52.87.179.242 Open in urlscan Pro
52.87.179.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://52.87.179.242:8080/
Submission: On August 16 via manual (August 16th 2022, 6:54:21 am UTC) from IN — Scanned from DE

Summary HTTP 111 Redirects Behaviour Indicators

Summary

This website contacted 62 IPs in 12 countries across 55 domains to perform 111 HTTP transactions. The main IP is 52.87.179.242, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 52.87.179.242.

This is the only time 52.87.179.242 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.87.179.242 52.87.179.242	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:20e... 2600:9000:20eb:4c00:15:6398:1c40:21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2.18.79.140 2.18.79.140	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	173.201.249.4 173.201.249.4	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2 4	2600:9000:21f... 2600:9000:21f3:7000:4:13ab:6e40:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
6	13.225.84.116 13.225.84.116	16509 (AMAZON-02) (AMAZON-02)
1	13.225.84.147 13.225.84.147	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	108.138.7.127 108.138.7.127	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	52.95.164.14 52.95.164.14	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	35.241.15.240 35.241.15.240	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:2093	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.121.215.159 20.121.215.159	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2606:4700:303... 2606:4700:3035::6815:3249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.127.193.182 3.127.193.182	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.57.43.180 52.57.43.180	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:f000:1b:832b:ac00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.195.149.35 18.195.149.35	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.57.48.124 52.57.48.124	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	54.77.35.16 54.77.35.16	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.71 141.95.98.71	16276 (OVH) (OVH)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	52.18.211.80 52.18.211.80	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
111	62

1 52.87.179.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-179-242.compute-1.amazonaws.com

52.87.179.242	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20eb:4c00:15:6398:1c40:21 (United States)

ASN16509 (AMAZON-02, US)

d3bzgzmzgpxbap.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.140 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-140.deploy.static.akamaitechnologies.com

imgs.ebit.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.201.249.4 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-173-201-249-4.ip.secureserver.net

seal.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:7000:4:13ab:6e40:21 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

d1pkzhm5uq4mnt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.84.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-116.fra2.r.cloudfront.net

d2da0u06q4mna7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-147.fra2.r.cloudfront.net

d1h6ttu91q164y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.127 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-127.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.10.30 (Poland) 1 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.164.14 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com

s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2093 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.121.215.159 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.oppuz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::6815:3249 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.193.182 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-193-182.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.43.180 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-43-180.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f000:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cotads.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.149.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-35.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.48.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-48-124.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.35.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-16.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.211.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-211-80.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cloudfront.net 2 redirects d3bzgzmzgpxbap.cloudfront.net d1pkzhm5uq4mnt.cloudfront.net d2da0u06q4mna7.cloudfront.net d1h6ttu91q164y.cloudfront.net	489 KB
10	criteo.com 5 redirects gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755 sslwidget.criteo.com — Cisco Umbrella Rank: 1552 widget.us.criteo.com — Cisco Umbrella Rank: 15285 dis.criteo.com — Cisco Umbrella Rank: 699	14 KB
7	google.com apis.google.com — Cisco Umbrella Rank: 161 www.google.com — Cisco Umbrella Rank: 10	72 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	4 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5596	933 B
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 547 b.clarity.ms — Cisco Umbrella Rank: 5259 c.clarity.ms — Cisco Umbrella Rank: 996	26 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	61 KB
4	pn.vg 1 redirects cdn.pn.vg — Cisco Umbrella Rank: 67867 osp-assets.pn.vg Failed	54 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com — Cisco Umbrella Rank: 195	13 KB
4	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 16192 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 7138	14 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	196 KB
3	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 1323 cotads.adscale.de — Cisco Umbrella Rank: 2588	1 KB
3	creativecdn.com 1 redirects us.creativecdn.com — Cisco Umbrella Rank: 3136	573 B
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 2757	480 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 188	2 KB
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1340	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277	507 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 713	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	388 B
2	hotjar.com 1 redirects static.hotjar.com — Cisco Umbrella Rank: 642	3 KB
2	godaddy.com seal.godaddy.com — Cisco Umbrella Rank: 15066	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2137	36 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 309	98 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 502	338 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 14684	153 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1273	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1657	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 411	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1422	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1048	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 521	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 326	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 610	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 686	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1184	40 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 526	787 B
1	oppuz.com www.oppuz.com — Cisco Umbrella Rank: 485612	59 KB
1	amazonaws.com s3-sa-east-1.amazonaws.com	516 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	14 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	99 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	7 KB
1	ebit.com.br imgs.ebit.com.br — Cisco Umbrella Rank: 51860
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	30 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 951	9 KB
0	Failed function sub() { [native code] }. Failed
0	azureedge.net Failed oppuz.azureedge.net Failed
0	tremorhub.com Failed criteo-partners.tremorhub.com Failed
0	liadm.com Failed i.liadm.com Failed
0	360yield.com Failed ad.360yield.com Failed
111	55

	Domain	Requested by
6	d2da0u06q4mna7.cloudfront.net	d3bzgzmzgpxbap.cloudfront.net
5	www.google.de	52.87.179.242
5	www.google.com	52.87.179.242
5	gum.criteo.com	4 redirects static.criteo.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.pn.vg	1 redirects www.googletagmanager.com cdn.pn.vg
4	connect.facebook.net	52.87.179.242 connect.facebook.net
4	d1pkzhm5uq4mnt.cloudfront.net	2 redirects 52.87.179.242
4	d3bzgzmzgpxbap.cloudfront.net	52.87.179.242
3	stats.g.doubleclick.net	www.google-analytics.com
3	cas.avalon.perfdrive.com	cdn.perfdrive.com
3	us.creativecdn.com	1 redirects www.googletagmanager.com 52.87.179.242
3	bat.bing.com	52.87.179.242 bat.bing.com
2	ad.sxp.smartclip.net	1 redirects
2	dpm.demdex.net	1 redirects
2	ad.yieldlab.net
2	ups.analytics.yahoo.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ih.adscale.de	2 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.facebook.com	52.87.179.242
2	static.hotjar.com	1 redirects 52.87.179.242
2	apis.google.com	d1pkzhm5uq4mnt.cloudfront.net apis.google.com
2	seal.godaddy.com	52.87.179.242
2	fonts.googleapis.com	52.87.179.242
2	stackpath.bootstrapcdn.com	52.87.179.242
1	idsync.rlcdn.com
1	beacon.krxd.net
1	a.twiago.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	cotads.adscale.de
1	cm.g.doubleclick.net	1 redirects
1	www.oppuz.com	52.87.179.242 www.oppuz.com
1	c.bing.com	1 redirects
1	b.clarity.ms	www.clarity.ms
1	widget.us.criteo.com	52.87.179.242
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	52.87.179.242
1	s3-sa-east-1.amazonaws.com	52.87.179.242
1	static.criteo.net	www.googletagmanager.com
1	cdn.perfdrive.com	52.87.179.242
1	www.googleadservices.com	www.googletagmanager.com
1	d1h6ttu91q164y.cloudfront.net	d3bzgzmzgpxbap.cloudfront.net
1	www.googletagmanager.com	52.87.179.242
1	cdnjs.cloudflare.com	52.87.179.242
1	imgs.ebit.com.br	52.87.179.242
1	code.jquery.com	52.87.179.242
1	use.fontawesome.com	52.87.179.242
0	52.87.179.242 Failed	cdn.pn.vg
0	osp-assets.pn.vg Failed	cdn.pn.vg
0	oppuz.azureedge.net Failed	www.oppuz.com
0	criteo-partners.tremorhub.com Failed
0	i.liadm.com Failed
0	ad.360yield.com Failed
111	71

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.ebit.com.br R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
mastercert.ext.pki.godaddy.com Go Daddy Secure Certificate Authority - G2	`2021-09-10` - `2022-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2021-08-31` - `2022-09-26`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.s3-sa-east-1.amazonaws.com Amazon	`2021-12-09` - `2022-12-02`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2022-08-02` - `2023-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://52.87.179.242:8080/
Frame ID: 8368FEEC97CF536CD6F969E235AE4D81
Requests: 77 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?id=pr_lka45gmj004uuAXQF1zT_home&tc=1
Frame ID: 41F24AA2DF8D8E1429F052FE24C38E8B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=52.87.179.242&origin=onetag
Frame ID: 08B2994E269E3B2847020F80DB663AB1
Requests: 2 HTTP requests in this frame

Frame: https://us.creativecdn.com/tags?type=iframe&id=pr_lka45gmj004uuAXQF1zT&id=pr_lka45gmj004uuAXQF1zT_lid_8XCIMZlHouwkZ4IQbkIU&su=http%3A%2F%2F52.87.179.242%3A8080%2F&sr=&ts=1660632823564
Frame ID: 95406ABD81D1F6B70D233FF864C4B9B3
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-43qhoePqOSaSbBoEGTG4S5L-Woc5As8iDJNyZg&expires=30
Frame ID: 0DEB2E7E9428F80FE0AB47A84B82D831
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

111
Requests

63 %
HTTPS

34 %
IPv6

55
Domains

71
Subdomains

62
IPs

12
Countries

1255 kB
Transfer

3074 kB
Size

62
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://d1pkzhm5uq4mnt.cloudfront.net/js/main.min.js?v=201805181406 HTTP 301
https://d1pkzhm5uq4mnt.cloudfront.net/js/main.min.js?v=201805181406

Request Chain 12

http://d1pkzhm5uq4mnt.cloudfront.net/js/busca.min.js?v=201805181406 HTTP 301
https://d1pkzhm5uq4mnt.cloudfront.net/js/busca.min.js?v=201805181406

Request Chain 24

http://connect.facebook.net/pt_BR/all.js HTTP 307
https://connect.facebook.net/pt_BR/all.js

Request Chain 30

http://static.hotjar.com/c/hotjar-132132.js?sv=5 HTTP 301
https://static.hotjar.com/c/hotjar-132132.js?sv=5

Request Chain 32

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

Request Chain 34

https://us.creativecdn.com/tags?id=pr_lka45gmj004uuAXQF1zT_home HTTP 302
https://us.creativecdn.com/tags?id=pr_lka45gmj004uuAXQF1zT_home&tc=1

Request Chain 48

https://gum.criteo.com/sid/json?origin=onetag&domain=52.87.179.242&sn=ChromeSyncframe&so=0&topUrl=52.87.179.242&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=bX74_Hx3U0NCN3gxYlQ1NVl4cHpSQmdpaHdwazV1YjdSOGErRjBWUkJyUWwwbUR2QVFYWXB5UUR4VWRzVkNMeVZQWVlRUm0vWXM1c0pVU29vNUVEejNPWm4xR3g1anpsSVpqOVg2YllTQWI2WDlRMnJWbG1mM0Y4YlZHcTJOVVRiQWVSTDB5Rk45UjA3dklKR0lXaEVlM0ljRllEZEtlOWhpNHhwbG1oLy9kZkpwQ1UrWHNTSStKVHdyQmhSNENzUEZoVTNCcGVsWlFlMTdzSEh3WWoxOHo0U2RySTBNUzRHQ2lrVkhlZFJBbHFyU3NVYjFTSHJxZTkxZDlzSFNaMHlFNUpBd3hPV0kwaUU0Y211eUdrbDloSjdyZz09fA&cppv=2

