaea9a1
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
32bab4915c2794e770c2efc2a08bbd1399e17a116fcdfb041fcdd8ca9ef424e9
3616341a626ff768304cda8ac64aca4a6552ee71d542f2f5db100605ec798548
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
41541470dcd51cbfe35710b989773f4cb8e7703f863766c47a4b412108ee08cf
4257ae7fef496cc1b81dd5e2fab57e8c938400c10b11566bf3a7fe41ff622f5b
42fe1fb659e442a8ecde088b8deb881c9e0f7911bd0747e7d662e8df107f80bc
4948f3b292cfc7a18cddfa3b4520917c9441680feef4b8266d29219b6de87476
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511dfce7c1f8030304d0d886e6f4a408a84e76c4a8ca8a1ca1a3414dcaf54dd2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
57bc62415bf9ea84cbbc1a8df11b217821ce18fa3622ccc948717a0fb305ce2d
5b785e8352a2e001b741721fef5de99ffd82a1fa82b6a5f4a325493cc2e831a2
5ce78ae6cc6f5a47d2f4dfa7182c7112adcf159826b81d1724ec4d5e0e1adb80
5d7d1539a987f98302973ede727da3e6044d7c2c9b827d2f01e8ebb6cef18756
5e781551b26f8fdaaa828b555b92cf515e8a481a92ea4f544c25a982e7b9f75b
60d0bdebd607dd365b347391a4803f1fbafd132d73f3b959a69c762cce4c1653
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
63fcc9fc6cf4e04b4c3190ae61fbdd2540d37d73ea1d665a4ffd6d7324847a04
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73a9eaebd1e51360e20a453fd080f7dc7ce220eb009c50c3337b41cf1b0db975
73c1aea897e8cab316b35982aedaf5471a82db36bfc5c9dc498fda6ca395d284
774c4f380cb7d19df646efc8077d755b2b58434d740de30fd5be51be1fc839d3
77c2cdbf6c593c72091c97ba2d4032e7e1b8b46a732484eea6dcbff5049a337f
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8dadd7fce256c34df27a78ae5ea520426e5b17e1843083ad31423dbe4d2d3d36
8eb16c0eab583526e5aceef87b6fdd3f9d7074a1902bc09a9c7492fbd07c8117
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
926ec2b77636aee554d9f5515f6522825dac771f3e4f9e011cba46d5decf322e
930eb3f887b0f657812c12b21e1648e6955384adedca8aacab2855ed1d0b1acb
93fbf26c7da3d17b1d602ee05d91d63af89666e1c7df99fa9ea7656973102c9d
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
9d3a4411f186523148f4e4703a96f2259ee672b7b6133abe7953f243f571d7a2
a048be9df8723108966307b161c3489ebd0f16c06b2befada7857425bdea3db4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73687d6961d99b66c38fc326544aa745d73acaf4f13e500934fdcf17fa89420
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8da945d44fd2a251a72b10d1205a8f34ecc48b015c320822a6ec781a8d13077
b0e57e4adf565605936e6970da52f6813df6ca71c08c3a27e5ff5ac4a6e63146
b0f5a0cc806846ed2f58fbb2740c4c7ef9ad190e401368493c1442b7dcc9eecd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39349eebb957b335ca10b8c2b561e02fb2312c5d5f7429db47901c567262737
b4ae55eaf1a6ad0b0e57074a1699c9024be2fcff537128e887ca3b8db516d489
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b9b69a3dd2271ada2d50dfe7bfaea402e8ae9d830cd245e34fac2437ca33158d
babb18965e9ca0d1953890df5b83fd4d714854b55e5af46dbec4bf768ab534c6
bc7efc48e5c37e8d392a52637dbdacc1b81c7ba29c8f10cd5a0ddb3cdd3fb180
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c1da4965db00a6b3297a62e991cd146b6b5441cb973983e7f705310de2239059
c438177875f2623a1d17bf5ba633914aaca696b052d403c7c949848164da616f
c4c85ed7df11b6e808802baa56fe5f5d4edf3fa3fa4b141a0907e41be4b7be79
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cccceafbf83aec903f0974b23f6c94fac56cebb332adc6d7fb48f4d957ff6329
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0
d1bae6ec107ade4ece859c8bf1bb73b274c731c230eb376f112cbc68873cafda
d4c0e2ad4dd273917ad642ae882a0f486a9563313287be961d1bc4201c04a09a
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
d5ea9fcb2a448ba0c621ea95e22d27827e79c5aabee99a0ccea258665e5f40a2
d637341e9d6d89752d08ae604391544a79e884fcb68c56a617c700b906555b7c
d80712ee2b669dbb1ad6c5849745b37b83c7a53db21e85ffe1879940e09352cb
da524ab3b63b0729cef49c40106e10fe0f23483c0a761355cbbb7ee3742ccc28
daafcea2be239153d008ee199e76693625d34e974bacea85cf393dda0f8da096
dbe6a6b5b64bf6ea1a25fd5aa7c736f971111fa066ba856cde47432d02dc263b
df174ce03e6a22ad812e3301fa1cb4c94bb1c8fc36690e4077a958c4446eabb4
e011a8a52c19a824ce9e0561671077f379b531ff09764d987ee66fba7575e56a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40143e736f525cb284279c368de9f5a44ab9278dba7911c1157d5ec0ba0a810
e423158984ab619843546ee2c2efa472a104c53d2bb7b6ab52cc155b5aa62544
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e442afceada3ad856d11b90bcc9ccfa5ee84182e6fa2125e5656ab00221f3f20
e467b8cb04f6f34bd50fa7f2f15a21d229f4403a8b88b25456219689377819ce
e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753
e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2
e7dc0a0e4d445653b89cc1f805d5e0f4be8ee99567287075bc983e95671f5efe
ecb02060fbb2cd5a6affe0d185aca6d9227a2c2fc53cd7b5be44ca9b95f2cec5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57
f16d8326116bc400f710c0fb751e4c151e84607f53dbc6ef0d7763a874998f3f
f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06
f49cd336dc4b247c64f8e9d3eac88801fdd9a52ffbea1a3976d519d25278d437
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f63c6de989281851ed59dfa1c06a7eecd4ab37f89453a7dd89150a2e1b8be469
f8aadd68eb9c6abebf719b41cefb6466283be19d3154c9e51f38f0bac1bb7b82
fdc0512d5203e758edebfbd19570c298f7c2dd8ee24d65f761904859ded82905

www.pua-unemployment-login.com Open in urlscan Pro 2a06:98c1:3120::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

180 Requests

98 %HTTPS

62 %IPv6

25 Domains

43 Subdomains

37 IPs

6 Countries

1907 kBTransfer

4944 kBSize

27 Cookies

5 Outgoing links

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pua-unemployment-login.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

98 %
HTTPS

62 %
IPv6

25
Domains

43
Subdomains

37
IPs

6
Countries

1907 kB
Transfer

4944 kB
Size

27
Cookies

180 HTTP transactions
4 data transactions