aapka-msg.com Open in urlscan Pro
2606:4700:e4::ac40:ab0f Public Scan

Go To Rescan
Add Verdict Report

URL:
http://aapka-msg.com/s1/?n=CHIMI&t=w
Submission: On December 25 via manual (December 25th 2022, 1:41:15 am UTC) from CL — Scanned from DE

Summary HTTP 99 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 14 domains to perform 99 HTTP transactions. The main IP is 2606:4700:e4::ac40:ab0f, located in United States and belongs to CLOUDFLARENET, US. The main domain is aapka-msg.com.

This is the only time aapka-msg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:e4:... 2606:4700:e4::ac40:ab0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
14	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	62.144.160.15 62.144.160.15	12312 (ECOTEL) (ECOTEL)
7	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
99	23

21 2606:4700:e4::ac40:ab0f (United States)

ASN13335 (CLOUDFLARENET, US)

aapka-msg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 62.144.160.15 (Düsseldorf, Germany) 2 redirects

ASN12312 (ECOTEL, DE)

ssl.hurra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	criteo.net static.criteo.net — Cisco Umbrella Rank: 637 pix.eu.criteo.net — Cisco Umbrella Rank: 7930 csm.eu.criteo.net — Cisco Umbrella Rank: 8005	154 KB
21	aapka-msg.com aapka-msg.com	297 KB
18	googlesyndication.com a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	77 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12162 ads.eu.criteo.com — Cisco Umbrella Rank: 7675 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9848	84 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192	168 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 304	33 KB
4	hurra.com 2 redirects ssl.hurra.com — Cisco Umbrella Rank: 80264	725 B
4	gstatic.com fonts.gstatic.com	62 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	14 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	94 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5481	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	43 KB
99	14

	Domain	Requested by
21	aapka-msg.com	aapka-msg.com
14	static.criteo.net	ads.eu.criteo.com
9	tpc.googlesyndication.com	a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	pix.eu.criteo.net	ads.eu.criteo.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	securepubads.g.doubleclick.net	aapka-msg.com securepubads.g.doubleclick.net
5	fonts.googleapis.com	aapka-msg.com cdnjs.cloudflare.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	ssl.hurra.com	2 redirects ads.eu.criteo.com
4	fonts.gstatic.com	fonts.googleapis.com
3	a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	cdnjs.cloudflare.com	aapka-msg.com ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	www.googletagservices.com	a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
2	ads.eu.criteo.com	a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
2	rtb.nl.eu.criteo.com	aapka-msg.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	www.googletagmanager.com	aapka-msg.com
1	ajax.googleapis.com	aapka-msg.com
99	22

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://aapka-msg.com/s1/?n=CHIMI&t=w
Frame ID: F6DB0BD22F40F435B529B5B92FB1A3E0
Requests: 40 HTTP requests in this frame

Frame: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8303E737E4A4F4D41118E417D8F2CDD
Requests: 1 HTTP requests in this frame

Frame: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 233DC7A29920863C274DE7A510BC0FE4
Requests: 9 HTTP requests in this frame