Request Chain 63

https://sslwidget.criteo.com/event?a=26226&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=rJnCdF9vQ2ZScWtnNkkxNWg3VktrJTJGeHpGeSUyQkFUOTkwdTFCcW5GVWZrJTJGSGdoWTgxbUkxcnd6TVlGJTJGem5TSzRJamFsSDdjZ1NFVTlKWmtxaiUyQmFYazVVNjhRUGZnS0R4V29kJTJCUHppZVhrODZaOWcyV2o3S0tsYSUyQktDOWlvJTJGWFE3M1Z1ZmZmdldDWlIxJTJGZWRzdG9ZNlVtWFFpQWclM0QlM0Q&tld=52.87.179.242&fu=http%253A%252F%252F52.87.179.242%253A8080%252F&dtycbr=76057 HTTP 302
https://widget.us.criteo.com/event?a=26226&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=rJnCdF9vQ2ZScWtnNkkxNWg3VktrJTJGeHpGeSUyQkFUOTkwdTFCcW5GVWZrJTJGSGdoWTgxbUkxcnd6TVlGJTJGem5TSzRJamFsSDdjZ1NFVTlKWmtxaiUyQmFYazVVNjhRUGZnS0R4V29kJTJCUHppZVhrODZaOWcyV2o3S0tsYSUyQktDOWlvJTJGWFE3M1Z1ZmZmdldDWlIxJTJGZWRzdG9ZNlVtWFFpQWclM0QlM0Q&tld=52.87.179.242&fu=http%253A%252F%252F52.87.179.242%253A8080%252F&dtycbr=76057

Request Chain 67

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=95643508BAD84D949111AD2E4918A078&RedC=c.clarity.ms&MXFR=2D615534161C6FEA15E04736121C616B HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=95643508BAD84D949111AD2E4918A078&MUID=05B1CAF4567167703254D8F657A36666

Request Chain 72

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-43qhoePqOSaSbBoEGTG4S5L-Woc5As8iDJNyZg&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-43qhoePqOSaSbBoEGTG4S5L-Woc5As8iDJNyZg&expires=30

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ZC8T2-PqOSaSbBoEGTG4S5L-Woe4gdHlr8mSyQ&google_cm&google_hm=ay1aQzhUMi1QcU9TYVNiQm9FR1RHNFM1TC1Xb2U0Z2RIbHI4bVN5UQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZC8T2-PqOSaSbBoEGTG4S5L-Woe4gdHlr8mSyQ&google_gid=CAESENoAZj3UG4ocSOcXbIkvzi4&google_cver=1&google_ula=913071,0

Request Chain 74

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5780309395994256650

Request Chain 75

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-ywwO4uPqOSaSbBoEGTG4S5L-Wodfs6x74yg73A&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-ywwO4uPqOSaSbBoEGTG4S5L-Wodfs6x74yg73A&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=e66492c36e9745bc9ad4f09bb81f5297 HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=ac6f1767ab7f6e89e07ef80dc15e3eec62b2a517a6a722483af5935d711e1548

Request Chain 76

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iykxFePqOSaSbBoEGTG4S5L-Wodktykf8ZKFSA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iykxFePqOSaSbBoEGTG4S5L-Wodktykf8ZKFSA&C=1

Request Chain 88

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VGGBi-PqOSaSbBoEGTG4S5L-Woc5u1p7u_f0nw HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VGGBi-PqOSaSbBoEGTG4S5L-Woc5u1p7u_f0nw&verify=true

Request Chain 92

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=1Hz3dV1c7_H2Sj3Ppi77Nce-aOaN4FfY HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1Hz3dV1c7_H2Sj3Ppi77Nce-aOaN4FfY

Request Chain 95

https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-jw_rn-PqOSaSbBoEGTG4S5L-WocWzj71u7_3tQ HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-jw_rn-PqOSaSbBoEGTG4S5L-WocWzj71u7_3tQ&ang_testid=1

Request Chain 98

http://cdn.pn.vg/sites/4060ebd1-bef2-4326-ace5-d2f8f78400b5.js HTTP 301
https://cdn.pn.vg/sites/4060ebd1-bef2-4326-ace5-d2f8f78400b5.js

Request Chain 101

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=g-rGtz7BicQhpU2xNFJyFnTLEv6b-m4o

Request Chain 103

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=t0BG24n5KIyPWregGgaJON7CR8jUBPjt

Request Chain 109

http://52.87.179.242:8080/pushnews-sw.js HTTP 301
https://52.87.179.242/pushnews-sw.js/

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
52.87.179.242/ 23 KB
23 KB 202ms
101ms Document
text/html 52.87.179.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Server: 52.87.179.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-179-242.compute-1.amazonaws.com
Software: nginx/1.17.8 /
Resource Hash: 4738cd0daa1d2999cb9c63b69d181b8735b85c6077d3067badb362495cb3b80e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 23542
Content-Type: text/html
Date: Tue, 16 Aug 2022 06:53:41 GMT
ETag: "2dd24fc003172e1cdfcb9a39f71158b2"
Last-Modified: Thu, 12 May 2022 18:57:03 GMT
Server: nginx/1.17.8
X-EVA-Cache-Date: Thu, 12 May 2022 19:24:25 GMT
X-EVA-Cache-Status: HIT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/ 137 KB
22 KB 74ms
41ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 863
access-control-allow-origin: *
cdn-cachedat: 03/10/2022 17:27:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"fee68c0f2f583161134a1fcb5950501d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c56787520222bbe1d8612a8b326d19d8
cf-ray: 73b841211b939158-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.10/css/ 36 KB
9 KB 341ms
323ms Stylesheet
text/css 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer: http://52.87.179.242:8080/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R4JJXWHH6090T5RY
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: eFxsiqIwMExJumx1NiMXmLNUvvOWqcd+B4aR6zrTM+v+U3RWejiuC51YJhrQhYz0idzThI4y4I4=
last-modified: Wed, 30 Jun 2021 15:26:49 GMT
server: cloudflare
etag: W/"d1acb8ad33b1526acbfd3f0028b859b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0dck0zJT3W0mlYQO8cmtdeFw4u5OpAv5dlLr1sfScFVRIcx%2B8qnK3LgxRiwZdHm%2F4i07KblmiBn85v1TAtvAl2Z8GQ%2FcIkEKe3thw7PsW4TXktmMnWYGUfwafGWvVKRG1zhOeKbgzE7fidYmnWfBv%2Fz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 73b841210d1b9030-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
726 B 132ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ef9b62e0cc470658cfc23e9007a9d7b15f8a5623d087f3fa4b6115b67be7376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 06:53:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 06:53:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 06:53:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 130ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

328300f81173334ea632bed311c374f4a4d057b0d30c5bf857888128bddb0732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 06:30:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 06:53:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 06:53:42 GMT

GET
H/1.1 200
OK header_and_footer.css
d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/ 92 KB
92 KB 32ms
12ms Stylesheet
text/css 2600:9000:20eb:4c00:15:6398:1c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/header_and_footer.css
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:4c00:15:6398:1c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61de170a13e64e84b82cb6de4b6a06a0a2578e249663723bfcca8e7925ae57cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:56:40 GMT
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Last-Modified: Wed, 19 Feb 2020 19:19:24 GMT
Server: AmazonS3
Age: 50222
ETag: "8c2558f65abe3c902ca9b1c7923a7638"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 93863
X-Amz-Cf-Id: NiuDo-6u8jDV77p6XFRHBA-N9N89UFCCLV3Y5LkDU7dWpFc2IDF_pw==

GET
H/1.1 200
OK core.css
d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/ 182 KB
183 KB 33ms
13ms Stylesheet
text/css 2600:9000:20eb:4c00:15:6398:1c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/core.css
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:4c00:15:6398:1c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f937bc569e7b507c80c572d605133e1da3b69d195313f748764fd779300848e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:56:40 GMT
Via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
Last-Modified: Wed, 19 Feb 2020 19:19:24 GMT
Server: AmazonS3
Age: 50222
ETag: "77eb22cc191deb9558abd10951359914"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 186662
X-Amz-Cf-Id: cq6Uq41G0qKmPrFrTTZyJFih5pJ9omz3afdhvfMNMyuXJUET-WrP0Q==

GET
H/1.1 200
OK geral.css
d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/ 9 KB
9 KB 32ms
12ms Stylesheet
text/css 2600:9000:20eb:4c00:15:6398:1c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/geral.css
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:4c00:15:6398:1c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7481f36895ec134b0434967a303c5922eaefe3b53fdad43e6c27aa3595299790

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:56:40 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
Last-Modified: Wed, 19 Feb 2020 19:19:24 GMT
Server: AmazonS3
Age: 50222
ETag: "b8acc3624f800d97c2f311449ee852cd"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 9133
X-Amz-Cf-Id: CS-s5-wSqx49teY-X0iJgjdlcN-qqnSNvXP1HrqwD_YblwS24yVtxA==

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 326ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: http://52.87.179.242:8080/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1538f"
vary: Accept-Encoding
x-hw: 1660632822.dop016.am5.t,1660632822.cds319.am5.hn,1660632822.cds273.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H/1.1 200
OK geral.js Show response
d3bzgzmzgpxbap.cloudfront.net/collect/ev/js/ 624 B
1 KB 246ms
246ms Script
application/javascript 2600:9000:20eb:4c00:15:6398:1c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/js/geral.js
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:4c00:15:6398:1c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b7f9f189f5a3339a8b5073ffbac3f75668e5df80d19373708f6fc64327d79f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
Via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
Last-Modified: Wed, 19 Feb 2020 19:19:24 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
ETag: "8ee51397c853ef5b90539bb2502b9ff2"
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 624
X-Amz-Cf-Id: SIcaX9b8f7YXFzK8dL6R9XzHIjXt-yD-OzyuDvlJEI81CegXp5F5nw==

GET
H2 403 getSelo.js
imgs.ebit.com.br/ebitBR/selo-ebit/js/ 0
0 482ms
18ms Script
text/html 2.18.79.140
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://imgs.ebit.com.br/ebitBR/selo-ebit/js/getSelo.js?32958
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.140 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H/1.1 200
OK getSeal Show response
seal.godaddy.com/ 4 KB
2 KB 872ms
161ms Script
text/html 173.201.249.4
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://seal.godaddy.com/getSeal?sealID=WBwbpoD7qZYItCMHsRuIqH6A0elzEhpH2K7UyaLxG6X34KRMVUUm1znzq9Xe
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.249.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-249-4.ip.secureserver.net
Software: Apache /
Resource Hash: b8bb2423a232a4594c7170c81816fa7b58ebc29a7abd79ebe699960819d11578

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Expires: Tue, 16 Aug 2022 10:53:43 GMT

GET
H2

200

main.min.js Show response
d1pkzhm5uq4mnt.cloudfront.net/js/
Redirect Chain

http://d1pkzhm5uq4mnt.cloudfront.net/js/main.min.js?v=201805181406
https://d1pkzhm5uq4mnt.cloudfront.net/js/main.min.js?v=201805181406

