lichen-lekar.bazadanni.com Open in urlscan Pro
2606:4700:3036::ac43:b41f Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lichen-lekar.bazadanni.com/
Submission Tags: falconsandbox
Submission: On August 29 via api (August 29th 2023, 1:30:57 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3036::ac43:b41f, located in United States and belongs to CLOUDFLARENET, US. The main domain is lichen-lekar.bazadanni.com.

This is the only time lichen-lekar.bazadanni.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3036::ac43:b41f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	38.242.215.86 38.242.215.86	51167 (CONTABO) (CONTABO)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
11	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
61	21

3 2606:4700:3036::ac43:b41f (United States)

ASN13335 (CLOUDFLARENET, US)

lichen-lekar.bazadanni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

yui.yahooapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.242.215.86 (United States)

ASN51167 (CONTABO, DE)
PTR: ns2.w3open.com

counter.search.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9904 csm.eu.criteo.net — Cisco Umbrella Rank: 9439	187 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	233 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	19 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9359 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10417 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16830	57 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 2412	21 KB
3	bazadanni.com lichen-lekar.bazadanni.com	12 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	143 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120	603 B
1	search.bg counter.search.bg	500 B
1	gstatic.com www.gstatic.com	14 KB
1	google.bg 1 redirects www.google.bg — Cisco Umbrella Rank: 30654	232 B
1	yahooapis.com yui.yahooapis.com — Cisco Umbrella Rank: 110591	5 KB
61	15

	Domain	Requested by
13	imageproxy.eu.criteo.net	ads.eu.criteo.com
11	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
7	pagead2.googlesyndication.com	lichen-lekar.bazadanni.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	lichen-lekar.bazadanni.com	lichen-lekar.bazadanni.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.google.com	lichen-lekar.bazadanni.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	lichen-lekar.bazadanni.com www.googletagmanager.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	counter.search.bg	lichen-lekar.bazadanni.com
1	www.gstatic.com	lichen-lekar.bazadanni.com
1	www.google.bg	1 redirects
1	yui.yahooapis.com	lichen-lekar.bazadanni.com
61	21

This site contains links to these domains. Also see Links.

Domain
services.nhif.bg
counter.search.bg

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
bazadanni.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://lichen-lekar.bazadanni.com/
Frame ID: 72CB4F6012A21ADC5279A1357B94A30B
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: 3CE16B18F55EB1A0BE6715B74E314A02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=8993069104&adk=3722498027&adf=3747341068&pi=t.ma~as.8993069104&w=1200&fwrn=4&fwrnh=100&lmt=1656069900&rafmt=1&format=1200x280&url=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1693315852290&bpp=9&bdt=332&idt=329&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&correlator=1234312543149&frm=20&pv=2&ga_vid=1911413034.1693315852&ga_sid=1693315853&ga_hid=40921747&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=32&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532315%2C44798934%2C44796632&oid=2&pvsid=432268070941773&tmod=1917277227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qPv7WEfgym&p=http%3A//lichen-lekar.bazadanni.com&dtd=354
Frame ID: 79F4B20AB7CF6F87A387CF2DDBBC5EBD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&adk=1812271804&adf=3025194257&lmt=1656069900&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&dt=1693315852313&bpp=2&bdt=355&idt=338&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=1234312543149&frm=20&pv=1&ga_vid=1911413034.1693315852&ga_sid=1693315853&ga_hid=40921747&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532315%2C44798934%2C44796632&oid=2&pvsid=432268070941773&tmod=1917277227&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=348
Frame ID: 6CEEAD9649298ED22B0364B9E5B049B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3zDAAK8gIIFUAWAAYkDhD1ev_3hsPE9IlzRg&u=%7C0Yh3vJcCXol6gQn41TMI%2BBaMqB4RkXp8h3lAedzIO%2FM%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDr0iKLRfk7W8Ll5wiOVxeiaPNW_l-OWDfW9TmFRswHxvoskcGt80Z-_Nx-j17Ta6tGHrUkdk0gp48br8Fka_zcGYqiNqcm-BOP6vUI-iyO_5kOed4QiuC0tirL3gcOAqeZk31F3p1T6LHDo4MOW0VZXo8T4Eo8VpPNnEAWQQpxLJiAfM0pzsKyi7CjayGCcCzk6BT79X6LdXeOaV0XLzMhJHSHrnTXrPh32YNp_Ku_2KMx6MT_HsPe_5ckRTbYENS0s0YnQEUlzhUVfIof7W2YHx7wiuUe1zvgmcBJhT-ideWLIrHySn6HDnb9lB6-uHJJyBpVo1f5Sla5TIfrT0ykTG0tYKIAOe9L6C-70CcEN61xTFv7u0Vut4NlYSaauw3rsETRuZk43EaCk8CQd3jhDwv16QlG9wxG1RR99SFDZF4tw7CvsH40EctvdaslmxYgieWIeR-aAoxcogWkqeAsJ2xe_EVRtzUjMHYGdx9abxXu-HQqHuuhYNz_n4ChpispfOy1pqTICCgzjyxdLC3P6pjTusQg7zfiAwnf2CKZFaQOoFBApHZ99RMbIWffEWtfjOWQGlXSrNkwD8VhjBjnHeoPerKdyE8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCan9fDPPtZILkK5aA1fAPjsiYyA_JntKxXLWY49aTAcCNtwEQASAAYJWq9YGUB4IBF2NhLXB1Yi01MzEyNzc4MjQ1Njk1MzIwyAEJqQKBioJ5dSOyPqgDAcgDAqoE1QFP0KVsd_oR0qS8FzFn5iegBhcblyP5b8yGcFS1eRKWg8BOUGH8JF88FEUIDTpMVL0Djp2E4wiIn7bDberylpKspNa95lw6kDjwMM7GN_q3Ptut2vZBDeZMcw5ZmWl-lX8E-s_PgSXMiRmt-qpzcuE6_rSTdSMy8k0g4dhGp6CUUW6bcz3MP4W-v8QR4_oM2YHDlGWJzCn9emVivlsizoV_hBUNgxVi_ypj3GF1N9hWaY0Q3JRThLe3io1Bw2hMbx9jvUzuK5jAh-3GKjeLht2JvriV6iuABs_vk57DiYOdiwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0c_yzMZr8k83hvgX89RninRnpq4Q%26client%3Dca-pub-5312778245695320%26adurl%3D
Frame ID: 9A2A6C8A86753235CA484C036CEB2C19
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2CE6E0FBB4DCF618FDB601180B588295
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06F69C3A0387C007464B97B38651131C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Личен лекар » Личен лекар