Frame: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD72C8A9CCB7CC32074A4B3D60D558CA
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6eqNAAHFvYHg4fRAAfqeKiZCHbEyeaUNX3BaA&u=%7CpWY5oGYPhSYu5k5UOetuDD6DmPDu%2FhCZYem%2BFbzhQp8%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOX0E50AIrFIjEPFuRnRWdG9mmJNHSfraqLusH4Be9Tm1i_-tDSjiS38y_2gKfAN-oPqcDBN2lQG_AbVbRxPBgdaOIXSI4ZXiODDZi9BL_QYfCgsR95YchgDETwwwuIb1elWYJw2S0HtYnBObdwrRLPZHczfJI_8ZeqtepIJuUmUZrpoli-yiQV50QBzbtiOaK7U4lEWiuhUJeOQoNHOe16MzgqiwF4WkIkjT2WcOamfZkbxVQhRUheNaX9e5VrWkfYwykNS2Pgs3wxlY4VlJEO4yEjWDAQjjCKMkFFEI-85Fz-ki7uloKZ4cMBbjbIsDXTcMFs_HKaRlbHh3IcLWjazIcrwLh0b004LewZ-1Sj2Raw1vL6531t-AZsXXTkC0PVrdyW29tUKNjkbMYK3wD__g9uKWFYV8FsewMcaJKsJDEZMfqzLGjF3ALq5uREloMYWudbkExT7bopofko2IuqVije3o6-8Yaxdu-El7RAYaOCJK8OvGUEDsLGsGEf-5T-idQtygzZtGkMBtYm7jKpFkxq7W9rP6Paoww2XrfMkEE-G0dzbKNw0Yn_MOhQU5zrt0jgAnJhTPsGRNnc5zZmBQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCq7nYNKqnY_atHNGPjuwP-NSfwAHJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTc2ODQ0MTIwMjIwODk1NTHIAQmpAmx_3a8j0LE-4AIAqAMBqgSEAk_Q3mm68JsWF8-rMmJi0L0f1PzwjQMsMgC0_PWr3RopPtMQF_SYdApeIIkxeQRapzQPGXp3zQpLG9LhBf7MKn_56DEY62uHuQJ8cVTz1CWoL3giD3jh1RhjRJYalOe_KMb-bQyjIVxILRKpCkTFiPMoHi7fHvcJTJPQSMnzslpSCS0k8uNKdpVbfptSFCugcZNAwCgHKG4h56yBeTUTo9emSVHYhg9q2ivuuonxuAqnTleSwPocQdOt4ngcq6KtUyntAA-93Ip1uWfuZLvEH4Hb56tepSHMvYbkAssHqcykGkcs8D_bPx-dQ5ST8Wd1QzfjH8SzFpfcHM2OJdnl6NnW0Zp14AQBgAaHjY3bzaDM3PQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_kL57zn4lbQ5VpK48MhStFd6H-w%26client%3Dca-pub-7684412022089551%26adurl%3D
Frame ID: 3B2D1BD7E208DE1A18B11191A5825569
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6eqNAAHFvUHg4fRAAfqeAvVWE9tAkdsxCQCNw&u=%7CpWY5oGYPhSYM7LgL6HAzzPCxYgoMmQfd2wwTrijEiCM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLd-jZl3qQeDzohnROYWRjJmg0tHessjlH1LiptfEcvzSDEYYeAq1qeII61cvfGkXkqnFJg4XKRKZ8-Jdc-G-Ham3rMcq7maWnmKQNWEQWZAx-nfW1M6z3BMXfZ1CYYDO0ZAiNiYVtCAcxrMAqn2k_jkQvue_qvp1TPsJg3roMZaj81lDlpQ1UOZC2nFLp1tH1IX5kJHuNdEYxAR0ZUp4bkZ0VIR-5k7W2hzzxh_v12oiB0_xtDf8nPTGdmX6i9fCZBQM4sorjuiQycblhavV8-zrsAb_89PBpfWrEuQvS0hgmkljX0ClixDESN6CDnF5XNbK3AEdA5baX_Bz1GSBAo5i0Uc1BCgKuQygC7vw7RI018TXneRlvoDAb0K0qq85U5dNL2R5ANId9w8xYBSO8R16OHMaNn0Qxo2WQiIfyr_TmylT22Q38Z9RZJjKOlop35RkoslrqB-GN5DMQZa1JCAS-1ahwi3m6wegv7rrJ7-I6RvPAXWW-h0Waao6AsFjzPmf-VOq55gGwHRfyGH0SdEJWPG7k45SaODAI5ROi4lXcwIUQy1gi7EzIaddWZ4OY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzXyNKqnY_WtHNGPjuwP-NSfwAHJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTc2ODQ0MTIwMjIwODk1NTHIAQmpAmx_3a8j0LE-4AIAqAMBqgSMAk_QC_bjTtVE_lLES7pHONmKVvgRgdhCTvl-wdEi8Ca8XVdrBpRpjp52w52ub_JhGJtRZHz4_zuY2eBDTRlcSBkRWL8FjhAImrXHaW7_SQXGutiyVskUfAcGSz--GHWKm-hsIN70c10sUVkyzdQmtn-_BrlgGKdrSC9QCkJeTCatjkud44RloN6qUQuJiP5UkgXmwriGrD9sHtNkPYHazlC8HZVbCzYCoaM4PYg-OLHl1p_buPCbR3RZ8ADQeu0295ZnWoZvz5B9NDFvVkDtoSVdZxDQW2GzzT67VWuKZErfhNQ0KQqJ6ZomemclJLdAIhIr0xATr8OnVBxCFdbOKAtn8Sg2baKmUJGUSnvgBAGABoeNjdvNoMzc9AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xkVFzQerWbRkApLz1QYMm7s2jVA%26client%3Dca-pub-7684412022089551%26adurl%3D
Frame ID: CC7366FBBECB2549C8BC91DBE8BD1178
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C16DCEC1F05B557A8A41A3911922923D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6B308D95881B4BD92B683257F16BFB4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CHIMI deseándote Feliz Navidad

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

99
Requests

77 %
HTTPS

91 %
IPv6

14
Domains

22
Subdomains

23
IPs

4
Countries

1050 kB
Transfer

2184 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://ssl.hurra.com/pvs.gif?cid=4557&tid=24538 HTTP 302
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538

Request Chain 66

https://ssl.hurra.com/pvs.gif?cid=4557&tid=24538 HTTP 302
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538

99 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
aapka-msg.com/s1/ 16 KB
5 KB 333ms
311ms Document
text/html 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7b866c784222aacee7180824f5accd895ba6f4ff2e0b37d61fcd0dabcc244e4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 77eddf63bb2d924a-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Dec 2022 01:41:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0nc3ibvfbxjwK29Gj0SqgGpmoOTvgORwxtZmZ%2BkDloEZOqZ7XE8eiR0LDbHUq2MY6ULoIEGMnEH0cVcBpmEGRm78DMPN723dhButLMevXkobC9l6u7u%2FQN52zQjIjQhIJ%2Fid9zYtk7%2B%2FMR2"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 41ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1063220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRrZBx5uESI8MHsulkrwlCOsnTfTeBiNatfur4d2KR4c8tWaRWO9aXZeGpAfxl6NrWsa7r3DgToGWY4JyFVwaVmSbpUT7uQAWkSaP4G2IW%2BHGmICIX2xnncoho26tAw99tulYHz53QRQW1Pe7nmU7VfY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77eddf65ee30bb53-FRA
expires: Fri, 15 Dec 2023 01:41:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
582 B 123ms
51ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Pacifico