179 KB
57 KB

29ms
12ms

Script
application/javascript

2600:9000:21f3:7000:4:13ab:6e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pkzhm5uq4mnt.cloudfront.net/js/main.min.js?v=201805181406
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: H2
Server: 2600:9000:21f3:7000:4:13ab:6e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23137404345a54c399ac054a43541094634f5762f3bd819a63a62120fa67c188

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:56:40 GMT
content-encoding: gzip
last-modified: Tue, 26 May 2020 19:39:05 GMT
server: AmazonS3
age: 50223
etag: W/"8465b2e8d9a5094f3f0b271a5e6226ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: OOKkm-xX-BLbgLWon8H1iqNe1Z1cUXGsPZUEEGKiwT2eea9xbRN1lA==

Redirect headers

Date: Tue, 16 Aug 2022 06:53:42 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://d1pkzhm5uq4mnt.cloudfront.net/js/main.min.js?v=201805181406
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: lMehLIF8opm6Vp82wkKIkSpRKYSX1d-GnUauxop6ryPCfZr0ofsmPg==

GET
H2

200

busca.min.js Show response
d1pkzhm5uq4mnt.cloudfront.net/js/
Redirect Chain

http://d1pkzhm5uq4mnt.cloudfront.net/js/busca.min.js?v=201805181406
https://d1pkzhm5uq4mnt.cloudfront.net/js/busca.min.js?v=201805181406

77 KB
23 KB

22ms
21ms

Script
application/javascript

2600:9000:21f3:7000:4:13ab:6e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pkzhm5uq4mnt.cloudfront.net/js/busca.min.js?v=201805181406
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: H2
Server: 2600:9000:21f3:7000:4:13ab:6e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5737f9841b2b61b7bf82ae71235fa863acb43a42ae782eadea183e40173fb946

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:56:40 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 19:26:52 GMT
server: AmazonS3
age: 50223
etag: W/"1615f1609436c744f7e04c3dc73d71ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: amGmqJo3F-CKr_UlD9SfDXXjorXz8gxJZtODB9_Wgj8zhh0Qxg8g_Q==

Redirect headers

Date: Tue, 16 Aug 2022 06:53:42 GMT
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://d1pkzhm5uq4mnt.cloudfront.net/js/busca.min.js?v=201805181406
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: Gi5iwO3eqiT6G-sxLKIBFHSLsVJlWEwIl13Hl6fHt6bsE7GfScAZQg==

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 56ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5219818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noGs6%2ByeAC8iB5hSsZ%2Fgx4Ng9rY4uis9uhO8tEMtkwil%2BcI9u7F%2BtlEyzJPK01qfdDqKq5GlJc2jnuYfrHWgMt03z718oQFz6umlSlPBOBi4KPyvOBJpr6JpkX78GIotPslpju6as4UN6XPkUf9xENtC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73b84121bda7bb89-FRA
expires: Sun, 06 Aug 2023 06:53:42 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
14 KB 36ms
35ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 565
access-control-allow-origin: *
cdn-cachedat: 06/01/2022 16:41:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 20b1195cc5c50560d9af3e7b02cb2ce9
cf-ray: 73b841218c339158-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 373 KB
99 KB 168ms
82ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MCH9W

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

443ce45429d9fc1ddba545f98f34cc4706ef56c62f3ba7e5f473897e8cf81c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101361
x-xss-protection: 0
expires: Tue, 16 Aug 2022 06:53:42 GMT

GET
H/1.1 200
OK icons-sprite-d0791a9a84e18e2d90b9e6f99a078780f172c8a04f4fac8d9be5bd4fd3c27b3d.png
d2da0u06q4mna7.cloudfront.net/assets/ 75 KB
75 KB 34ms
13ms Image
image/png 13.225.84.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d2da0u06q4mna7.cloudfront.net/assets/icons-sprite-d0791a9a84e18e2d90b9e6f99a078780f172c8a04f4fac8d9be5bd4fd3c27b3d.png
Requested by: Host: d3bzgzmzgpxbap.cloudfront.net
URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/header_and_footer.css
Protocol: HTTP/1.1
Server: 13.225.84.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0791a9a84e18e2d90b9e6f99a078780f172c8a04f4fac8d9be5bd4fd3c27b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://d3bzgzmzgpxbap.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 16:56:41 GMT
Via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2017 15:38:18 GMT
Server: AmazonS3
Age: 50222
ETag: "781fa98f3c7668bedea392b7303a2f3f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31557600
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 76630
X-Amz-Cf-Id: Sq_ZtMW-l-2nWj-B_CS05wIKJK-WoWJqMMfRCPlZMMcRz2m27IQZFg==
Expires: Wed, 03 Jan 2018 21:38:17 GMT

GET
H/1.1 200
OK logo-a18622541b41abaac585a159a8200d9d3775256fb93f0c98ea7692d240fb38bc.png
d2da0u06q4mna7.cloudfront.net/assets/ 2 KB
3 KB 29ms
8ms Image
image/png 13.225.84.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d2da0u06q4mna7.cloudfront.net/assets/logo-a18622541b41abaac585a159a8200d9d3775256fb93f0c98ea7692d240fb38bc.png
Requested by: Host: d3bzgzmzgpxbap.cloudfront.net
URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/header_and_footer.css
Protocol: HTTP/1.1
Server: 13.225.84.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18622541b41abaac585a159a8200d9d3775256fb93f0c98ea7692d240fb38bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://d3bzgzmzgpxbap.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 09:42:55 GMT
Via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2016 17:41:40 GMT
Server: AmazonS3
Age: 4137048
ETag: "3e9106d4250ac4f186901f711a9411bc"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31557600
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 2242
X-Amz-Cf-Id: G4DvM4UmWUBwTVNwWUpIKAU47UEMINWpIIDh0Fcpuj5OCGNmu_OHWw==
Expires: Wed, 05 Jul 2017 23:41:39 GMT

GET
H/1.1 200
OK SourceSansPro-Regular.woff2
d2da0u06q4mna7.cloudfront.net/assets/font/ 11 KB
12 KB 179ms
159ms Font
binary/octet-stream 13.225.84.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2da0u06q4mna7.cloudfront.net/assets/font/SourceSansPro-Regular.woff2
Requested by: Host: d3bzgzmzgpxbap.cloudfront.net
URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/header_and_footer.css
Protocol: HTTP/1.1
Server: 13.225.84.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adbbb1570f134e34309f6335b650f8704232d270f25624283a8b56ea48236e57

Request headers

Referer: http://d3bzgzmzgpxbap.cloudfront.net/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
Via: 1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 11400
Last-Modified: Wed, 18 Oct 2017 13:18:15 GMT
Server: AmazonS3
ETag: "00bfa19cecc3900646c108e4ac706488"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: nhhxfKlCS2wpUiJMXaP8G4wDYFS-ZOMGnmNDNz2cub2sShuFLIu0Og==

GET
H/1.1 200
OK SourceSansPro-It.woff2
d2da0u06q4mna7.cloudfront.net/assets/font/ 11 KB
12 KB 183ms
164ms Font
binary/octet-stream 13.225.84.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2da0u06q4mna7.cloudfront.net/assets/font/SourceSansPro-It.woff2
Requested by: Host: d3bzgzmzgpxbap.cloudfront.net
URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/header_and_footer.css
Protocol: HTTP/1.1
Server: 13.225.84.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69d776d65aa27596857008e9762d926ba60349c39280d5044890c8885474e166

Request headers

Referer: http://d3bzgzmzgpxbap.cloudfront.net/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
Via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 11200
Last-Modified: Wed, 18 Oct 2017 13:18:14 GMT
Server: AmazonS3
ETag: "4e80db528f417c56b0f62bbae57fecb0"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: VZuBW102rPL2fVj6R3ZKGpyYfZuvQvcr1cd_I4btXkYn5JKkhXWakQ==

GET
H/1.1 200
OK store-ev-337c7e5f7502a52d6dc5a1bf7dabf32cda67ba12efc5d64a19b4a602643e4887.woff2
d2da0u06q4mna7.cloudfront.net/assets/ 8 KB
9 KB 193ms
174ms Font
application/font-woff 13.225.84.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2da0u06q4mna7.cloudfront.net/assets/store-ev-337c7e5f7502a52d6dc5a1bf7dabf32cda67ba12efc5d64a19b4a602643e4887.woff2
Requested by: Host: d3bzgzmzgpxbap.cloudfront.net
URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/header_and_footer.css
Protocol: HTTP/1.1
Server: 13.225.84.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 337c7e5f7502a52d6dc5a1bf7dabf32cda67ba12efc5d64a19b4a602643e4887

Request headers

Referer: http://d3bzgzmzgpxbap.cloudfront.net/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
Via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 8216
Last-Modified: Wed, 06 Dec 2017 13:14:16 GMT
Server: AmazonS3
ETag: "d77c8a0429ec45b7a67534a0de766cc5"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
X-Amz-Cf-Id: knxVHCkRQ73wWuVczWw8EF9zKE8uHxmp0i9e6eNSRnNoijjHThjGjA==
Expires: Thu, 06 Dec 2018 19:14:15 GMT

GET
H/1.1 200
OK bg-footer-v2.jpg
d1h6ttu91q164y.cloudfront.net/images/store/ 1 KB
1 KB 28ms
8ms Image
image/jpeg 13.225.84.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1h6ttu91q164y.cloudfront.net/images/store/bg-footer-v2.jpg
Requested by: Host: d3bzgzmzgpxbap.cloudfront.net
URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/core.css
Protocol: HTTP/1.1
Server: 13.225.84.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-147.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e4165b1d4e75b2916f1ccc80a30cd1699a1765be8bbfce5d198340e3398093a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://d3bzgzmzgpxbap.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 04:19:30 GMT
Via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
Last-Modified: Thu, 19 Oct 2017 16:12:00 GMT
Server: AmazonS3
Age: 95653
ETag: "199b76bf6fbbbce0372b0230f9f9f2f8"
X-Cache: Hit from cloudfront
x-amz-version-id: null
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 1042
X-Amz-Cf-Id: U6-tu9WpfJexdIn5_8xFBXBxQVW86fna8RqDXOcCOP1LYbVfbLOWmw==

GET
H/1.1 200
OK SourceSansPro-Semibold.woff2
d2da0u06q4mna7.cloudfront.net/assets/font/ 11 KB
12 KB 174ms
168ms Font
binary/octet-stream 13.225.84.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2da0u06q4mna7.cloudfront.net/assets/font/SourceSansPro-Semibold.woff2
Requested by: Host: d3bzgzmzgpxbap.cloudfront.net
URL: http://d3bzgzmzgpxbap.cloudfront.net/collect/ev/css/header_and_footer.css
Protocol: HTTP/1.1
Server: 13.225.84.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 115ea8ccc77135e889658e3922a3ce4747db8cd8a9ffc82286d4b48c771c4da0

Request headers

Referer: http://d3bzgzmzgpxbap.cloudfront.net/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
Via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 11256
Last-Modified: Wed, 18 Oct 2017 13:18:16 GMT
Server: AmazonS3
ETag: "e80eefb2e693f982ade7d2f9c41c59ea"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: eeM4EDgZCXjuomoUFDsJG2mFC-ExYLgNDCz_y8dfzeMRAw4bD4lksw==