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+(?:([\d.])+/)?pure(?:-min)?\.css

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/yui/|yui\.yahooapis\.com)

Page Statistics

61
Requests

92 %
HTTPS

90 %
IPv6

15
Domains

21
Subdomains

21
IPs

4
Countries

758 kB
Transfer

1757 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://services.nhif.bg/references/lists/opl.xhtml
Title: Търсене на актуална информация

Search URL Search Domain Scan URL

URL: http://counter.search.bg/cgi-bin/s?_id=llekar
Title: t()

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.google.bg/cse/brand?form=cse-search-box&lang=bg HTTP 301
https://www.gstatic.com/prose/brandjs.js

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lichen-lekar.bazadanni.com/ 6 KB
3 KB 240ms
152ms Document
text/html 2606:4700:3036::ac43:b41f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://lichen-lekar.bazadanni.com/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:b41f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3eb9d16a7350936e3fbdac298238099fa9085a609f71d131425142278abbf3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7fe526a9881a9217-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 29 Aug 2023 13:30:51 GMT
Last-Modified: Fri, 24 Jun 2022 13:25:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDcZ%2BLyzWTg8te6C2C9MqAs2oq8JuWANUGlVj1GWZn3MkAuCsajGEkA5u%2B0Z6Kmfpi6zLYoJneuaod%2FFE%2Fw%2BWH19s09uxpBANg325q0XHVN8ZoBPK3BD6qbc44WiycrinpEPNkBeT1r6jxg1HjFARbuvoaf4n%2F8gIw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Vz2Zw9+v+PYPsoo/Vpn+Wa+NvrQBwvbC5LUMUkcGDjfZ+cKSRV8e69GyHcm0gW98nCSGlOZPQA0=
x-amz-meta-s3cmd-attrs: atime:1656076388/ctime:1656076427/gid:1000/gname:aquilax/md5:cb436d83f9ac4cc549d2a79f3c5002a4/mode:33204/mtime:1656076427/uid:1000/uname:aquilax
x-amz-request-id: Q693ZV51RG2FV70W

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 152ms
55ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115818-39

Requested by

Host: lichen-lekar.bazadanni.com
URL: http://lichen-lekar.bazadanni.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

132dd3f974299d2195048dff4247cc1415be0f8004f8717c5c1a754c2c585cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66501
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Aug 2023 13:30:52 GMT

GET
H/1.1 200
OK pure-min.css
yui.yahooapis.com/pure/0.4.2/ 19 KB
5 KB 131ms
45ms Stylesheet
text/css 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: http://yui.yahooapis.com/pure/0.4.2/pure-min.css
Requested by: Host: lichen-lekar.bazadanni.com
URL: http://lichen-lekar.bazadanni.com/
Protocol: HTTP/1.1
Server: 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: ATS /
Resource Hash: a0f013abfd2acea3cbd7d0dd9786f12c13bf3db67f7132d491bbc4f2040072ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 23:01:06 GMT
Content-Encoding: gzip
x-amz-meta-created-date: Fri, 14 Feb 2014 02:24:33 GMT
x-amz-request-id: AGKFG4VW5E1NFAQA
Age: 3335388
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
x-amz-meta-x-ysws-mbst-vtime: 1392344673998538
Connection: keep-alive
x-amz-id-2: zKVqIn1QKKNX+vYjt1EJ4p8CoiawqMf9RGuVifTKmdg7ktDznHG9LV/+mYjL8pz8huquXqdT4Jc=
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 06 Mar 2018 22:25:13 GMT
Server: ATS
ETag: "1b1471fce63dd35bf7a02d67f0e4baa1-df"
Vary: Origin, Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mbst-etag: "YM:1:2548c0d0-dbb8-40a0-b1f2-ecb292459cbc0004f25481b2d6ca"
x-amz-meta-x-ysws-access: public
Expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 style.css
lichen-lekar.bazadanni.com/css/ 904 B
1 KB 155ms
49ms Stylesheet
text/css 2606:4700:3036::ac43:b41f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lichen-lekar.bazadanni.com/css/style.css
Requested by: Host: lichen-lekar.bazadanni.com
URL: http://lichen-lekar.bazadanni.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b41f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942411a9f75ec7816c0a5c8bdb6ede55509d48c8647d47f35c0e5349867e8554

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: V3R9MNP4B3JMRRJ0
age: 839
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yD/4j/yT+SQVW8e7I5l9kdX2O1h5W+PdKy19o4PmuQNMX8csaiTdbemn70Oqd+9q9JGTjntux9s=
last-modified: Fri, 10 Dec 2021 05:27:37 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1639114047/ctime:1634698131/gid:1000/gname:aquilax/md5:4e4edc608d78b82b0b6beac2f030ed54/mode:33204/mtime:1511021993/uid:1000/uname:aquilax
etag: W/"4e4edc608d78b82b0b6beac2f030ed54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7CYiD4jrZbbt8crcsIElNhtnP78q4P6N9LVMUxeNlcXusiyWK9gvi75SFV9ATqqpQsIZf8z6HY7n4g0GpInLg26sZUSURsZbX9cSwqLh%2FBlAKkeE8qQlbTlEC38X5XwpV9nV0smVvXfphOrL6EfwNlGtkU4ko4bug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7fe526ab8de61d94-FRA