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6b8429f9ba44b320c4acee489b17d479b37401527a6a83746637c99385c3bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Dec 2022 23:45:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Dec 2022 01:41:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 981 B
484 B 119ms
48ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa404f41bb73cd8b56987b71df35705c85824ae0862b82f58412c439004d48c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Dec 2022 01:35:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Dec 2022 01:41:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 53ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2bbc1a0becbfc55034c3751a58f9b45fce467e9c305d9191c42a8d12e7bcb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27543
x-xss-protection: 0
server: sffe
etag: "1431 / 160 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 25 Dec 2022 01:41:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 391 B
809 B 117ms
47ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Boogaloo&display=swap

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

190218113db16896a2f26497538861ac58c25280fdca5bf68de076371e39fd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Dec 2022 01:41:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Dec 2022 01:41:08 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 114ms
26ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 22:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 22:21:57 GMT

GET
H/1.1 200
OK Slide.js Show response
aapka-msg.com/s1/ 9 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aapka-msg.com/s1/Slide.js
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a693f4bb5b25c924b8a68734694fca6c94344153f2e21f798bbfc174210e536

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6529
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2121
Last-Modified: Sat, 17 Dec 2022 17:26:07 GMT
Server: cloudflare
ETag: "221d-5f00961a3db9a-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU6unaYpuExBDaif3Os4ir%2BfIJy%2ByW9HKCTFBwViMxXp76ZLPaL1XIZp%2F03qqbNmqN%2BdPOzBSrmdaqF49%2FaF%2B4imMl%2Fa727JBA0bJJ%2BN5M3svW3huYS5XxzBdwutrjPVcpr8c%2Bqw0azJMUIQ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf65cd30924a-FRA

GET
H/1.1 200
OK gate1.png
aapka-msg.com/s1/img/ 14 KB
15 KB 15ms
14ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/gate1.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfb12519b691771d4ca01f216cf5aa6a90483ccbc296ef944a796652bbc291d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6082
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14346
Last-Modified: Mon, 28 Nov 2022 20:03:52 GMT
Server: cloudflare
ETag: "380a-5ee8d5ed17b87"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kULZcBotCjwDoHQzGJIJUcKdpEioyFQbRtXTaeT%2FgGaRGqxMveLFba2AXMGUvT4iTFIB%2FfoR1hA5CKjXHoglgRQN2i8ot%2BzCXhgboDJvgE97DisGC94EhVss9ha2CuiR9EdNYeBn%2FZKQiul"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66be08924a-FRA

GET
H/1.1 200
OK gate2.png
aapka-msg.com/s1/img/ 14 KB
15 KB 12ms
12ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/gate2.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aac4a423f94af29edab7eb8fc77cdeaca64cc48ee9624742954d4b025101ccd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6529
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14580
Last-Modified: Mon, 28 Nov 2022 20:03:50 GMT
Server: cloudflare
ETag: "38f4-5ee8d5ebc02db"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQDJ0dY82mc8qBY44NqnpnIgXcGHfDaPSyOUaTheoPpc2IP8XbIVO8nrZtp%2BaGe1GVVKwro%2BFbOy8LmRR9CS2CK1RKifkEaYxWro7bdv4ttB4u4cf5H8qKnpKOAlpN42zWSf0ERSotbif4SJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66de30924a-FRA

GET
H/1.1 200
OK downarrow-min.png
aapka-msg.com/s1/img/ 17 KB
18 KB 26ms
19ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/downarrow-min.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb50263e817e17a8658bb0438723cfe888920428e7e60d108f3db30c4a18bcf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6674
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 17889
Last-Modified: Sun, 18 Dec 2022 06:57:24 GMT
Server: cloudflare
ETag: "45e1-5f014b7061d44"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s90waV7KH9nlhMkwY6u1%2FWyiObGQL%2BI9SvOs0CP9fK6fSimvEQqif0T0cMDndEzvqcMKuCLicz0VIIBRr4w9ld3CXgWZ05mZdcrLIdMY2ktd28Yf7nldsGYbtgo3iok6leQez%2BA%2BoxZuPd%2Ff"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66e962bbd9-FRA

GET
H/1.1 200
OK jinglebell.png
aapka-msg.com/s1/img/ 46 KB
46 KB 23ms
16ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/jinglebell.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e3391112308e5efd32700291154fb595082773f256375ee5f3b09962816f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3499
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 46633
Last-Modified: Mon, 28 Nov 2022 20:03:53 GMT
Server: cloudflare
ETag: "b629-5ee8d5ee62525"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EKzP2Hs9W79kRq9TBg%2FMMOQd1wAxmnSGMpfYuhtZwrR6QmlZinCOSAB6og77bc%2FNC2j1CgI56oEmvRR2yLD1Lz0ebeGyyIgJXJ5yP4HCLSTTbLiXi8%2BVH4pEka7%2FK2zZaQklIdbjRBjf3eR"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66ec669bd7-FRA

GET
H/1.1 200
OK mt1.png
aapka-msg.com/s1/img/ 6 KB
7 KB 20ms
13ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt1.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9f1b086035ff8124b2e476451c42c7a99f49826dc50303197112f81ce2c367

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3825
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6132
Last-Modified: Wed, 14 Dec 2022 10:44:45 GMT
Server: cloudflare
ETag: "17f4-5efc76cb9a051"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RP0bSEVNxlyS9OsVtFTy43VIZOalL3LwJ9pMTolZgRNr7NMSuJB1zzy7gvFVaeQm4YkwhwvDDVfxxnux32AajSVJ0yh%2B9Bn7HQljCerMFrmf8cFUaVzlofDigUcPfTNXfpBVY1jLyA29EUc"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66ecda2bd5-FRA