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 133ms
50ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: d1pkzhm5uq4mnt.cloudfront.net
URL: http://d1pkzhm5uq4mnt.cloudfront.net/js/main.min.js?v=201805181406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f230e923c1b3803f0617015b2a0ab31286a14ca8c1cac61a675182b8e9250dc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Tue, 16 Aug 2022 06:53:42 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "64a824b5ea9acada"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 06:53:42 GMT

GET
H2

200

all.js Show response
connect.facebook.net/pt_BR/
Redirect Chain

http://connect.facebook.net/pt_BR/all.js
https://connect.facebook.net/pt_BR/all.js

3 KB
2 KB

34ms
8ms

Script
application/x-javascript

2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ecc7ff141ea49de7f894e94b609d906a8e9dbc0dfa2df4d364adc95a555366b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: E2drx1SK8yxvl/Il+lY1fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 2mQrnecDxH4YYdFaDd6p7dkUplU20HyV7Q3LYjes+O/23fjO6N3HQKXOWDQPKiS/gPPmH0X0kN20MoVcsr25Vw==
x-fb-trip-id: 917726464
x-fb-content-md5: 5f1369e29e0e17d7f9a19c12aac7d0e6
x-frame-options: DENY
date: Tue, 16 Aug 2022 06:53:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "94ed0757a9dbc4b9211ca38dc2913ab3"
timing-allow-origin: *
expires: Tue, 16 Aug 2022 07:12:09 GMT

Redirect headers

Location: https://connect.facebook.net/pt_BR/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 all.js Show response
connect.facebook.net/pt_BR/ 299 KB
84 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=cb3b91f7ef07b1095efa1c4e689f10fb

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/pt_BR/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

907d868ae4ceaf2c20aaeac3b0372907be11208329737e990643676c99f57853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://52.87.179.242:8080/
Origin: http://52.87.179.242:8080
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tcaBZsPjeGCMHUsJioEjEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86282
x-fb-rlafr: 0
x-fb-debug: lWmCFjpMID9OsXi18pAU+N2A8HbSgJPY8lawnqMcw5//WhquDk5iHJ/zv5LNwesdvAX8ngo5bSGS07MBdpawmQ==
x-fb-content-md5: 13b4849e24be77ec1a2bec015eb1af01
x-frame-options: DENY
date: Tue, 16 Aug 2022 06:53:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "398842c3498b72c9b43462b9251c578a"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Aug 2023 05:51:07 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/ 149 KB
51 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gq6hJvUC8Rk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_NBjLmOTBJ5Ggo62XiQVQgOFhGtg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70e22adf0ae6a037f66cb815bf64a33b2da2ff9afaee90245c59bf457b07670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 12:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51941
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 12:35:08 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 140ms
55ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MCH9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

52e051d93279e14d8f19a0c8fb12c0ad0e5594e7621cd8db8212bd5ffece86d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15161
x-xss-protection: 0
server: cafe
etag: 12862140795212465669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Aug 2022 06:53:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MCH9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6702
date: Tue, 16 Aug 2022 05:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Aug 2022 07:02:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: fZOzaEOIrtivzPAYPRPKKvrz3hYcX+iIrGm9HJV/Q0Y6Rx+o8g2LAz28fl+v0svr6MuoAgm35l3Wwj57R0Ddeg==
x-frame-options: DENY
date: Tue, 16 Aug 2022 06:53:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

hotjar-132132.js Show response
static.hotjar.com/c/
Redirect Chain

http://static.hotjar.com/c/hotjar-132132.js?sv=5
https://static.hotjar.com/c/hotjar-132132.js?sv=5

6 KB
3 KB

61ms
44ms

Script
application/javascript

108.138.7.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-132132.js?sv=5

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Server

108.138.7.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-127.fra56.r.cloudfront.net

Software

Resource Hash

70a71b256810bb0ab4d8e9235d1a05a019305532de7f175bb11d2f87f14e94ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
etag: W/cacee02517f13cb9df90fc971867f0b3
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: 3ua26Fmm_JdH1VboSGs9fVrjhNIt7gOOgWR7iTN-035PRRQwbmXTPA==
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)

Redirect headers

Date: Tue, 16 Aug 2022 06:53:42 GMT
Via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://static.hotjar.com/c/hotjar-132132.js?sv=5
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: x84bMKsqROuT-ochMS_meA0WVZEUdK9uWKsTYbOxTQhjzgqJ7P6OBQ==

GET
H2 200 aperture.js Show response
cdn.perfdrive.com/aperture/ 44 KB
13 KB 129ms
31ms Script
application/javascript 130.211.29.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/aperture/aperture.js
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:00:54 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 12:20:28 GMT
server: nginx/1.10.1
age: 3168
etag: W/"62c8210c-ae3a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13453
via: 1.1 google

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

38 KB
12 KB

70ms
33ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA66A9AF3E8A4D64BA2DBA060C18703D Ref B: FRAEDGE1313 Ref C: 2022-08-16T06:53:42Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 16 Aug 2022 06:53:42 GMT
accept-ranges: bytes
content-length: 11367

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 85ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

http://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MCH9W

Protocol

HTTP/1.1

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 07:49:23 GMT
server: nginx
etag: W/"62bc0403-a792"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
expires: Wed, 17 Aug 2022 06:53:42 GMT

GET
H2

204

tags
us.creativecdn.com/ Frame 41F2
Redirect Chain

https://us.creativecdn.com/tags?id=pr_lka45gmj004uuAXQF1zT_home
https://us.creativecdn.com/tags?id=pr_lka45gmj004uuAXQF1zT_home&tc=1

0
0

146ms
146ms

Document
text/plain

185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags?id=pr_lka45gmj004uuAXQF1zT_home&tc=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MCH9W
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: http://52.87.179.242:8080/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 16 Aug 2022 06:53:42 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://us.creativecdn.com/tags?id=pr_lka45gmj004uuAXQF1zT_home&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary: Origin

GET
H/1.1 200
OK bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 0
516 B 872ms
215ms Image
image/png 52.95.164.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=56e9c7f78d0bf569f1aaf32b6386fb64&x-r=
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.164.14 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-sa-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:44 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id: 8CY63TEERQSAJQ0S
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: StB7yaH7kHNN161VXmUwEtxtYepza6pYs/f8gM7SRVfeW8uCYQMsa7tEG667310XQtMpMFdlUyI=

GET
H3 200 1669850683290563 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 61ms
60ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1669850683290563?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2dce99f06d1c45ccfd1780941cc84775df2bb5c251924c2405f2916a38412ea

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: AzFGfHwM+ci0urPkWOeVa6SgELStNOLPC1/g1E0y7oQLkAG5RR5kVESsQ3pN2QHaDhyE5syfHqTW+hw0V/JjVQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 16 Aug 2022 06:53:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660632822622
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5012292.js Show response
bat.bing.com/p/action/ 1 KB
842 B 176ms
175ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5012292.js

Requested by

Host: bat.bing.com
URL: http://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

253b5c39eae431524e0beab90c21cb8b2c4737048ebeb58b70d988d474d60390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 62FF0297EE744FA4A378E18CCFE003CA Ref B: FRAEDGE1313 Ref C: 2022-08-16T06:53:42Z
date: Tue, 16 Aug 2022 06:53:42 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
175 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5012292&Ver=2&mid=18084a00-c00d-4199-a80f-47d7ce439c02&sid=2a73a3b01d3011edbcb325bebf2a24e9&vid=2a73d2c01d3011ed8bb9b9e4359a2fca&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Estante%20Virtual%20-%20Estante%20Virtual&p=http%3A%2F%2F52.87.179.242%3A8080%2F&r=&lt=609&evt=pageLoad&sv=1&rn=575064

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C5422505AF914C0F8589640C75A4FA06 Ref B: FRAEDGE1313 Ref C: 2022-08-16T06:53:42Z
date: Tue, 16 Aug 2022 06:53:42 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 45ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1669850683290563&ev=PageView&dl=http%3A%2F%2F52.87.179.242%3A8080%2F&rl=&if=false&ts=1660632822655&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.3.1660632822654.1765034748&it=1660632822564&coo=false&rqm=GET

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 16 Aug 2022 06:53:42 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 08B2 15 KB
6 KB 54ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=52.87.179.242&origin=onetag

Requested by

Host: static.criteo.net
URL: http://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://52.87.179.242:8080/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 06:53:42 GMT
server-processing-duration-in-ticks: 3021
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 117ms
43ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=484925371&t=pageview&_s=1&dl=http%3A%2F%2F52.87.179.242%2F&ul=en-us&de=UTF-8&dt=Estante%20Virtual%20-%20Estante%20Virtual&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABQAAAAC~&jid=706309566&gjid=1534981850&cid=652554139.1660632823&tid=UA-2185116-5&_gid=1737506671.1660632823&_r=1&gtm=2wg8f05MCH9W&z=1198103274

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://52.87.179.242:8080
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 114ms
44ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=484925371&t=event&ni=0&_s=1&dl=http%3A%2F%2F52.87.179.242%2F&ul=en-us&de=UTF-8&dt=Estante%20Virtual%20-%20Estante%20Virtual&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Mapeamento%20de%20URL&ea=FORM_BUSCA_ENCODE_ISO&el=http%3A%2F%2F52.87.179.242%3A8080%2F&ev=0&_u=YEDAAEABQAAAAC~&jid=868542475&gjid=1308385663&cid=652554139.1660632823&tid=UA-2185116-1&_gid=1737506671.1660632823&_r=1&gtm=2wg8f05MCH9W&z=292821475

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://52.87.179.242:8080
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 106 KB
41 KB 117ms
50ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W532DGK&cid=652554139.1660632823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18dcf5874b8498089500af605b8cee9ccaf3364cf9014b7d89a79e2c6702a33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42438
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Aug 2022 06:53:42 GMT

POST
H2 200 jsdata Show response
cas.avalon.perfdrive.com/ 211 B
270 B 112ms
35ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 15a1cb92852b9f8d6950c9b9570dd495ceb432e7a31fd133fc722306b71552cd

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 0ms
date: Tue, 16 Aug 2022 06:53:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata Show response
cas.avalon.perfdrive.com/ 211 B
364 B 110ms
35ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 688205fc025902d06274a75404b3ca06e9c149d25ddb22d554f9921d7e050940

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 0ms
date: Tue, 16 Aug 2022 06:53:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata Show response
cas.avalon.perfdrive.com/ 211 B
270 B 109ms
36ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 21e47d451eafef9a67752a4f9fb5c01ca1f99061e0c24a4ed07b915de15026fd

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 0ms
date: Tue, 16 Aug 2022 06:53:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
content-type: text/plain; charset=UTF-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/996047437/ 2 KB
2 KB 136ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996047437/?random=1660632822697&cv=9&fst=1660632822697&num=1&label=jrEmCNPyhQQQzfT52gM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&ig=1&data=ecomm_prodid%3D%3Becomm_pagetype%3D%3Becomm_totalvalue%3D&frm=0&url=http%3A%2F%2F52.87.179.242%3A8080%2F&tiba=Estante%20Virtual%20-%20Estante%20Virtual&auid=570782698.1660632823&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39f1931f97d14eb2798878451a4295365c3a591d5e888bbdfc108790753fc5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1109
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 08B2
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=52.87.179.242&sn=ChromeSyncframe&so=0&topUrl=52.87.179.242&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=bX74_Hx3U0NCN3gxYlQ1NVl4cHpSQmdpaHdwazV1YjdSOGErRjBWUkJyUWwwbUR2QVFYWXB5UUR4VWRzVkNMeVZQWVlRUm0vWXM1c0pVU29vNUVEejNPWm4xR3g1anpsSVpqOVg2YllTQWI2WDlRMnJWbG1mM0Y4YlZHcT...