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.bg/cse/brand?form=cse-search-box&lang=bg
https://www.gstatic.com/prose/brandjs.js

14 KB
14 KB

133ms
39ms

Script
text/javascript

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: lichen-lekar.bazadanni.com
URL: http://lichen-lekar.bazadanni.com/

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 23:49:00 GMT
x-content-type-options: nosniff
age: 49312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13880
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 29 Aug 2023 23:49:00 GMT

Redirect headers

date: Tue, 29 Aug 2023 13:12:27 GMT
x-content-type-options: nosniff
server: sffe
age: 1105
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Tue, 29 Aug 2023 13:42:27 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
53 KB 186ms
143ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lichen-lekar.bazadanni.com
URL: http://lichen-lekar.bazadanni.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32add96c1c18f5497c02b44b253a183d0b80e0edce8e65cd0226fa5475c2b163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 13:30:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54034
X-XSS-Protection: 0
Server: cafe
ETag: 4839699002514902500
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 29 Aug 2023 13:30:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MFQVYJNB21&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115818-39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e603993b179db560c6b55aa70633ab6965f09a5359586344772cd656cd37adc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 13:30:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115818-39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6389
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 29 Aug 2023 13:44:23 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/bg/ 2 KB
2 KB 137ms
41ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/bg/branding.png

Requested by

Host: lichen-lekar.bazadanni.com
URL: http://lichen-lekar.bazadanni.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0376d80e610bd0a1ba54a5f0ca5b10aa57540890f2f1c1ea989bd67752b6f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:18:38 GMT
x-content-type-options: nosniff
age: 65534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1676
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 27 Aug 2024 19:18:38 GMT

GET
H/1.1 200
OK c
counter.search.bg/cgi-bin/ 192 B
500 B 95ms
40ms Image
image/gif 38.242.215.86
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.search.bg/cgi-bin/c?_id=llekar&_z=0&_r=1600&_c=24&_j=N&_t=-120&_k=Y&_l=
Requested by: Host: lichen-lekar.bazadanni.com
URL: http://lichen-lekar.bazadanni.com/
Protocol: HTTP/1.1
Server: 38.242.215.86 , United States, ASN51167 (CONTABO, DE),
Reverse DNS: ns2.w3open.com
Software: logger /
Resource Hash: 168dcd9b03d59ab43b13bcccb78c5dcb6ed6f0f5dbd9b1e2c443cc4ae8191a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 13:30:52 GMT
Server: logger
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 192
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 med.png
lichen-lekar.bazadanni.com/img/ 7 KB
8 KB 51ms
50ms Image
image/png 2606:4700:3036::ac43:b41f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lichen-lekar.bazadanni.com/img/med.png
Requested by: Host: lichen-lekar.bazadanni.com
URL: https://lichen-lekar.bazadanni.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b41f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc055f3c109142403eaacf4f0fd90b600ae61d0bfaeae56a2cdd4330947fd4d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lichen-lekar.bazadanni.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6461XN3QFEKFZ65G
age: 839
alt-svc: h3=":443"; ma=86400
content-length: 7377
x-amz-id-2: ek0LXJnpv6qAdemgcHkw1Fe4e0QcCM0Zbh/Weig1WeXDNxfGuOPXHGU389oKP5TMIE9DIybaiqs=
last-modified: Fri, 10 Dec 2021 05:38:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1639114047/ctime:1634698131/gid:1000/gname:aquilax/md5:b953b9ec4d1d685a7cb2d51a215bf8cc/mode:33204/mtime:1511014739/uid:1000/uname:aquilax
etag: "b953b9ec4d1d685a7cb2d51a215bf8cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRbTAg%2FyBNDPGmrK0mlAEehR1LPnJfqQEzW%2Byew%2BZ3rzUW5eOP9G31dxe%2BTnnTW2wZhBXuDXE5rcJYJsgzPKEzc2v1Pvuj3tW%2BnrBx9gXSoYVsNZRZQ4VKScR%2FCnBetY3ePofrasWdorCxblSadh51p8gxO0VR7n6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fe526acbfe91d94-FRA

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/ 392 KB
132 KB 203ms
112ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5312778245695320&plah=lichen-lekar.bazadanni.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4eaad931bbaa6f83c357d79b3271ce04e2d3aaa819c5cddb1770d98014a7cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134498
x-xss-protection: 0
server: cafe
etag: 6743369336597979389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 13:30:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame 3CE1 10 KB
5 KB 126ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lichen-lekar.bazadanni.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 18:01:26 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 18:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 135ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MFQVYJNB21&gtm=45je38n0&_p=40921747&cid=1911413034.1693315852&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1693315852&sct=1&seg=0&dl=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&dt=%D0%9B%D0%B8%D1%87%D0%B5%D0%BD%20%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%20%C2%BB%20%D0%9B%D0%B8%D1%87%D0%B5%D0%BD%20%D0%BB%D0%B5%D0%BA%D0%B0%D1%80&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MFQVYJNB21&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 13:30:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://lichen-lekar.bazadanni.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
213 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=40921747&t=pageview&_s=1&dl=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&ul=en-us&de=UTF-8&dt=%D0%9B%D0%B8%D1%87%D0%B5%D0%BD%20%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%20%C2%BB%20%D0%9B%D0%B8%D1%87%D0%B5%D0%BD%20%D0%BB%D0%B5%D0%BA%D0%B0%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1410858424&gjid=1085757757&cid=1911413034.1693315852&tid=UA-115818-39&_gid=74697804.1693315852&_r=1&gtm=457e38n0&jsscut=1&z=328047449

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://lichen-lekar.bazadanni.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 13:30:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://lichen-lekar.bazadanni.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
603 B 149ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lichen-lekar.bazadanni.com&callback=_gfp_s_&client=ca-pub-5312778245695320