GET
H/1.1 200
OK mt2.png
aapka-msg.com/s1/img/ 5 KB
6 KB 26ms
17ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt2.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b43a6b0a1736d80d625e43d5edf3bb81816daa5692650f55801f1762b10bd36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2032
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5249
Last-Modified: Wed, 14 Dec 2022 10:44:46 GMT
Server: cloudflare
ETag: "1481-5efc76cce74e9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfBlNNqZjtkvl5417bZBYSKEID6cGRu3EHBctKrqwFH8WG6BY5RAhh8HiL00SSxPFRrWlUKHq6djwl0Z0%2FsAb20KHyall35HOoOK794xutPDV0jGCANzaR9s7Weec7T9CqtDtGS0oP5n07wc"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66eadabb79-FRA

GET
H/1.1 200
OK mt3.png
aapka-msg.com/s1/img/ 7 KB
8 KB 22ms
13ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt3.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310001a8675aebd6b36161e93995e099a69ec8271c2d0255b248e396a380f92a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3824
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7073
Last-Modified: Wed, 14 Dec 2022 10:44:47 GMT
Server: cloudflare
ETag: "1ba1-5efc76ce2209a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra5HmN4uPru8PtbgnmmnX5SQ4tdqcbnP8HZVGY%2FxnoPTAl2UviBbnSjcIJwfvNY2BfmLNaZEg0Yqa48i4LZvkkgkKjSFDC3pZsgUtIlHPxqcCbiZ8Mmsn%2FpNYs5XQzQ7L6E20k9bhkuLyEaK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66ed582bf3-FRA

GET
H/1.1 200
OK mt4.png
aapka-msg.com/s1/img/ 6 KB
7 KB 15ms
15ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt4.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b0ae1a27a1a5218dd8b07b5467880941e69b9028e01f2236e206637f87f3129

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5685
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6420
Last-Modified: Wed, 14 Dec 2022 10:44:49 GMT
Server: cloudflare
ETag: "1914-5efc76cff2ee3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCfE3f4sd2%2BNmVsg4joepR0vzJHVmaQvhXX3sWZ3N4MGl5pMw07jNVKRUsMKIkv6V%2B2u93FliBSqlARITOYMYyxMCZxmoVyA9ltfj%2BiqBejVSwG0xGKxB2Gg%2B8yxw27r7SkupKT0QxavDvVA"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66ee4c924a-FRA

GET
H/1.1 200
OK mt5.png
aapka-msg.com/s1/img/ 5 KB
6 KB 41ms
13ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt5.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644989ba5a3848da57ea199a7749d7c97577dff068ae7a5afc82d5fed3153e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6628
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5580
Last-Modified: Wed, 14 Dec 2022 10:44:51 GMT
Server: cloudflare
ETag: "15cc-5efc76d146527"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHpza%2Bz%2F1c7iSXz06ViIIZ2Tao2HtywHwIXODrBSls%2BQIF%2FhYjxrTQY%2BfEEAUlzlIiD0wyMz4Llm1uh6p0iOwgHGD%2FZfrjyCEjH3eaBvTdogbySBbmQVwqIWa0uBNCR9FtmJAruNEVs1GomG"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf671997bbd9-FRA

GET
H/1.1 200
OK mt6.png
aapka-msg.com/s1/img/ 5 KB
6 KB 28ms
13ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt6.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587c3f9e66745f4d0ea9700254310f4089e2093172879f2a15f740e9bcdf532d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2183
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5410
Last-Modified: Wed, 14 Dec 2022 10:44:52 GMT
Server: cloudflare
ETag: "1522-5efc76d2866c9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPe2%2B5ibdIEYlsJZTpmifUugxQVslPpUTqB6DlprsV7CcXl4dmJhyFavv3SU9TgyZPpjo2rusycQJyFcHbsQcEXN%2FVE68nHNB3LWUbWM%2FIxmW%2FZG2ND%2FyBLYAa6BloBJrjTmI%2BEKNB0dflMy"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf670af8bb79-FRA

GET
H/1.1 200
OK mt7.png
aapka-msg.com/s1/img/ 6 KB
7 KB 30ms
11ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt7.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d481a984636a19a83ff91f330b6c3584e7055434ba07510dd6f9fc6c5806bb3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3651
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6377
Last-Modified: Wed, 14 Dec 2022 10:44:53 GMT
Server: cloudflare
ETag: "18e9-5efc76d3d23f1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RY4eFAVLafvAk0S3vXN3U%2BtxC%2Fwd4YZx0QJVMjaFTz3j657bMb4b%2BAJS978sohVjDKQCGV6Opvtjt4%2Bzl8%2F01%2BKqqqCR8ra5%2FH%2FwssmWJF0RU2YMV6QxGHRud8Cq2rYrPJ2QKLSpqZlp5I2"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf670c809bd7-FRA

GET
H/1.1 200
OK mt8.png
aapka-msg.com/s1/img/ 7 KB
8 KB 38ms
11ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt8.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926bf8f51f94269d9b25a4c71b7e44920df0804530ca6f276bfcfd65cad21cd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1674
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7052
Last-Modified: Wed, 14 Dec 2022 10:44:55 GMT
Server: cloudflare
ETag: "1b8c-5efc76d528146"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJvNogBeKDLe5GvEvvvC3TR6MhdMHnjl9y2K00WdnBOBww3dmpWpe0CqeJFOzIZl%2BejlyXwvqIK2BURwu7%2B9pxLceELDTVB%2BDCO6Df8WfgcX7NkOQmL3RcsJhUcL68r0QovXOz%2F5v4IhNndE"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf671d852bf3-FRA