446 B
654 B

255ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bX74_Hx3U0NCN3gxYlQ1NVl4cHpSQmdpaHdwazV1YjdSOGErRjBWUkJyUWwwbUR2QVFYWXB5UUR4VWRzVkNMeVZQWVlRUm0vWXM1c0pVU29vNUVEejNPWm4xR3g1anpsSVpqOVg2YllTQWI2WDlRMnJWbG1mM0Y4YlZHcTJOVVRiQWVSTDB5Rk45UjA3dklKR0lXaEVlM0ljRllEZEtlOWhpNHhwbG1oLy9kZkpwQ1UrWHNTSStKVHdyQmhSNENzUEZoVTNCcGVsWlFlMTdzSEh3WWoxOHo0U2RySTBNUzRHQ2lrVkhlZFJBbHFyU3NVYjFTSHJxZTkxZDlzSFNaMHlFNUpBd3hPV0kwaUU0Y211eUdrbDloSjdyZz09fA&cppv=2

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c10374be2a5b982106346a42015c0a9e22b82645b3d065c59d059b6fcce50d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1338795
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:41 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=bX74_Hx3U0NCN3gxYlQ1NVl4cHpSQmdpaHdwazV1YjdSOGErRjBWUkJyUWwwbUR2QVFYWXB5UUR4VWRzVkNMeVZQWVlRUm0vWXM1c0pVU29vNUVEejNPWm4xR3g1anpsSVpqOVg2YllTQWI2WDlRMnJWbG1mM0Y4YlZHcTJOVVRiQWVSTDB5Rk45UjA3dklKR0lXaEVlM0ljRllEZEtlOWhpNHhwbG1oLy9kZkpwQ1UrWHNTSStKVHdyQmhSNENzUEZoVTNCcGVsWlFlMTdzSEh3WWoxOHo0U2RySTBNUzRHQ2lrVkhlZFJBbHFyU3NVYjFTSHJxZTkxZDlzSFNaMHlFNUpBd3hPV0kwaUU0Y211eUdrbDloSjdyZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1493
content-length: 541
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2185116-5&cid=652554139.1660632823&jid=706309566&gjid=1534981850&_gid=1737506671.1660632823&_u=YEBAAAAAQAAAAC~&z=2009125644

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Aug 2022 06:53:42 GMT
content-type: text/plain
access-control-allow-origin: http://52.87.179.242:8080
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2185116-1&cid=652554139.1660632823&jid=868542475&gjid=1308385663&_gid=1737506671.1660632823&_u=YEDAAEABQAAAAC~&z=159732975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Aug 2022 06:53:42 GMT
content-type: text/plain
access-control-allow-origin: http://52.87.179.242:8080
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5012292 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 189ms
115ms Script
application/x-javascript 2620:1ec:27::cafe:2093
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5012292
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5012292.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2093 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9f6ad11900dc6a2a9c3ab73dff8d6e6c5a6fbb857c5d7a5414be4639dd5a21e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
x-powered-by: ASP.NET
x-azure-ref: 09j77YgAAAAAs2ykH8MOkT7d6c5qfNWFnTVVDMzBFREdFMDYyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
content-length: 1539
expires: -1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 43ms
42ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=484925371&t=pageview&_s=1&dl=http%3A%2F%2F52.87.179.242%2F&ul=en-us&de=UTF-8&dt=Estante%20Virtual%20-%20Estante%20Virtual&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=2022508267&gjid=294600306&cid=652554139.1660632823&tid=UA-2185116-1&_gid=1737506671.1660632823&_r=1&_slc=1&cd1=Visitante&cd11=(not%20set)&cd13=(not%20set)&cg1=Home&z=841461948

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://52.87.179.242:8080
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/996047437/ 42 B
154 B 198ms
52ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/996047437/?random=1660632822697&cv=9&fst=1660629600000&num=1&label=jrEmCNPyhQQQzfT52gM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&data=ecomm_prodid%3D%3Becomm_pagetype%3D%3Becomm_totalvalue%3D&frm=0&url=http%3A%2F%2F52.87.179.242%3A8080%2F&tiba=Estante%20Virtual%20-%20Estante%20Virtual&async=1&fmt=3&is_vtc=1&random=2852633879&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/996047437/ 42 B
154 B 196ms
51ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/996047437/?random=1660632822697&cv=9&fst=1660629600000&num=1&label=jrEmCNPyhQQQzfT52gM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&data=ecomm_prodid%3D%3Becomm_pagetype%3D%3Becomm_totalvalue%3D&frm=0&url=http%3A%2F%2F52.87.179.242%3A8080%2F&tiba=Estante%20Virtual%20-%20Estante%20Virtual&async=1&fmt=3&is_vtc=1&random=2852633879&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 193ms
52ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2185116-5&cid=652554139.1660632823&jid=706309566&_u=YEBAAAAAQAAAAC~&z=1100399578

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 194ms
53ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2185116-5&cid=652554139.1660632823&jid=706309566&_u=YEBAAAAAQAAAAC~&z=1100399578

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 189ms
48ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2185116-1&cid=652554139.1660632823&jid=868542475&_u=YEDAAEABQAAAAC~&z=195315616

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 190ms
49ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2185116-1&cid=652554139.1660632823&jid=868542475&_u=YEDAAEABQAAAAC~&z=195315616

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 55ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2185116-1&cid=652554139.1660632823&jid=2022508267&gjid=294600306&_gid=1737506671.1660632823&_u=aGDAAEADQAAAAC~&z=103339486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Aug 2022 06:53:42 GMT
content-type: text/plain
access-control-allow-origin: http://52.87.179.242:8080
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 62ms
56ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2185116-1&cid=652554139.1660632823&jid=2022508267&_u=aGDAAEADQAAAAC~&z=292988941

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 67ms
62ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2185116-1&cid=652554139.1660632823&jid=2022508267&_u=aGDAAEADQAAAAC~&z=292988941

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.39/ 53 KB
23 KB 113ms
112ms Script
application/javascript 2620:1ec:27::cafe:2093
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.39/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5012292
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2093 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: br
etag: "1d8b099e3740ca1"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 09j77YgAAAACm8qpMlQJvTJYypFznlmagTVVDMzBFREdFMDYyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=26226&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=rJnCdF9vQ2ZScWtnNkkxNWg3VktrJTJGeHpGeSUyQkFUOTkwdTFCcW5G...
https://widget.us.criteo.com/event?a=26226&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=rJnCdF9vQ2ZScWtnNkkxNWg3VktrJTJGeHpGeSUyQkFUOTkwdTFCcW5G...

9 KB
4 KB

311ms
110ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=26226&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=rJnCdF9vQ2ZScWtnNkkxNWg3VktrJTJGeHpGeSUyQkFUOTkwdTFCcW5GVWZrJTJGSGdoWTgxbUkxcnd6TVlGJTJGem5TSzRJamFsSDdjZ1NFVTlKWmtxaiUyQmFYazVVNjhRUGZnS0R4V29kJTJCUHppZVhrODZaOWcyV2o3S0tsYSUyQktDOWlvJTJGWFE3M1Z1ZmZmdldDWlIxJTJGZWRzdG9ZNlVtWFFpQWclM0QlM0Q&tld=52.87.179.242&fu=http%253A%252F%252F52.87.179.242%253A8080%252F&dtycbr=76057

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

776dd02661b073e78103a968769ea46a8ceaeee3e48f663f4362e154a7c02f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 17534707
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: gzip
server: Kestrel
location: https://widget.us.criteo.com/event?a=26226&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=rJnCdF9vQ2ZScWtnNkkxNWg3VktrJTJGeHpGeSUyQkFUOTkwdTFCcW5GVWZrJTJGSGdoWTgxbUkxcnd6TVlGJTJGem5TSzRJamFsSDdjZ1NFVTlKWmtxaiUyQmFYazVVNjhRUGZnS0R4V29kJTJCUHppZVhrODZaOWcyV2o3S0tsYSUyQktDOWlvJTJGWFE3M1Z1ZmZmdldDWlIxJTJGZWRzdG9ZNlVtWFFpQWclM0QlM0Q&tld=52.87.179.242&fu=http%253A%252F%252F52.87.179.242%253A8080%252F&dtycbr=76057
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2529138
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK siteseal_gd_3_h_d_m.gif
seal.godaddy.com/images/3/pt-BR/ 5 KB
5 KB 155ms
155ms Image
image/gif 173.201.249.4
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal.godaddy.com/images/3/pt-BR/siteseal_gd_3_h_d_m.gif
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.249.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-249-4.ip.secureserver.net
Software: Apache /
Resource Hash: 572970199206479b3c2fa5574b0efe1ce9ef9c5d0a99f5c15f23d4f9cc5addc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
Cache-Control: max-age=86400
Expires: Wed, 17 Aug 2022 06:53:43 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 5046
Content-Type: image/gif

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1669850683290563&ev=Microdata&dl=http%3A%2F%2F52.87.179.242%3A8080%2F&rl=&if=false&ts=1660632823159&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%5Cn%20%20%20%20%20%20Estante%20Virtual%5Cn%20%20%20%20%5Cn%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20-%20Estante%20Virtual%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%5Cn%20%20%22%2C%22meta%3Adescription%22%3A%22Estante%20Virtual%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Estante%20Virtual%22%2C%22og%3Adescription%22%3A%22Estante%20Virtual%22%2C%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.estantevirtual.com.br%2F%22%2C%22og%3Asite_name%22%3A%22Estante%20Virtual%22%2C%22article%3Apublished_time%22%3A%22None%22%2C%22article%3Amodified_time%22%3A%22None%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.3.1660632822654.1765034748&it=1660632822564&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: 52.87.179.242
URL: http://52.87.179.242:8080/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 16 Aug 2022 06:53:43 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
176 B 300ms
100ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://52.87.179.242:8080/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: http://52.87.179.242:8080
date: Tue, 16 Aug 2022 06:53:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=95643508BAD84D949111AD2E4918A078&RedC=c.clarity.ms&MXFR=2D615534161C6FEA15E04736121C616B
https://c.clarity.ms/c.gif?CtsSyncId=95643508BAD84D949111AD2E4918A078&MUID=05B1CAF4567167703254D8F657A36666

42 B
369 B

29ms
29ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=95643508BAD84D949111AD2E4918A078&MUID=05B1CAF4567167703254D8F657A36666
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:42 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A04DF3EB6D7046788617038C4D832840 Ref B: FRAEDGE1313 Ref C: 2022-08-16T06:53:43Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=95643508BAD84D949111AD2E4918A078&MUID=05B1CAF4567167703254D8F657A36666
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK estantevirtual.js Show response
www.oppuz.com/script/ 182 KB
59 KB 249ms
101ms Script
application/javascript 20.121.215.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.oppuz.com/script/estantevirtual.js
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: HTTP/1.1
Server: 20.121.215.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: c6a85f8f129e296562db16c9352b627b622fe64f29015ad4131a1d49f9ddcd97