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5312778245695320&plah=lichen-lekar.bazadanni.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33b8f8ef619a1cba9787ebacb639593fa4b08d1fd0632ae5902dccf0b5e9aada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79F4 34 KB
14 KB 220ms
219ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=8993069104&adk=3722498027&adf=3747341068&pi=t.ma~as.8993069104&w=1200&fwrn=4&fwrnh=100&lmt=1656069900&rafmt=1&format=1200x280&url=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1693315852290&bpp=9&bdt=332&idt=329&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&correlator=1234312543149&frm=20&pv=2&ga_vid=1911413034.1693315852&ga_sid=1693315853&ga_hid=40921747&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=32&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532315%2C44798934%2C44796632&oid=2&pvsid=432268070941773&tmod=1917277227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qPv7WEfgym&p=http%3A//lichen-lekar.bazadanni.com&dtd=354

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48787eedeefc5d059bfdd2c6305b59a308b45e8d73c8de750c5599b0502a4740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lichen-lekar.bazadanni.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14014
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 13:30:52 GMT
expires: Tue, 29 Aug 2023 13:30:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6CEE 0
180 B 64ms
64ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&adk=1812271804&adf=3025194257&lmt=1656069900&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&dt=1693315852313&bpp=2&bdt=355&idt=338&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=1234312543149&frm=20&pv=1&ga_vid=1911413034.1693315852&ga_sid=1693315853&ga_hid=40921747&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532315%2C44798934%2C44796632&oid=2&pvsid=432268070941773&tmod=1917277227&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=348

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lichen-lekar.bazadanni.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 13:30:52 GMT
expires: Tue, 29 Aug 2023 13:30:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9A2A 183 KB
57 KB 277ms
155ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3zDAAK8gIIFUAWAAYkDhD1ev_3hsPE9IlzRg&u=%7C0Yh3vJcCXol6gQn41TMI%2BBaMqB4RkXp8h3lAedzIO%2FM%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDr0iKLRfk7W8Ll5wiOVxeiaPNW_l-OWDfW9TmFRswHxvoskcGt80Z-_Nx-j17Ta6tGHrUkdk0gp48br8Fka_zcGYqiNqcm-BOP6vUI-iyO_5kOed4QiuC0tirL3gcOAqeZk31F3p1T6LHDo4MOW0VZXo8T4Eo8VpPNnEAWQQpxLJiAfM0pzsKyi7CjayGCcCzk6BT79X6LdXeOaV0XLzMhJHSHrnTXrPh32YNp_Ku_2KMx6MT_HsPe_5ckRTbYENS0s0YnQEUlzhUVfIof7W2YHx7wiuUe1zvgmcBJhT-ideWLIrHySn6HDnb9lB6-uHJJyBpVo1f5Sla5TIfrT0ykTG0tYKIAOe9L6C-70CcEN61xTFv7u0Vut4NlYSaauw3rsETRuZk43EaCk8CQd3jhDwv16QlG9wxG1RR99SFDZF4tw7CvsH40EctvdaslmxYgieWIeR-aAoxcogWkqeAsJ2xe_EVRtzUjMHYGdx9abxXu-HQqHuuhYNz_n4ChpispfOy1pqTICCgzjyxdLC3P6pjTusQg7zfiAwnf2CKZFaQOoFBApHZ99RMbIWffEWtfjOWQGlXSrNkwD8VhjBjnHeoPerKdyE8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCan9fDPPtZILkK5aA1fAPjsiYyA_JntKxXLWY49aTAcCNtwEQASAAYJWq9YGUB4IBF2NhLXB1Yi01MzEyNzc4MjQ1Njk1MzIwyAEJqQKBioJ5dSOyPqgDAcgDAqoE1QFP0KVsd_oR0qS8FzFn5iegBhcblyP5b8yGcFS1eRKWg8BOUGH8JF88FEUIDTpMVL0Djp2E4wiIn7bDberylpKspNa95lw6kDjwMM7GN_q3Ptut2vZBDeZMcw5ZmWl-lX8E-s_PgSXMiRmt-qpzcuE6_rSTdSMy8k0g4dhGp6CUUW6bcz3MP4W-v8QR4_oM2YHDlGWJzCn9emVivlsizoV_hBUNgxVi_ypj3GF1N9hWaY0Q3JRThLe3io1Bw2hMbx9jvUzuK5jAh-3GKjeLht2JvriV6iuABs_vk57DiYOdiwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0c_yzMZr8k83hvgX89RninRnpq4Q%26client%3Dca-pub-5312778245695320%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=8993069104&adk=3722498027&adf=3747341068&pi=t.ma~as.8993069104&w=1200&fwrn=4&fwrnh=100&lmt=1656069900&rafmt=1&format=1200x280&url=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1693315852290&bpp=9&bdt=332&idt=329&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&correlator=1234312543149&frm=20&pv=2&ga_vid=1911413034.1693315852&ga_sid=1693315853&ga_hid=40921747&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=32&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532315%2C44798934%2C44796632&oid=2&pvsid=432268070941773&tmod=1917277227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qPv7WEfgym&p=http%3A//lichen-lekar.bazadanni.com&dtd=354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6c2c3eb4e84946ab995624bd9f2062c267e65c9f38bff21bfbeefd4897d41111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 13:30:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=94g-am4AjI_95th7QAVE_zFpsMsjy6Vi09gmZq-XrTkfpZN_Vw1v4RERt2L4NNK0a4KVjoOKdEx3XyOARazm0QHAN2ZODZczfmtfT1oifjg6vcrosdl9V2nGqsDGPWAK8tAusSMZ-pCHs_o99uUSAfjgI8Wv2ZkXq057icGXnjZVzEy8N0tHqOABKQUlV_fPtmXVurs7aRwYIH68Cnpg8_xdQVeZ1D5U4ndmoJv7DwZ8FibYfUoF4-i19oJQzuYs0sPS9A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 91715476
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 79F4 3 KB
1 KB 161ms
60ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:55:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 79F4 20 KB
8 KB 151ms
52ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 13:55:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79F4 181 KB
57 KB 146ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 13:30:53 GMT