GET
H/1.1 200
OK mt9.png
aapka-msg.com/s1/img/ 3 KB
4 KB 28ms
12ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt9.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07031397ff2404f97eebd395be1ca2375d964c70e4cf907994983b6a31256eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6082
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3177
Last-Modified: Wed, 14 Dec 2022 10:44:56 GMT
Server: cloudflare
ETag: "c69-5efc76d655a00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeOdqx90V7Kk5V2S258B6%2BAB5JxxVUuhqOx1%2BEN8xbfPDv%2FKjxEjmkEoV0PYz3Wod0uxpSp%2FzOxKAc4z4VDR%2FXDJjb%2BGxDR4NpKIWEgcMF89iyo1RdFUgTY5hWFxeeIjLoMAnCZo678meAEP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf670e67924a-FRA

GET
H/1.1 200
OK mt10.png
aapka-msg.com/s1/img/ 5 KB
6 KB 27ms
12ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/mt10.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071580e34aac88161af882024da6f38d3e3257a1e60764a90661de10b0b6c387

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 6233
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5587
Last-Modified: Wed, 14 Dec 2022 10:44:57 GMT
Server: cloudflare
ETag: "15d3-5efc76d7a2ab1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yg5VH6NdJH6t14cnLLAh37CujOqE0K18EVkKNfgnM89G66vZqVato3dzBDXKvB%2B6At7P74jpiFahQqald2as%2BS9DC1FBonrqEDSjiaqvq8spx0zrfuV6IKJqXHXPSPXUT2DB1iQqyQxaDDa"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf67097fbbd9-FRA

GET
H/1.1 200
OK ec2020wish1.png
aapka-msg.com/s1/img/ 41 KB
42 KB 23ms
13ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/ec2020wish1.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127a88386cb8554048411fd46aa6fd205fbb7fa15afc3ebd925a030e50771404

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3154
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 42080
Last-Modified: Tue, 06 Dec 2022 10:39:28 GMT
Server: cloudflare
ETag: "a460-5ef266b1c8217"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52J02gWti1Et30cYqcM%2FT1PEfjgCotTXLE1FHmFq3RpFQXS8pVHpPiNyVRaGjo%2BG6c1KDvOg2rh6QBDAfcOI8swGs3Jjf%2Fg6MsajxxGuMVGeEZhLIJW%2BABNHtj6Naj5zT%2BUPblgYjZzxCl0o"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf66fce92bd5-FRA

GET
H/1.1 200
OK 2023navidad1.png
aapka-msg.com/s1/img/ 25 KB
25 KB 42ms
13ms Image
image/png 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/2023navidad1.png
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4049a3a86643679a6666e496dc58ba43256b4233bb00627b907b1705d3db950a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5298
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 25183
Last-Modified: Sat, 17 Dec 2022 17:26:56 GMT
Server: cloudflare
ETag: "625f-5f009648fa207"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UjvGWeSl0GRdXZpxiZ8cC7sZ%2Fgra7o92lOJiaVOJyhSsRf%2FwVYOqznFVGxBYqcp1QbhYx%2B8Bc4LgdzX6hWMtNPQl9c1qsU45GAG31vuvGNNbVg7buROW84AILJdAvLLJRWfcKmdxwMEtn4N"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf671e82924a-FRA

GET
H/1.1 200
OK santaunder2-min.gif
aapka-msg.com/s1/ 43 KB
44 KB 40ms
16ms Image
image/gif 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/santaunder2-min.gif
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d412b991646e825e0e5447590d48a7072c37dcd3b954c4f8419e029bf343a2ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3779
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 43837
Last-Modified: Tue, 20 Dec 2022 06:25:41 GMT
Server: cloudflare
ETag: "ab3d-5f03c814a21ab"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v9u6Gk3icMr9dTDI9X2pfJoSsuGDma2HgHstMSjlV2S3bnL4uR70gAJh%2Fpgq5Nwq9luOA3tB5OMpqEqm%2F8f224m4Z%2BZLz8zlgKQv9Z3IjNGGPjIaKrU%2FrS3R0xVjjiJMKsuZjpVFlbviGZV"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf671cff2bd5-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 124ms
48ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-155864431-1

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a47279a0403043586908f5963250b7e0d7e1e26ecd42276258a319e3636d0617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43632
x-xss-protection: 0
last-modified: Sun, 25 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Dec 2022 01:41:08 GMT

GET
H/1.1 200
OK sname.gif
aapka-msg.com/s1/img/ 20 KB
21 KB 26ms
14ms Image
image/gif 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aapka-msg.com/s1/img/sname.gif
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0021cc31ef85472442faea06bf18b65ffa357924a49287f15a124d7883d0b8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5121
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 20528
Last-Modified: Wed, 14 Dec 2022 10:42:26 GMT
Server: cloudflare
ETag: "5030-5efc7647a45e0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3crnkg4gvxySP38TcP0937dD1CKKcQx%2Bsbv10hJLF6fFc5ePlNJ0F8PB21YSHDjR0eIDMK6U2w8aMFiaCKvYKjLuXxNpj%2BCYWwxnrzjlLse55ofzLk7vvTO2xlonIboSyGAeIeDULsSmMUu4"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 77eddf670d702bf3-FRA

GET
H2 200 FwZY7-Qmy14u9lezJ-6H6Mk.woff2
fonts.gstatic.com/s/pacifico/v22/ 30 KB
31 KB 99ms
25ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Pacifico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50488656aeea003d0042da0979cd15675c0bc1c028a21dddfafd7656d54c709e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://aapka-msg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 04:33:05 GMT
x-content-type-options: nosniff
age: 162483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30908
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:34:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 04:33:05 GMT