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
content-encoding: gzip
x-envoy-decorator-operation: omnitracker.api.svc.cluster.local:80/*
last-modified: Mon, 15 Aug 2022 12:58:26 GMT
server: istio-envoy
etag: W/"62fa42f2-2d8b1"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
cache-control: max-age=1800, must-revalidate
x-envoy-upstream-service-time: 6
Connection: keep-alive

GET
H2 200 pushnews.min.js Show response
cdn.pn.vg/c/estantevirtual/ 2 KB
1 KB 70ms
24ms Script
application/javascript 2606:4700:3035::6815:3249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/c/estantevirtual/pushnews.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MCH9W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5876b7a68604975d2c435933d5eedb9da71835d804972fb893536abe9fcdced1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
via: 1.1 03e8784cc6fbcd65ff743e9f537e8e88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2287
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 09:37:33 GMT
server: cloudflare
etag: W/"3f2c49f7302a691ae76d5b63c39f341f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aObN5H0CVs8RBnzqqmgsOyvd9j%2BsvMC5mSEawVfsIPB1BSO0nBrMN3%2BMzgFeg0IlM55mo9xw5LMkOJCJBwTk3ND%2B6lAuboLSakIdqEHwvxatj6NWNxuwORJ0Uk4WmfFf6DNpELPH7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: LAX3-C3
cf-ray: 73b8412b9b389bc5-FRA
x-amz-cf-id: ZOOQXDNtWYlSxHjaEHtnCb_Stvm0CWTv7Md2zvgSKZNh9yNWL5Vpgg==

GET
H2 204 tags
us.creativecdn.com/ Frame 9540 0
0 146ms
146ms Document
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://us.creativecdn.com/tags?type=iframe&id=pr_lka45gmj004uuAXQF1zT&id=pr_lka45gmj004uuAXQF1zT_lid_8XCIMZlHouwkZ4IQbkIU&su=http%3A%2F%2F52.87.179.242%3A8080%2F&sr=&ts=1660632823564
Requested by: Host: 52.87.179.242
URL: http://52.87.179.242:8080/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Referer: http://52.87.179.242:8080/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/996047437/ 2 KB
1 KB 134ms
60ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996047437/?random=1660632823566&cv=9&fst=1660632823566&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&ig=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=http%3A%2F%2F52.87.179.242%3A8080%2F&tiba=Estante%20Virtual%20-%20Estante%20Virtual&auid=570782698.1660632823&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6bc2bd2aceca4b6b2d9fafc7f87c800fdf502737d74ef027612991f5e172c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 0DEB
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-43qhoePqOSaSbBoEGTG4S5L-Woc5As8iDJNyZg&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-43qhoePqOSaSbBoEGTG4S5L-Woc5As8iDJNyZg&expires=30

43 B
495 B

8ms
8ms

Image
image/gif

3.127.193.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-43qhoePqOSaSbBoEGTG4S5L-Woc5As8iDJNyZg&expires=30
Protocol: HTTP/1.1
Server: 3.127.193.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-193-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-43qhoePqOSaSbBoEGTG4S5L-Woc5As8iDJNyZg&expires=30
Date: Tue, 16 Aug 2022 06:53:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0DEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-ZC8T2-PqOSaSbBoEGTG4S5L-Woe4gdHlr8mSyQ&google_cm&google_hm=ay1aQzhUMi1QcU9TYVNiQm9FR1RHNFM1TC1Xb2U0Z2RIb...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZC8T2-PqOSaSbBoEGTG4S5L-Woe4gdHlr8mSyQ&google_gid=CAESENoAZj3UG4ocSOcXbIkvzi4&google_cver=1&google_ula=913071,0

43 B
370 B

16ms
16ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZC8T2-PqOSaSbBoEGTG4S5L-Woe4gdHlr8mSyQ&google_gid=CAESENoAZj3UG4ocSOcXbIkvzi4&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1469570
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-ZC8T2-PqOSaSbBoEGTG4S5L-Woe4gdHlr8mSyQ&google_gid=CAESENoAZj3UG4ocSOcXbIkvzi4&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0DEB
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5780309395994256650

43 B
371 B

81ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5780309395994256650

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:42 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2219245
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 06:53:43 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 02f63142-eece-44da-84f5-5c3a0ee7555c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5780309395994256650
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame 0DEB
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-ywwO4uPqOSaSbBoEGTG4S5L-Wodfs6x74yg73A&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-ywwO4uPqOSaSbBoEGTG4S5L-Wodfs6x74yg73A&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=e66492...
https://cotads.adscale.de/ads/pixel/1by1.png?uid=ac6f1767ab7f6e89e07ef80dc15e3eec62b2a517a6a722483af5935d711e1548

321 B
699 B

46ms
7ms

Image
image/png

2600:9000:21f3:f000:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=ac6f1767ab7f6e89e07ef80dc15e3eec62b2a517a6a722483af5935d711e1548
Protocol: H2
Server: 2600:9000:21f3:f000:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 00:37:27 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b0.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 540977
etag: "c1ab48a971e5c1a7eae346346487762d"
x-cache: Hit from cloudfront
x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 321
x-amz-cf-id: mX_SgQQTRI6UBR2opQmWxdeXgtYLPry2rtJbWcbot1nE2yajc-g5IQ==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=ac6f1767ab7f6e89e07ef80dc15e3eec62b2a517a6a722483af5935d711e1548
date: Tue, 16 Aug 2022 06:53:43 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H3

200

rum
r.casalemedia.com/ Frame 0DEB
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iykxFePqOSaSbBoEGTG4S5L-Wodktykf8ZKFSA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iykxFePqOSaSbBoEGTG4S5L-Wodktykf8ZKFSA&C=1

43 B
941 B

53ms
35ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-iykxFePqOSaSbBoEGTG4S5L-Wodktykf8ZKFSA&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b8412c1b136963-FRA
pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l490b0WwU%2BOvTVoh4IVVX8vZ69X%2Bdz%2Bm7ZjxmtNT0Cmd4FgNFwYzM%2BkYx2xkey2wVX%2Bl%2Fwm2g3gtFnMw6Lr8MfRU8l3%2FNWFFbwaWsKUPxi4KZT675YlUqNsgr7uHaJijWl6V"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPwnDYNX3KfgBfpwtkti%2BobxUc%2FsqpR528OgZJikiTCUE9Ka9MHaIgPQEEUzmoiWSuOnrGYDKeOVKsLvHcY2HWS8mlQgfY7jPqbT1bMBjzwvUKgNSJuPf5xkWXxGO%2FdK31%2B%2B"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-iykxFePqOSaSbBoEGTG4S5L-Wodktykf8ZKFSA&C=1
cache-control: no-cache
cf-ray: 73b8412baa259244-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET match
ad.360yield.com/ Frame 0DEB 0
0

GET
H2 200 cksync.php
contextual.media.net/ Frame 0DEB 45 B
787 B 105ms
66ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-sVp3_OPqOSaSbBoEGTG4S5L-WofCkgo8uFf5CQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Tue, 16 Aug 2022 06:53:43 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 16 Aug 2022 06:53:43 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 0DEB 40 B
40 B 38ms
9ms Image
text/html 18.195.149.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-sKA33-PqOSaSbBoEGTG4S5L-WocERefA2c4ljg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.149.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-149-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 0DEB 0
145 B 433ms
84ms Image
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-B8RxduPqOSaSbBoEGTG4S5L-WofEkniQmCXp0Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 06:53:44 GMT
Cache-Control: no-cache
X-TraceId: 954001b790a2bb5902610e411203d4fe
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 0DEB 0
225 B 74ms
15ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-SKD2u-PqOSaSbBoEGTG4S5L-WodJSdzgsIqpww
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:42 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 0DEB 0
239 B 64ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-tk8aCuPqOSaSbBoEGTG4S5L-WodZJvAv306FUA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 0DEB 0
35 B 81ms
8ms Image
text/plain 52.57.48.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-5XesbePqOSaSbBoEGTG4S5L-Woefbpj_cSVV2g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.48.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-48-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 0DEB 43 B
163 B 215ms
18ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-YyXWhePqOSaSbBoEGTG4S5L-Wocj440pcjrD8A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0DEB 0
99 B 282ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-JbIkhOPqOSaSbBoEGTG4S5L-WofT_y_U9o6bZQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13681

GET
H2 200 um
criteo-sync.teads.tv/ Frame 0DEB 23 B
172 B 223ms
59ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-ZxCD8-PqOSaSbBoEGTG4S5L-Woe6dMxJFYNPIw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 16 Aug 2022 06:53:43 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 0DEB 37 B
140 B 167ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-lqg3quPqOSaSbBoEGTG4S5L-WoeiojwLyphDZg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 0DEB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VGGBi-PqOSaSbBoEGTG4S5L-Woc5u1p7u_f0nw
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VGGBi-PqOSaSbBoEGTG4S5L-Woc5u1p7u_f0nw&verify=true

0
121 B

12ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VGGBi-PqOSaSbBoEGTG4S5L-Woc5u1p7u_f0nw&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-VGGBi-PqOSaSbBoEGTG4S5L-Woc5u1p7u_f0nw&verify=true
date: Tue, 16 Aug 2022 06:53:43 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0DEB 0
522 B 150ms
15ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-4499d-PqOSaSbBoEGTG4S5L-WofvDnLDMcdYVw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 15 Aug 2022 06:53:43 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 0DEB 43 B
163 B 86ms
19ms Image
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-QfiK9ePqOSaSbBoEGTG4S5L-WoerJUmcycbfcA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
last-modified: Thu, 11 Apr 2019 06:08:57 GMT
server: nginx
accept-ranges: bytes
etag: "5caed9f9-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 0DEB 49 B
235 B 57ms
16ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-n3qFn-PqOSaSbBoEGTG4S5L-Woe57_57VctKhg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 0DEB
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=1Hz3dV1c7_H2Sj3Ppi77Nce-aOaN4FfY
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1Hz3dV1c7_H2Sj3Ppi77Nce-aOaN4FfY

42 B
948 B

31ms
31ms

Image
image/gif

54.77.35.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1Hz3dV1c7_H2Sj3Ppi77Nce-aOaN4FfY

Protocol

HTTP/1.1

Server

54.77.35.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-35-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v044-00dc34f34.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0voFKUYQSxk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v038-0081e3a6f.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: p9qAiy9ETzE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1Hz3dV1c7_H2Sj3Ppi77Nce-aOaN4FfY
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 0DEB 43 B
1 KB 36ms
7ms Image
image/gif 141.95.98.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-vyKw5OPqOSaSbBoEGTG4S5L-Woe2x0zuqilMWQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216577.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET 28292
i.liadm.com/s/ Frame 0DEB 0
0

GET
H3

200

sync
ad.sxp.smartclip.net/ Frame 0DEB
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-jw_rn-PqOSaSbBoEGTG4S5L-WocWzj71u7_3tQ
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-jw_rn-PqOSaSbBoEGTG4S5L-WocWzj71u7_3tQ&ang_testid=1