GET
DATA 200
OK truncated
/ Frame 79F4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf4c7ef21227a5f933b0905617e99015712e573595bcf2bbe03029ad615abe7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9A2A 2 KB
1 KB 165ms
50ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO3zDAAK8gIIFUAWAAYkDhD1ev_3hsPE9IlzRg&u=%7C0Yh3vJcCXol6gQn41TMI%2BBaMqB4RkXp8h3lAedzIO%2FM%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDr0iKLRfk7W8Ll5wiOVxeiaPNW_l-OWDfW9TmFRswHxvoskcGt80Z-_Nx-j17Ta6tGHrUkdk0gp48br8Fka_zcGYqiNqcm-BOP6vUI-iyO_5kOed4QiuC0tirL3gcOAqeZk31F3p1T6LHDo4MOW0VZXo8T4Eo8VpPNnEAWQQpxLJiAfM0pzsKyi7CjayGCcCzk6BT79X6LdXeOaV0XLzMhJHSHrnTXrPh32YNp_Ku_2KMx6MT_HsPe_5ckRTbYENS0s0YnQEUlzhUVfIof7W2YHx7wiuUe1zvgmcBJhT-ideWLIrHySn6HDnb9lB6-uHJJyBpVo1f5Sla5TIfrT0ykTG0tYKIAOe9L6C-70CcEN61xTFv7u0Vut4NlYSaauw3rsETRuZk43EaCk8CQd3jhDwv16QlG9wxG1RR99SFDZF4tw7CvsH40EctvdaslmxYgieWIeR-aAoxcogWkqeAsJ2xe_EVRtzUjMHYGdx9abxXu-HQqHuuhYNz_n4ChpispfOy1pqTICCgzjyxdLC3P6pjTusQg7zfiAwnf2CKZFaQOoFBApHZ99RMbIWffEWtfjOWQGlXSrNkwD8VhjBjnHeoPerKdyE8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCan9fDPPtZILkK5aA1fAPjsiYyA_JntKxXLWY49aTAcCNtwEQASAAYJWq9YGUB4IBF2NhLXB1Yi01MzEyNzc4MjQ1Njk1MzIwyAEJqQKBioJ5dSOyPqgDAcgDAqoE1QFP0KVsd_oR0qS8FzFn5iegBhcblyP5b8yGcFS1eRKWg8BOUGH8JF88FEUIDTpMVL0Djp2E4wiIn7bDberylpKspNa95lw6kDjwMM7GN_q3Ptut2vZBDeZMcw5ZmWl-lX8E-s_PgSXMiRmt-qpzcuE6_rSTdSMy8k0g4dhGp6CUUW6bcz3MP4W-v8QR4_oM2YHDlGWJzCn9emVivlsizoV_hBUNgxVi_ypj3GF1N9hWaY0Q3JRThLe3io1Bw2hMbx9jvUzuK5jAh-3GKjeLht2JvriV6iuABs_vk57DiYOdiwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0c_yzMZr8k83hvgX89RninRnpq4Q%26client%3Dca-pub-5312778245695320%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9A2A 2 KB
1 KB 163ms
48ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9A2A 308 B
636 B 173ms
63ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9A2A 293 B
621 B 159ms
49ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9A2A 43 B
348 B 151ms
41ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=JsIHoLtN-RQUOohkDdd_K8QTT372x0CNZU0j8DhD7TcuZ2tl85N-7-yR6pytfme2XQOD9mHLjEX1Jq0UVtyFfRp1IpWxUIhybjGuA2vNVhw_u9Ivd7Pt5zYinqPJump_FTP6LPi8f5Ektq_q5agaw60mnzfXzOR87x3bu1x-EwmP97eNRU1tSrE5PjBIMQrk4tbjGP_FtPJX2488QrExX5VCoyVHMWWomxqqGEhOf3RLmdqTn4mlREonoCpHikIz9wU9E5Fdo-3G5sBPeYaZpSvmTj_OZDXhUaK9BLgGrlyU3uZx581-f3EDJjQ19WoYf3JemAv_ltiAFon04DiqwVs-cqcEtRXN_pXv5n_FE4evOzCFAcG24A6T081m-YiEA0dRzW7tk7wtGIubU5T0pnBLtJoRV9AtO6FrWET7xM5kqxt77LyflUXKjxXONmz-WIpDrVr5EEc_8XYZEFGMYfeeG7izYPC_wFaK1-MGtMr-H0pW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1820310
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9A2A 12 KB
5 KB 143ms
50ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 975503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6ZvK7wxmBIIs4ZoWO%2BiBd3dJ%2BqzbxcGVjAZn9sDJyOlXABWVLcwdXyw0r%2F0o0K4%2BAmnyb8tRj5QPUqDE2Mpu7SFBCwksj6%2BXZWsQbMeRDA%2BFCJWJDuKb4eLQeYRmnCPPwP7KXrmJWE82jHFx7YTPtZe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fe526b36e3e1915-FRA
expires: Sun, 18 Aug 2024 13:30:53 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9A2A 12 KB
6 KB 122ms
58ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 80 KB
80 KB 244ms
102ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F915%2F4759123%2F0a2523cc8b33443da7329b64bf17ba6a_img_horizontal_1.jpg&v=3&w=1200&s=JmxY8YN6cZtVD81AmNziT7_t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4d2a6222fa04545d381c85c253dfc5d233ff1fc0f9fa3f7dc956bb8fa95a45ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 81510
expires: Tue, 30 Jul 2024 13:51:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 4 KB
4 KB 191ms
49ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F12%2F12969027PW_14_F.JPG&v=3&w=400&s=NA5TYMLetJwqxWnycv2s-cXX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b0d9af67c4294f94e802509c03aafbca74fe29a4e3582ee609faf3b6e9f1afeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3970
expires: Mon, 19 Aug 2024 07:50:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 5 KB
6 KB 331ms
189ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F10%2F10004508EW_14_F.JPG&v=3&w=400&s=tl7HxpjezCp2ZYqA-mls9Lj9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0dee3871de9f33bf9cb027835d8dbc1ce7057dfe55c8ed7c70dec2a108932e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 5546
expires: Wed, 07 Aug 2024 19:27:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 8 KB
8 KB 350ms
209ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F15%2F15312799NB_14_F.JPG&v=3&w=400&s=a5AJyM8Yb9RIwimVGRqQ39tt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