GET
H2 200 kmK-Zq45GAvOdnaW6y1C9ys.woff2
fonts.gstatic.com/s/boogaloo/v19/ 10 KB
10 KB 126ms
51ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/boogaloo/v19/kmK-Zq45GAvOdnaW6y1C9ys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Boogaloo&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ff476ab12ef621ba34a8631e0db1bb9fb5f6d953cbf7081f12df8971e25778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://aapka-msg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 21:28:34 GMT
x-content-type-options: nosniff
age: 187954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10276
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:28:34 GMT

GET
H/1.1 206
Partial Content es.mp3
aapka-msg.com/s1/ 93 KB
0 12ms
11ms Media
audio/mpeg 2606:4700:e4::ac40:ab0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aapka-msg.com/s1/es.mp3
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://aapka-msg.com/s1/?n=CHIMI&t=w
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 25 Dec 2022 01:41:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2032
Content-Range: bytes 0-94925/94926
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 94926
Last-Modified: Tue, 20 Dec 2022 06:29:12 GMT
Server: cloudflare
ETag: "172ce-5f03c8de41eb7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F38LaHESzxhJ1kTvDrgEkSI7ZxtMFLPSSS5GkT6ddH8F2Zj7maQDCSrK5gI%2F%2Ff1eW5OhRQ%2FD1Qvidg5tX7U5aLqPZshTfxFD0QS7P160pcK5RMHFvuksJ%2FguiIXWEhSSQfZKrzW6rC7%2FCY9F"}],"group":"cf-nel","max_age":604800}
Content-Type: audio/mpeg
Cache-Control: max-age=14400
CF-RAY: 77eddf671b09bb79-FRA

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 13:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Dec 2023 13:06:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 73 B
87 B 35ms
16ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=aapka-msg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34d1a45e337bc82cf0db381d4abdaa0df412cc3598036b54945b179842e619a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Sun, 25 Dec 2022 01:41:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 190ms
47ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=aapka-msg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 52ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aapka-msg.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 171ms
171ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=974381387604227&correlator=4204365909803303&eid=31071185&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22849185369%2Cca-pub-7684412022089551-tag%2Caapka-msg%2C50&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x100%7C300x50%7C300x75%2C300x50&ifi=1&adks=1993804009%2C1038384195&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1671932468419&lmt=1671932468&dlt=1671932468112&idt=280&adxs=650%2C650&adys=920%2C15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Faapka-msg.com%2Fs1%2F%3Fn%3DCHIMI%26t%3Dw&frm=20&vis=1&psz=450x50%7C450x68&msz=450x50%7C450x50&fws=0%2C0&ohw=0%2C0&ga_vid=710588906.1671932468&ga_sid=1671932468&ga_hid=856872837&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8a1a7acc572cd43c46700d8e6027931ea53659a01a4d1304a02b4c239a3cb0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11470
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://aapka-msg.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F830 6 KB
3 KB 173ms
56ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 01:41:08 GMT
expires: Mon, 25 Dec 2023 01:41:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 93ms
22ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155864431-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Dec 2022 00:27:20 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4428
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 25 Dec 2022 02:27:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 87ms
42ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=856872837&t=pageview&_s=1&dl=http%3A%2F%2Faapka-msg.com%2Fs1%2F%3Fn%3DCHIMI%26t%3Dw&ul=en-us&de=UTF-8&dt=CHIMI%20dese%C3%A1ndote%20Feliz%20Navidad&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1403225774&gjid=197193138&cid=710588906.1671932468&tid=UA-155864431-1&_gid=70382377.1671932469&_r=1&gtm=2oubu0&z=1462681614

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://aapka-msg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 01:41:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://aapka-msg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 233D 6 KB
3 KB 74ms
26ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 01:41:08 GMT
expires: Mon, 25 Dec 2023 01:41:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD72 6 KB
3 KB 65ms
24ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 01:41:08 GMT
expires: Mon, 25 Dec 2023 01:41:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CD72 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoQwgNKqnY_atHNGPjuwP-NSfwAHJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTc2ODQ0MTIwMjIwODk1NTHIAQmpAmx_3a8j0LE-4AIAqAMBqgSBAk_Q3mm68JsWF8-rMmJi0L0f1PzwjQMsMgC0_PWr3RopPtMQF_SYdApeIIkxeQRapzQPGXp3zQpLG9LhBf7MKn_56DEY62uHuQJ8cVTz1CWoL3giD3jh1RhjRJYalOe_KMb-bQyjIVxILRKpCkTFiPMoHi7fHvcJTJPQSMnzslpSCS0k8uNKdpVbfptSFCugcZNAwCgHKG4h56yBeTUTo9emSVHYhg9q2ivuuonxuAqnTleSwPocQdOt4ngcq6KtUyntAA-93Ip1uWfuZLvEH4Hb56tepSHMvYbkAokFiF4jlds_T6PPnM-g5Wya5W3DSRn7nXB7KzEuo9OiPVxPbMpp4AQBgAaHjY3bzaDM3PQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshcdChsSFHB1Yi03Njg0NDEyMDIyMDg5NTUxGLqHjQE&sigh=V7ptT0BoywQ&uach_m=[UACH]&cid=CAQSSwDq26N91lR--Bm5AnuADOyteUCZg-AFYZARpwxWdv_HMuaqubKWFHEXmy6xiMQs1qG5qhzfcrgg04xkvoeovDXhBnDcHVSzwVotbhgBIBM
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame CD72 0
0 43ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOaXC_7XCawCMp2DYgICAAAAnuEgqOdxwlUQM6qnY_9OW1_kveDzSrzfABIAAA&wp=Y6eqNAAHFvYHg4fRAAfqeKiZCHbEyeaUNX3BaA