42 B
60 B

59ms
26ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-jw_rn-PqOSaSbBoEGTG4S5L-WocWzj71u7_3tQ&ang_testid=1
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:44 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 16 Aug 2022 06:53:43 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-jw_rn-PqOSaSbBoEGTG4S5L-WocWzj71u7_3tQ&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET sync
criteo-partners.tremorhub.com/ Frame 0DEB 0
0

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 0DEB 43 B
153 B 63ms
21ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-YZEoZOPqOSaSbBoEGTG4S5L-Wof2q13aeh6rbg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 06:53:43 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H3

200

4060ebd1-bef2-4326-ace5-d2f8f78400b5.js Show response
cdn.pn.vg/sites/
Redirect Chain

http://cdn.pn.vg/sites/4060ebd1-bef2-4326-ace5-d2f8f78400b5.js
https://cdn.pn.vg/sites/4060ebd1-bef2-4326-ace5-d2f8f78400b5.js

2 KB
2 KB

42ms
22ms

Script
text/javascript

2606:4700:3035::6815:3249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/4060ebd1-bef2-4326-ace5-d2f8f78400b5.js
Protocol: H3
Server: 2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99735bfe6e8d802ab5a60dc62b2fcfb69dea9870d7ede836bbf885d83e7203c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:44 GMT
via: 1.1 3cfda748f98e74eec52beba1aa788f80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2288
x-cache: Miss from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Aug 2021 20:48:03 GMT
server: cloudflare
etag: W/"ee8a3c147be8ec096e4d79a708caca12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUOlC8ziDU7x%2B%2B1RX3scMlVYVk6JW1AlHnRg%2BTQ7SObINtqVMK5o9P3akkwWCAqvIr3hfXMAy8%2Bo5HpeSqFZ4vhX3PE7VUjNwxlJ9vm%2FFVH2IBqK0km5s4u08bPIot%2FwCfUrn0ZHN5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-amz-cf-pop: IAD66-C2
cf-ray: 73b8412e1c469b5e-FRA
x-amz-cf-id: gEhGROCCldbLnIjIiMtZJtBeaVoZ5Tq_juGwfxgXEwxcazKUm-xe6g==

Redirect headers

Date: Tue, 16 Aug 2022 06:53:43 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sY1ejlxm%2BgdPmUosm7i03Y%2FQ5kXYXcNZK7JAe9ZGjHYjU0IsQUMPP1DyvJcQkRNfEKgBuD2ZTbPX7SjQJaJP7oSnBVJG2qpoVfAQeocC9Zzo%2Bf9oA2m7lvmrYOKEdVOyf8RGkrV0P8%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.pn.vg/sites/4060ebd1-bef2-4326-ace5-d2f8f78400b5.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: close
CF-RAY: 73b8412dd9a8bbbc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Tue, 16 Aug 2022 07:53:43 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/996047437/ 42 B
64 B 247ms
54ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/996047437/?random=1660632823566&cv=9&fst=1660629600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=http%3A%2F%2F52.87.179.242%3A8080%2F&tiba=Estante%20Virtual%20-%20Estante%20Virtual&async=1&fmt=3&is_vtc=1&random=1658190994&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/996047437/ 42 B
64 B 239ms
48ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/996047437/?random=1660632823566&cv=9&fst=1660629600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8f0&sendb=1&data=ecomm_prodid%3D%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=http%3A%2F%2F52.87.179.242%3A8080%2F&tiba=Estante%20Virtual%20-%20Estante%20Virtual&async=1&fmt=3&is_vtc=1&random=1658190994&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0DEB
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=g-rGtz7BicQhpU2xNFJyFnTLEv6b-m4o

0
338 B

114ms
29ms

Image
text/plain

52.18.211.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=g-rGtz7BicQhpU2xNFJyFnTLEv6b-m4o
Protocol: H2
Server: 52.18.211.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-211-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1660632823
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=g-rGtz7BicQhpU2xNFJyFnTLEv6b-m4o
date: Tue, 16 Aug 2022 06:53:42 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2790
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 0DEB 0
522 B 24ms
24ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-4499d-PqOSaSbBoEGTG4S5L-WofvDnLDMcdYVw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Aug 2022 06:53:43 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 15 Aug 2022 06:53:43 GMT

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 0DEB
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=t0BG24n5KIyPWregGgaJON7CR8jUBPjt

0
98 B

116ms
41ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=t0BG24n5KIyPWregGgaJON7CR8jUBPjt
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=t0BG24n5KIyPWregGgaJON7CR8jUBPjt
date: Tue, 16 Aug 2022 06:53:43 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2840
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET user_info.json
www.oppuz.com/ 0
0

GET owl.carousel.css
oppuz.azureedge.net/lib/owl-carousel/ 0
0

GET
H3 200 ilabspush.min.js
cdn.pn.vg/push/ 183 KB
50 KB 28ms
27ms Script
application/javascript 2606:4700:3035::6815:3249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: http://cdn.pn.vg/sites/4060ebd1-bef2-4326-ace5-d2f8f78400b5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://52.87.179.242:8080/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:44 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3800
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 09:31:14 GMT
server: cloudflare
etag: W/"66fe704e5a610762955cbe56f0d20a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8zRdGvmsT6N32SY%2BMxYjfC%2BQk6N0EeilS9wRCzuik%2FuvqJytq5HfnYSxJgYeiVUNmPVB3pdhBbkHmGeNVl5Xz7m7%2BgqIja67Rj92ZenN0FP5CtTAHWdtNsuIfC8dzRL7jDeTZszsXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 73b8412e4c799b5e-FRA
x-amz-cf-id: APtq3P2eZQ_z5iErDfEJ6P1dbPIVgyCwrq-_dFV5B3MV3UscFiy8wg==

GET sync
gum.criteo.com/ Frame 0DEB 0
0

GET 4060ebd1-bef2-4326-ace5-d2f8f78400b5.json
osp-assets.pn.vg/ 0
0

GET

/
52.87.179.242/pushnews-sw.js/
Redirect Chain

http://52.87.179.242:8080/pushnews-sw.js
https://52.87.179.242/pushnews-sw.js/

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.360yield.com
URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-bIQoK-PqOSaSbBoEGTG4S5L-WofZ35rYkIcqXw

Domain: i.liadm.com
URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-XaAAB-PqOSaSbBoEGTG4S5L-WoditvO0-qmLKA

Domain: criteo-partners.tremorhub.com
URL: https://criteo-partners.tremorhub.com/sync?UICR=k-1804pePqOSaSbBoEGTG4S5L-WodOIPIMiDUNBw

Domain: www.oppuz.com
URL: https://www.oppuz.com/user_info.json

Domain: oppuz.azureedge.net
URL: http://oppuz.azureedge.net/lib/owl-carousel/owl.carousel.css

Domain: gum.criteo.com
URL: https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40

Domain: osp-assets.pn.vg
URL: https://osp-assets.pn.vg/4060ebd1-bef2-4326-ace5-d2f8f78400b5.json

Domain: 52.87.179.242
URL: https://52.87.179.242/pushnews-sw.js/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
52.87.179.242/	1970-01-20 07:26:48	Name: _gcl_au Value: 1.1.570782698.1660632823
.bing.com/	1970-01-20 14:38:48	Name: MUID Value: 05B1CAF4567167703254D8F657A36666
52.87.179.242/	1970-01-20 05:18:39	Name: _uetsid Value: 2a73a3b01d3011edbcb325bebf2a24e9
52.87.179.242/	1970-01-20 14:38:48	Name: _uetvid Value: 2a73d2c01d3011ed8bb9b9e4359a2fca
52.87.179.242/	1970-01-20 07:26:48	Name: _fbp Value: fb.3.1660632822654.1765034748
52.87.179.242/	1970-01-20 05:17:12	Name: _gat_UA-2185116-5 Value: 1
52.87.179.242/	1970-01-20 14:53:12	Name: _ga Value: GA1.1.652554139.1660632823
52.87.179.242/	1970-01-20 05:18:39	Name: _gid Value: GA1.1.1737506671.1660632823
52.87.179.242/	1970-01-20 05:17:12	Name: _gat_UA-2185116-1 Value: 1
.criteo.com/	1970-01-20 14:38:48	Name: uid Value: 7b0f260c-aee0-4d87-9071-de9664fac182
52.87.179.242/	1970-01-20 09:36:24	Name: __ssuzjsr2 Value: a9be0cd8e
52.87.179.242/	1970-01-20 09:36:24	Name: __uzmaj2 Value: b86c2e2a-5d56-4388-b2f1-a33675b593f4
52.87.179.242/	1970-01-20 09:36:24	Name: __uzmbj2 Value: 1660632822
52.87.179.242/	1970-01-20 09:36:24	Name: __uzmcj2 Value: 674941028877
52.87.179.242/	1970-01-20 09:36:24	Name: __uzmdj2 Value: 1660632822
.creativecdn.com/	1970-01-20 14:02:48	Name: u Value: zj07LVPn7SZ5EmnYECQ1
.creativecdn.com/	1970-01-20 14:02:48	Name: ts Value: 1660632822
www.clarity.ms/	1970-01-20 14:02:48	Name: CLID Value: fbc1e7cac3dd4d6a81373ad93cb07694.20220816.20230816
52.87.179.242/	1970-01-20 14:46:36	Name: cto_bundle Value: rJnCdF9vQ2ZScWtnNkkxNWg3VktrJTJGeHpGeSUyQkFUOTkwdTFCcW5GVWZrJTJGSGdoWTgxbUkxcnd6TVlGJTJGem5TSzRJamFsSDdjZ1NFVTlKWmtxaiUyQmFYazVVNjhRUGZnS0R4V29kJTJCUHppZVhrODZaOWcyV2o3S0tsYSUyQktDOWlvJTJGWFE3M1Z1ZmZmdldDWlIxJTJGZWRzdG9ZNlVtWFFpQWclM0QlM0Q
52.87.179.242/	1970-01-20 14:02:48	Name: _clck Value: ddefb1\|1\|f42\|0
52.87.179.242/	1970-01-20 05:18:39	Name: _clsk Value: 4f3q70\|1660632823514\|1\|0\|b.clarity.ms/collect
.adscale.de/	1970-01-20 13:59:28	Name: uu Value: e66492c36e9745bc9ad4f09bb81f5297
.adscale.de/	1970-01-20 13:59:28	Name: cct Value: 1660632823602
.adnxs.com/	1970-01-20 07:26:48	Name: uuid2 Value: 5780309395994256650
.ih.adscale.de/	1970-01-20 13:59:28	Name: tu Value: 4#1905873887#40~k-ywwO4uPqOSaSbBoEGTG4S5L-Wodfs6x74yg73A~461286~0~0
.bidswitch.net/	1970-01-20 14:02:48	Name: tuuid Value: aac4177f-74e8-45f8-a850-67ef0a4793cc
.bidswitch.net/	1970-01-20 14:02:48	Name: c Value: 1660632823
.bidswitch.net/	1970-01-20 14:02:48	Name: tuuid_lu Value: 1660632823
.casalemedia.com/	1970-01-20 14:02:48	Name: CMID Value: Yvs.95T-mbhXJSKStxRQjgAA
.casalemedia.com/	1970-01-20 07:26:48	Name: CMPS Value: 5136
.casalemedia.com/	1970-01-20 07:26:48	Name: CMPRO Value: 5136
exchange.mediavine.com/	1970-01-20 05:37:22	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%222b136340-1d30-11ed-b44c-49c87ccdd0dc%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 05:37:22	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%222b136340-1d30-11ed-b44c-49c87ccdd0dc%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 05:37:22	Name: criteo Value: %7B%22id%22%3A%22k-sKA33-PqOSaSbBoEGTG4S5L-WocERefA2c4ljg%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-20 14:02:48	Name: visitor-id Value: 3036344238397035000V10
.media.net/	1970-01-20 06:00:24	Name: data-c-ts Value: 1660632823
.media.net/	1970-01-20 06:00:24	Name: data-c Value: k-sVp3_OPqOSaSbBoEGTG4S5L-WofCkgo8uFf5CQ~~3
.doubleclick.net/	1970-01-20 14:38:48	Name: IDE Value: AHWqTUlnb5UbmmR3S78BkZsoITgVYA24wDumqcuWuOlSb8gDQe1qHeNaLgC4h93BK-c
.casalemedia.com/	1970-01-20 07:26:48	Name: CMTS Value: 1186
.demdex.net/	1970-01-20 09:36:24	Name: demdex Value: 03439177532908033381018864541894477335
.c.bing.com/	1970-01-20 14:38:48	Name: SRM_B Value: 05B1CAF4567167703254D8F657A36666
.dpm.demdex.net/	1970-01-20 09:36:24	Name: dpm Value: 03439177532908033381018864541894477335
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:38:48	Name: MUID Value: 05B1CAF4567167703254D8F657A36666
.c.clarity.ms/	1970-01-20 05:17:13	Name: ANONCHK Value: 0
.yahoo.com/	1970-01-20 14:03:10	Name: A3 Value: d=AQABBPc--2ICELinDwEWLoPMKOm_H3qFHiQFEgEBAQGQ_GIFYwAAAAAA_eMAAA&S=AQAAAiC2VXZ5Mx_uMbvjHysutTI
.yieldlab.net/	1970-01-20 14:02:48	Name: id Value: e4171404-9258-46fb-8374-61e0d72887b8
.analytics.yahoo.com/	1970-01-20 14:02:48	Name: IDSYNC Value: 18zh~26m6
.krxd.net/	1970-01-20 09:36:24	Name: _kuid_ Value: PBWOes-X
.id5-sync.com/	1970-01-20 05:17:13	Name: cf Value:
.id5-sync.com/	1970-01-20 05:17:13	Name: cip Value:
.id5-sync.com/	1970-01-20 05:17:13	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:17:13	Name: car Value:
.id5-sync.com/	1970-01-20 05:17:13	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:17:13	Name: callback Value:
.sxp.smartclip.net/	1970-01-20 06:00:24	Name: uuid Value: bc662c7c-f73e-fb62-1cfe-e74c5cf5b3d5
.sxp.smartclip.net/	1970-01-20 06:00:24	Name: dspuuid Value: 69.k-jw_rn-PqOSaSbBoEGTG4S5L-WocWzj71u7_3tQ
.sxp.smartclip.net/	1970-01-20 06:00:24	Name: psyn Value: 19220.69
.360yield.com/	1970-01-20 07:26:48	Name: tuuid Value: 9c2f52e6-bc1b-40f6-92a0-c9e105b729b7
.360yield.com/	1970-01-20 07:26:48	Name: tuuid_lu Value: 1660632824
.liadm.com/	1970-01-20 14:53:12	Name: lidid Value: 7f990d83-c102-4229-b08e-95aca7050889
.oppuz.com/	1970-01-20 14:02:48	Name: user_id Value: 62fb3ef86f6d6e0785000006