19cc06a4c2fb7fd4e5979371393cac19088ba58bd5773ff52ca32e4e6062c674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 8056
expires: Thu, 01 Aug 2024 10:46:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 6 KB
6 KB 332ms
190ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F11%2F11684240WK_14_F.JPG&v=3&w=400&s=Uq27PQ0wY1gw_5WMqX0AgXH9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5d982a0fc743eaae5313161fd4590582d4aca10524a0c7e740ab4e80e62b58a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6442
expires: Thu, 01 Aug 2024 16:26:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 7 KB
7 KB 331ms
190ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F54%2F54192988MF_14_F.JPG&v=3&w=400&s=O7Ls2lF7FajZx5LDlyKUbrKK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dde38aa5c1fe341b1caf94d902d1bd12b2a398f604f6bdeb608bb0819c887c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6732
expires: Tue, 30 Jul 2024 11:05:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 6 KB
6 KB 199ms
198ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F14%2F14325625FX_14_F.JPG&v=3&w=400&s=U9P_ALC0ufDy2UwzPnraEvf4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

660f849fd03915316d391f68ad5d9c07fbc741829b6f4556e4e09b8822f05190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6326
expires: Wed, 21 Aug 2024 22:35:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 11 KB
11 KB 197ms
196ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16234990VX_14_F.JPG&v=3&w=400&s=QVkgYmu0YWfZnDEfKA7dBgSL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2a2c6b0e5779634fbf287f51ee834b5a75aef04f2bb0aecd0cc87489f33e0769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 11444
expires: Fri, 02 Aug 2024 03:57:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 4 KB
4 KB 209ms
208ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17495121NB_14_F.JPG&v=3&w=400&s=3TkwXYziek7mCpYWPi7Mhvon&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2e573f64c2bbc81f8bf4f9afbeb755cbfe64667165561c7dc3f43278cdc91049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3812
expires: Tue, 30 Jul 2024 15:08:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 5 KB
5 KB 209ms
208ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17257962KD_14_F.JPG&v=3&w=400&s=NF7Y_AXvhyZtbcIHoHeiXSoq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

82af7c50f964ae67053129276f7415fbfc87c0ccd68dd154f13181e186d6bd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 5294
expires: Tue, 30 Jul 2024 15:25:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 4 KB
4 KB 205ms
205ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F30%2F30041233DC_14_F.JPG&v=3&w=400&s=jMZCQLLsv8k_BkthETdEwizY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