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 141706
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3B2D 114 KB
40 KB 194ms
104ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6eqNAAHFvYHg4fRAAfqeKiZCHbEyeaUNX3BaA&u=%7CpWY5oGYPhSYu5k5UOetuDD6DmPDu%2FhCZYem%2BFbzhQp8%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOX0E50AIrFIjEPFuRnRWdG9mmJNHSfraqLusH4Be9Tm1i_-tDSjiS38y_2gKfAN-oPqcDBN2lQG_AbVbRxPBgdaOIXSI4ZXiODDZi9BL_QYfCgsR95YchgDETwwwuIb1elWYJw2S0HtYnBObdwrRLPZHczfJI_8ZeqtepIJuUmUZrpoli-yiQV50QBzbtiOaK7U4lEWiuhUJeOQoNHOe16MzgqiwF4WkIkjT2WcOamfZkbxVQhRUheNaX9e5VrWkfYwykNS2Pgs3wxlY4VlJEO4yEjWDAQjjCKMkFFEI-85Fz-ki7uloKZ4cMBbjbIsDXTcMFs_HKaRlbHh3IcLWjazIcrwLh0b004LewZ-1Sj2Raw1vL6531t-AZsXXTkC0PVrdyW29tUKNjkbMYK3wD__g9uKWFYV8FsewMcaJKsJDEZMfqzLGjF3ALq5uREloMYWudbkExT7bopofko2IuqVije3o6-8Yaxdu-El7RAYaOCJK8OvGUEDsLGsGEf-5T-idQtygzZtGkMBtYm7jKpFkxq7W9rP6Paoww2XrfMkEE-G0dzbKNw0Yn_MOhQU5zrt0jgAnJhTPsGRNnc5zZmBQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCq7nYNKqnY_atHNGPjuwP-NSfwAHJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTc2ODQ0MTIwMjIwODk1NTHIAQmpAmx_3a8j0LE-4AIAqAMBqgSEAk_Q3mm68JsWF8-rMmJi0L0f1PzwjQMsMgC0_PWr3RopPtMQF_SYdApeIIkxeQRapzQPGXp3zQpLG9LhBf7MKn_56DEY62uHuQJ8cVTz1CWoL3giD3jh1RhjRJYalOe_KMb-bQyjIVxILRKpCkTFiPMoHi7fHvcJTJPQSMnzslpSCS0k8uNKdpVbfptSFCugcZNAwCgHKG4h56yBeTUTo9emSVHYhg9q2ivuuonxuAqnTleSwPocQdOt4ngcq6KtUyntAA-93Ip1uWfuZLvEH4Hb56tepSHMvYbkAssHqcykGkcs8D_bPx-dQ5ST8Wd1QzfjH8SzFpfcHM2OJdnl6NnW0Zp14AQBgAaHjY3bzaDM3PQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_kL57zn4lbQ5VpK48MhStFd6H-w%26client%3Dca-pub-7684412022089551%26adurl%3D

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

73f91bbf6ef892cc1d97608578c674ab8cf477751ee44465371b02d73c82e60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 01:41:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WPSfp_mLr33yypHC8m_RiB8jJkCh7Gq7rIWgFTEv0vBvolL5yeddT8cnYOrDmN7dBhOkdOh5S6p3DqsptFvPh9p-7gbYKthOPtSuaJBbAapKacI6ypVXnoBXUlRsVrWjJVhbOXhs_wC_2H68uJs8LXMeyEQcrviruJ7JrcSab9D5GKeWQVomBP7k_IICNOnnTxMvjacVgSqX55QrcFuBVdcmIM2BEAe9bhEA_m4TghJztsME-vI1HfoCU26GFVGAiATkEg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67026040
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CD72 3 KB
1 KB 145ms
45ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CD72 18 KB
8 KB 122ms
23ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 01:38:31 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CD72 24 KB
7 KB 124ms
26ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Dec 2023 01:30:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD72 153 KB
47 KB 174ms
96ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 01:41:08 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 233D 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd_GzNKqnY_WtHNGPjuwP-NSfwAHJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTc2ODQ0MTIwMjIwODk1NTHIAQmpAmx_3a8j0LE-4AIAqAMBqgSJAk_QC_bjTtVE_lLES7pHONmKVvgRgdhCTvl-wdEi8Ca8XVdrBpRpjp52w52ub_JhGJtRZHz4_zuY2eBDTRlcSBkRWL8FjhAImrXHaW7_SQXGutiyVskUfAcGSz--GHWKm-hsIN70c10sUVkyzdQmtn-_BrlgGKdrSC9QCkJeTCatjkud44RloN6qUQuJiP5UkgXmwriGrD9sHtNkPYHazlC8HZVbCzYCoaM4PYg-OLHl1p_buPCbR3RZ8ADQeu0295ZnWoZvz5B9NDFvVkDtoSVdZxDQW2GzzT67VWuKZErfhNQ0awioex2p5nSauKPj8i-NKxkHpXWtegTAoR7zjvnY7wQu6AgiQy7gBAGABoeNjdvNoMzc9AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTc2ODQ0MTIwMjIwODk1NTEYuoeNAQ&sigh=9THIBHgyIfQ&uach_m=[UACH]&cid=CAQSSwDq26N91lR--Bm5AnuADOyteUCZg-AFYZARpwxWdv_HMuaqubKWFHEXmy6xiMQs1qG5qhzfcrgg04xkvoeovDXhBnDcHVSzwVotbhgBIBM
Requested by: Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 233D 0
0 40ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOaXC8T7DawCZJ2DYgICAAAAnuEgqOdxwlUQNKqnY12hbLOCJaZbTDK5ABIAAA&wp=Y6eqNAAHFvUHg4fRAAfqeAvVWE9tAkdsxCQCNw