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://imgs.ebit.com.br/ebitBR/selo-ebit/js/getSelo.js?32958 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=t0BG24n5KIyPWregGgaJON7CR8jUBPjt Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

52.87.179.242
a.twiago.com
ad.360yield.com
ad.sxp.smartclip.net
ad.yieldlab.net
apis.google.com
b.clarity.ms
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cas.avalon.perfdrive.com
cdn.perfdrive.com
cdn.pn.vg
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
contextual.media.net
cotads.adscale.de
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d1h6ttu91q164y.cloudfront.net
d1pkzhm5uq4mnt.cloudfront.net
d2da0u06q4mna7.cloudfront.net
d3bzgzmzgpxbap.cloudfront.net
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
imgs.ebit.com.br
match.sharethrough.com
mug.criteo.com
oppuz.azureedge.net
osp-assets.pn.vg
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s3-sa-east-1.amazonaws.com
seal.godaddy.com
simage2.pubmatic.com
sslwidget.criteo.com
stackpath.bootstrapcdn.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
us.creativecdn.com
use.fontawesome.com
visitor.omnitagjs.com
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.oppuz.com
x.bidswitch.net
52.87.179.242
ad.360yield.com
criteo-partners.tremorhub.com
gum.criteo.com
i.liadm.com
oppuz.azureedge.net
osp-assets.pn.vg
www.oppuz.com
104.18.18.126
104.96.128.226
108.138.7.127
13.225.84.116
13.225.84.147
13.248.245.213
130.211.29.114
141.226.228.48
141.95.98.71
142.250.186.162
142.250.74.194
173.201.249.4
178.250.0.163
178.250.2.146
178.250.2.151
18.156.0.31
18.195.149.35
185.184.10.30
185.255.84.152
185.64.189.110
185.86.139.115
2.18.235.93
2.18.79.140
20.121.215.159
20.234.93.27
20.75.32.255
2001:4de0:ac18::1:a:2a
2600:9000:20eb:4c00:15:6398:1c40:21
2600:9000:21f3:7000:4:13ab:6e40:21
2600:9000:21f3:f000:1b:832b:ac00:93a1
2606:4700:3033::6815:3f36
2606:4700:3035::6815:3249
2606:4700::6811:180e
2606:4700::6812:bcf
2620:1ec:27::cafe:2093
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9b
2a02:2638::1c
2a02:2638::3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.127.193.182
35.186.194.101
35.241.15.240
35.244.174.68
37.157.6.241
37.252.173.22
52.18.211.80
52.57.43.180
52.57.48.124
52.87.179.242
52.95.164.14
54.77.35.16
64.202.112.31
69.173.144.165
74.119.119.150
85.215.5.31
96.16.132.239
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba
0f230e923c1b3803f0617015b2a0ab31286a14ca8c1cac61a675182b8e9250dc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115ea8ccc77135e889658e3922a3ce4747db8cd8a9ffc82286d4b48c771c4da0
15a1cb92852b9f8d6950c9b9570dd495ceb432e7a31fd133fc722306b71552cd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18dcf5874b8498089500af605b8cee9ccaf3364cf9014b7d89a79e2c6702a33b
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924
1f937bc569e7b507c80c572d605133e1da3b69d195313f748764fd779300848e
21e47d451eafef9a67752a4f9fb5c01ca1f99061e0c24a4ed07b915de15026fd
23137404345a54c399ac054a43541094634f5762f3bd819a63a62120fa67c188
253b5c39eae431524e0beab90c21cb8b2c4737048ebeb58b70d988d474d60390
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
328300f81173334ea632bed311c374f4a4d057b0d30c5bf857888128bddb0732
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
337c7e5f7502a52d6dc5a1bf7dabf32cda67ba12efc5d64a19b4a602643e4887
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
39f1931f97d14eb2798878451a4295365c3a591d5e888bbdfc108790753fc5d2
443ce45429d9fc1ddba545f98f34cc4706ef56c62f3ba7e5f473897e8cf81c85
4738cd0daa1d2999cb9c63b69d181b8735b85c6077d3067badb362495cb3b80e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef9b62e0cc470658cfc23e9007a9d7b15f8a5623d087f3fa4b6115b67be7376
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
52e051d93279e14d8f19a0c8fb12c0ad0e5594e7621cd8db8212bd5ffece86d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
572970199206479b3c2fa5574b0efe1ce9ef9c5d0a99f5c15f23d4f9cc5addc2
5737f9841b2b61b7bf82ae71235fa863acb43a42ae782eadea183e40173fb946
5876b7a68604975d2c435933d5eedb9da71835d804972fb893536abe9fcdced1
5c10374be2a5b982106346a42015c0a9e22b82645b3d065c59d059b6fcce50d0
61de170a13e64e84b82cb6de4b6a06a0a2578e249663723bfcca8e7925ae57cc
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
688205fc025902d06274a75404b3ca06e9c149d25ddb22d554f9921d7e050940
69d776d65aa27596857008e9762d926ba60349c39280d5044890c8885474e166
6b7f9f189f5a3339a8b5073ffbac3f75668e5df80d19373708f6fc64327d79f4
6e4165b1d4e75b2916f1ccc80a30cd1699a1765be8bbfce5d198340e3398093a
6ecc7ff141ea49de7f894e94b609d906a8e9dbc0dfa2df4d364adc95a555366b
70a71b256810bb0ab4d8e9235d1a05a019305532de7f175bb11d2f87f14e94ae
7481f36895ec134b0434967a303c5922eaefe3b53fdad43e6c27aa3595299790
776dd02661b073e78103a968769ea46a8ceaeee3e48f663f4362e154a7c02f0d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
907d868ae4ceaf2c20aaeac3b0372907be11208329737e990643676c99f57853
99735bfe6e8d802ab5a60dc62b2fcfb69dea9870d7ede836bbf885d83e7203c1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f6ad11900dc6a2a9c3ab73dff8d6e6c5a6fbb857c5d7a5414be4639dd5a21e6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18622541b41abaac585a159a8200d9d3775256fb93f0c98ea7692d240fb38bc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
adbbb1570f134e34309f6335b650f8704232d270f25624283a8b56ea48236e57
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2dce99f06d1c45ccfd1780941cc84775df2bb5c251924c2405f2916a38412ea
b8bb2423a232a4594c7170c81816fa7b58ebc29a7abd79ebe699960819d11578
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c6a85f8f129e296562db16c9352b627b622fe64f29015ad4131a1d49f9ddcd97
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d0791a9a84e18e2d90b9e6f99a078780f172c8a04f4fac8d9be5bd4fd3c27b3d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bc2bd2aceca4b6b2d9fafc7f87c800fdf502737d74ef027612991f5e172c12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f70e22adf0ae6a037f66cb815bf64a33b2da2ff9afaee90245c59bf457b07670

52.87.179.242 Open in urlscan Pro 52.87.179.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

111 Requests

63 %HTTPS

34 %IPv6

55 Domains

71 Subdomains

62 IPs

12 Countries

1255 kBTransfer

3074 kBSize

62 Cookies

0 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

52.87.179.242 Open in urlscan Pro
52.87.179.242 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

63 %
HTTPS

34 %
IPv6

55
Domains

71
Subdomains

62
IPs

12
Countries

1255 kB
Transfer

3074 kB
Size

62
Cookies

111 HTTP transactions
0 data transactions