641d8e8dfec0c2a3a5d15754f93a772c62835917668564515427eb4cc74e1eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3866
expires: Sun, 04 Aug 2024 19:16:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 2 KB
2 KB 210ms
209ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17504998GN_14_F.JPG&v=3&w=400&s=-5DtMyS1nkDEOOqg-guolcaZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a15c765537be62e8f3266374993da8e0426182bb4f525a8a61193f8be00ffba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 1854
expires: Wed, 31 Jul 2024 07:52:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9A2A 3 KB
3 KB 206ms
205ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F15%2F15268604AC_14_F.JPG&v=3&w=400&s=XVRmLjmX4V61d2R711FPRjsU&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1273401d5b605de607e62dd54b71bdde9765b3b14353dd181c5b4094459aba53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3086
expires: Tue, 30 Jul 2024 10:52:24 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9A2A 0
128 B 161ms
49ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=94g-am4AjI_95th7QAVE_zFpsMsjy6Vi09gmZq-XrTkfpZN_Vw1v4RERt2L4NNK0a4KVjoOKdEx3XyOARazm0QHAN2ZODZczfmtfT1oifjg6vcrosdl9V2nGqsDGPWAK8tAusSMZ-pCHs_o99uUSAfjgI8Wv2ZkXq057icGXnjZVzEy8N0tHqOABKQUlV_fPtmXVurs7aRwYIH68Cnpg8_xdQVeZ1D5U4ndmoJv7DwZ8FibYfUoF4-i19oJQzuYs0sPS9A&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 13:30:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9A2A 2 KB
1 KB 54ms
52ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9A2A 2 KB
1 KB 51ms
50ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 9A2A 2 KB
803 B 51ms
50ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 9A2A 2 KB
803 B 57ms
50ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 9A2A 12 KB
13 KB 212ms
110ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-31a4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H2 200 montserrat-700-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 9A2A 13 KB
13 KB 186ms
97ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-3230"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 23 Aug 2024 13:30:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 79F4 0
23 B 148ms
148ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw5nyDPPtZILkK5aA1fAPjsiYyA_JntKxXLWY49aTAcCNtwEQASAAYJWq9YGUB4IBF2NhLXB1Yi01MzEyNzc4MjQ1Njk1MzIwyAEJqQKBioJ5dSOyPqgDAcgDAqoE0gFP0KVsd_oR0qS8FzFn5iegBhcblyP5b8yGcFS1eRKWg8BOUGH8JF88FEUIDTpMVL0Djp2E4wiIn7bDberylpKspNa95lw6kDjwMM7GN_q3Ptut2vZBDeZMcw5ZmWl-lX8E-s_PgSXMiRmt-qpzcuE6_rSTdSMy8k0g4dhGp6CUUW6bcz3MP4W-v8QR4_oM2YHDlGWJzCn9emVivlsizoV_hBUNgxVi_ypj3GF1ddp3-wqfQIfsGKMUWrDnO2FYZalpk1Rsn1D9IR95NBuTA3cNrQeABs_vk57DiYOdiwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTMxMjc3ODI0NTY5NTMyMBgA&sigh=vuz95xioDPw&uach_m=[UACH]&cid=CAQSGwBpAlJWUnxN0XiLAUaZm2uiBCRarOSURVZt-RgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=8993069104&adk=3722498027&adf=3747341068&pi=t.ma~as.8993069104&w=1200&fwrn=4&fwrnh=100&lmt=1656069900&rafmt=1&format=1200x280&url=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1693315852290&bpp=9&bdt=332&idt=329&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&correlator=1234312543149&frm=20&pv=2&ga_vid=1911413034.1693315852&ga_sid=1693315853&ga_hid=40921747&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=32&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532315%2C44798934%2C44796632&oid=2&pvsid=432268070941773&tmod=1917277227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qPv7WEfgym&p=http%3A//lichen-lekar.bazadanni.com&dtd=354
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 13:30:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Aug 2023 13:30:53 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 79F4 0
126 B 169ms
50ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kMWCFMz6RLAJmAKdg2ICAgAAAMRfyYrki8LIEAzz7WT1yewYG1pOSthtAAASAAAKCkFRVUREd0VCRHc&wp=ZO3zDAAK8gIIFUAWAAYkDhD1ev_3hsPE9IlzRg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:52 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 168285
server: Kestrel
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 176ms
95ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7ec9e8a6ba844b168cf4ac645f2fedc9424861fa721d7aec9426de9d564ce06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11848
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 13:30:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2CE6 13 KB
5 KB 47ms
45ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lichen-lekar.bazadanni.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 08:25:54 GMT
expires: Wed, 28 Aug 2024 08:25:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 06F6 829 B
987 B 50ms
49ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90501f138c5c680f8928b71c1fa45593948db69cfa0876689e917cba4d5a1e67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lzekx4mxwPrwQpXepV3UcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lichen-lekar.bazadanni.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-lzekx4mxwPrwQpXepV3UcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 13:30:54 GMT
expires: Tue, 29 Aug 2023 13:30:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2CE6 37 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 06:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 06:56:31 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 06F6 0
0 155ms
155ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=432268070941773&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 79F4 42 B
64 B 154ms
154ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpy6YwhnfAjguP0za9ROuV584lTtFinId634Agtvzfnx3gFTp-UGxmVNLMA_zIXQWHk6KikGEZwL7L-w2qoofrO0u4SMCJpgkZ_5Sv&sig=Cg0ArKJSzIwb4jctkk_tEAE&id=lidar2&mcvt=1004&p=0,0,280,1200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3722498027&rs=2&la=1&cr=0&vs=4&r=v&rst=1693315852647&rpt=529&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 13:30:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9A2A 0
127 B 51ms
51ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 13:30:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2CE6 0
10 B 41ms
40ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_FHOAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:30:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 143ms
143ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=432268070941773&bg=!KSqlKmXNAAYkVgHwBFY7ADQBe5WfOG20NWCP8cuM4Z-oU0g9eRqOH6oMwhP-9V9XVSsmShf8s9Pep8npetaJ8bYNTnj7AgAAAyxSAAAABmgBBwoALbBqhDIP64eOqDqTbdn0hyvRIBCR_jPFJ12QBNGNy7kdlii58slnWVs26wHVqZkC2f14TQ790Fb_idl7_V7J-e963aBNA6QqXumnJiOUN2ZSpzEepUp-0FnqZ9M9K6ut2EJTlvjMpV43HBwhc2SA6xIkmvHernfa1JVDJQiOR4rXO3Y2L8y3VSi8PVXpEql1tfIM8JLDI5Otkya3Ghj3BZVULwj1FXWA3epdUYLduJxozL-4e1ZBpti2LNQS9qZtqCQQf2TSH2Z6E1Ve71egDM_YUw5VrMNM2_GTLxCORpJiDzCPcZJfD1vDz2R_sUaweRDSPvy7TLPGae_xWiNpwyHy7CvIjmaGeJG02fw_dyAxOvZFaL0yVV7m4wSCY5rCpo-Qr7o2_4_jaOa0eydvtTjaCtkKqiD3Nq3pWsJUeOiFQyl0y3MY97JI7hrdzOXky34RwmX1Cv5HSl78exp5TjQYVjn8vIcx8mDLk3e9D5GyXGPI9PQlH6Qw8mUGtVVKSFDsssOSmwdpNAA2gr8l8qGpOikZ_lLq_UM8Ch-CV4o-aGDbGX6uQa3K5TrB8gTvn1uKSib8dOymcZ2WM8ots_lNnz81dyvd3AMoocAN_FlXjsynpoMTG_6fqEo_rIbB_PdSSx0baMw2Q5oao06Rj2Dcifw3osXiMlY-HgvdH9eYnaHGHDNbg2bpgCf5lyXBK6c9_QdYVfvpnwUZfbbBsWtZVczTT_FfC6XDgaKGiDDRFlxzj5MUhQB2cYQXJib79N_i0fXauK13do_wkcyJTqj1yU8WcXbfydaQ997UTy_W59_jMKsWmJqOx4i5UP157FOimzSyNBCFeLXv40M-P7aqroO6WQ41xNR9gTfWpHpnYFgnDfYRVxMuAejtEkr5DR3EGVgsF9WtA_pJYir2K3DhaBuugu2CrZLVbZClXIOJ-WbZCK77NjElJhzTVys-I1PUAOFMg6KhEz43Z7FG12PF1NKgKmdVGd08l83isgXqyXql_-3TxNDPpczvSUokFw90jCxD5xy6ig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lichen-lekar.bazadanni.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lichen-lekar.bazadanni.com/	1969-12-31 23:59:59	Name: _c Value: y
.bazadanni.com/	1970-01-20 23:57:55	Name: _ga Value: GA1.2.1911413034.1693315852
.bazadanni.com/	1970-01-20 14:23:22	Name: _gid Value: GA1.2.74697804.1693315852
.bazadanni.com/	1970-01-20 14:21:55	Name: _gat_gtag_UA_115818_39 Value: 1
.bazadanni.com/	1970-01-20 23:43:31	Name: __gads Value: ID=3417613a802ec5fa-220f6e7f5fde000e:T=1693315852:RT=1693315852:S=ALNI_MY_Q9AFYoirSWnCTo9-ICrHzcRCkw
.bazadanni.com/	1970-01-20 23:43:31	Name: __gpi Value: UID=00000c69cd2de62a:T=1693315852:RT=1693315852:S=ALNI_MbWi7bt3S7h1aSP77RIpTW_qa3ulA
.bazadanni.com/	1970-01-20 23:57:55	Name: _ga_MFQVYJNB21 Value: GS1.1.1693315852.1.0.1693315853.0.0.0
.doubleclick.net/	1970-01-20 23:43:31	Name: IDE Value: AHWqTUnPK1GTdVwVEWhn6e4e2rSy0K11p6431sacIhfmF3yn3KnrwVB4gR1qryLGM2A

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5312778245695320&output=html&h=280&slotname=8993069104&adk=3722498027&adf=3747341068&pi=t.ma~as.8993069104&w=1200&fwrn=4&fwrnh=100&lmt=1656069900&rafmt=1&format=1200x280&url=http%3A%2F%2Flichen-lekar.bazadanni.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1693315852290&bpp=9&bdt=332&idt=329&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&correlator=1234312543149&frm=20&pv=2&ga_vid=1911413034.1693315852&ga_sid=1693315853&ga_hid=40921747&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=32&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42532315%2C44798934%2C44796632&oid=2&pvsid=432268070941773&tmod=1917277227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qPv7WEfgym&p=http%3A//lichen-lekar.bazadanni.com&dtd=354 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
counter.search.bg
csm.eu.criteo.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
lichen-lekar.bazadanni.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.bg
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yui.yahooapis.com
178.250.1.6
2001:4860:4802:32::36
2606:4700:3036::ac43:b41f
2606:4700::6811:180e
2a00:1288:80:807::2
2a00:1450:4001:801::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a02:2638:3::12
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::c
38.242.215.86
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0dee3871de9f33bf9cb027835d8dbc1ce7057dfe55c8ed7c70dec2a108932e73
1273401d5b605de607e62dd54b71bdde9765b3b14353dd181c5b4094459aba53
132dd3f974299d2195048dff4247cc1415be0f8004f8717c5c1a754c2c585cf3
168dcd9b03d59ab43b13bcccb78c5dcb6ed6f0f5dbd9b1e2c443cc4ae8191a05
19cc06a4c2fb7fd4e5979371393cac19088ba58bd5773ff52ca32e4e6062c674
28f403366c2c520bfff7d5a0883f1d53e1e87ba1c8202f3f29e6395a0b66806d
2a2c6b0e5779634fbf287f51ee834b5a75aef04f2bb0aecd0cc87489f33e0769
2e573f64c2bbc81f8bf4f9afbeb755cbfe64667165561c7dc3f43278cdc91049
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32add96c1c18f5497c02b44b253a183d0b80e0edce8e65cd0226fa5475c2b163
33b8f8ef619a1cba9787ebacb639593fa4b08d1fd0632ae5902dccf0b5e9aada
48787eedeefc5d059bfdd2c6305b59a308b45e8d73c8de750c5599b0502a4740
4d2a6222fa04545d381c85c253dfc5d233ff1fc0f9fa3f7dc956bb8fa95a45ea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d982a0fc743eaae5313161fd4590582d4aca10524a0c7e740ab4e80e62b58a9
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
641d8e8dfec0c2a3a5d15754f93a772c62835917668564515427eb4cc74e1eb1
660f849fd03915316d391f68ad5d9c07fbc741829b6f4556e4e09b8822f05190
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2c3eb4e84946ab995624bd9f2062c267e65c9f38bff21bfbeefd4897d41111
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
82af7c50f964ae67053129276f7415fbfc87c0ccd68dd154f13181e186d6bd7a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90501f138c5c680f8928b71c1fa45593948db69cfa0876689e917cba4d5a1e67
942411a9f75ec7816c0a5c8bdb6ede55509d48c8647d47f35c0e5349867e8554
9bf4c7ef21227a5f933b0905617e99015712e573595bcf2bbe03029ad615abe7
9e3eb9d16a7350936e3fbdac298238099fa9085a609f71d131425142278abbf3
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0f013abfd2acea3cbd7d0dd9786f12c13bf3db67f7132d491bbc4f2040072ee
a15c765537be62e8f3266374993da8e0426182bb4f525a8a61193f8be00ffba0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
b0d9af67c4294f94e802509c03aafbca74fe29a4e3582ee609faf3b6e9f1afeb
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
c4eaad931bbaa6f83c357d79b3271ce04e2d3aaa819c5cddb1770d98014a7cc1
d0376d80e610bd0a1ba54a5f0ca5b10aa57540890f2f1c1ea989bd67752b6f4b
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
dde38aa5c1fe341b1caf94d902d1bd12b2a398f604f6bdeb608bb0819c887c5a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e603993b179db560c6b55aa70633ab6965f09a5359586344772cd656cd37adc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7ec9e8a6ba844b168cf4ac645f2fedc9424861fa721d7aec9426de9d564ce06
fc055f3c109142403eaacf4f0fd90b600ae61d0bfaeae56a2cdd4330947fd4d5

lichen-lekar.bazadanni.com Open in urlscan Pro 2606:4700:3036::ac43:b41f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

92 %HTTPS

90 %IPv6

15 Domains

21 Subdomains

21 IPs

4 Countries

758 kBTransfer

1757 kBSize

8 Cookies

2 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lichen-lekar.bazadanni.com Open in urlscan Pro
2606:4700:3036::ac43:b41f Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

92 %
HTTPS

90 %
IPv6

15
Domains

21
Subdomains

21
IPs

4
Countries

758 kB
Transfer

1757 kB
Size

8
Cookies

61 HTTP transactions
1 data transactions