Requested by

Host: aapka-msg.com
URL: http://aapka-msg.com/s1/?n=CHIMI&t=w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 420220
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CC73 125 KB
43 KB 167ms
80ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6eqNAAHFvUHg4fRAAfqeAvVWE9tAkdsxCQCNw&u=%7CpWY5oGYPhSYM7LgL6HAzzPCxYgoMmQfd2wwTrijEiCM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLd-jZl3qQeDzohnROYWRjJmg0tHessjlH1LiptfEcvzSDEYYeAq1qeII61cvfGkXkqnFJg4XKRKZ8-Jdc-G-Ham3rMcq7maWnmKQNWEQWZAx-nfW1M6z3BMXfZ1CYYDO0ZAiNiYVtCAcxrMAqn2k_jkQvue_qvp1TPsJg3roMZaj81lDlpQ1UOZC2nFLp1tH1IX5kJHuNdEYxAR0ZUp4bkZ0VIR-5k7W2hzzxh_v12oiB0_xtDf8nPTGdmX6i9fCZBQM4sorjuiQycblhavV8-zrsAb_89PBpfWrEuQvS0hgmkljX0ClixDESN6CDnF5XNbK3AEdA5baX_Bz1GSBAo5i0Uc1BCgKuQygC7vw7RI018TXneRlvoDAb0K0qq85U5dNL2R5ANId9w8xYBSO8R16OHMaNn0Qxo2WQiIfyr_TmylT22Q38Z9RZJjKOlop35RkoslrqB-GN5DMQZa1JCAS-1ahwi3m6wegv7rrJ7-I6RvPAXWW-h0Waao6AsFjzPmf-VOq55gGwHRfyGH0SdEJWPG7k45SaODAI5ROi4lXcwIUQy1gi7EzIaddWZ4OY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzXyNKqnY_WtHNGPjuwP-NSfwAHJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTc2ODQ0MTIwMjIwODk1NTHIAQmpAmx_3a8j0LE-4AIAqAMBqgSMAk_QC_bjTtVE_lLES7pHONmKVvgRgdhCTvl-wdEi8Ca8XVdrBpRpjp52w52ub_JhGJtRZHz4_zuY2eBDTRlcSBkRWL8FjhAImrXHaW7_SQXGutiyVskUfAcGSz--GHWKm-hsIN70c10sUVkyzdQmtn-_BrlgGKdrSC9QCkJeTCatjkud44RloN6qUQuJiP5UkgXmwriGrD9sHtNkPYHazlC8HZVbCzYCoaM4PYg-OLHl1p_buPCbR3RZ8ADQeu0295ZnWoZvz5B9NDFvVkDtoSVdZxDQW2GzzT67VWuKZErfhNQ0KQqJ6ZomemclJLdAIhIr0xATr8OnVBxCFdbOKAtn8Sg2baKmUJGUSnvgBAGABoeNjdvNoMzc9AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xkVFzQerWbRkApLz1QYMm7s2jVA%26client%3Dca-pub-7684412022089551%26adurl%3D

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fab19bbeabdb2d495e65483edb2821a85f01ee1ae72c6cb1f4df3eae2c325e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 01:41:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zD7wdPmLr33yypHCcIdiLOcBNYsXgxEIFCn1fLztXdKLC2PfAHvgnwZjAqV7Na0fyBVDg9_r4Sx0lZlQQKAKAUTYZn02Lpem2bmcyBRARZgRE3pToSWDPeyr0PTOQDd_UGpq94rtI2tFjt8D2ni_1KEts75OTze-ejOxwCeoJFG85n2pzPKTXBdMn-9medjw2HNHwCFT3dks3bbOXRq-3d2-iHbFEu0ZY7DtLZpFysS2mM0ei7vkohbyMghvVWJfOR0MCg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65544306
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 233D 3 KB
1 KB 142ms
47ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 01:38:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 233D 18 KB
7 KB 124ms
28ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Jan 2023 01:38:31 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 233D 24 KB
6 KB 134ms
39ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Dec 2023 01:30:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 233D 153 KB
47 KB 232ms
158ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 01:41:08 GMT

GET
DATA 200
OK truncated
/ Frame CD72 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a707af048791c2d3c43f40a21074450b927036d97510f2eea887b06f2f75a07

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CC73 2 KB
1 KB 429ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6eqNAAHFvUHg4fRAAfqeAvVWE9tAkdsxCQCNw&u=%7CpWY5oGYPhSYM7LgL6HAzzPCxYgoMmQfd2wwTrijEiCM%3D%7C&c1=TEbw32HdmhlTb08vzaRE05Nor-kWNW37ds0oDHxEuxeKn7Xrp6ainli_Cmw5dJSudhYAqTqyTVLd-jZl3qQeDzohnROYWRjJmg0tHessjlH1LiptfEcvzSDEYYeAq1qeII61cvfGkXkqnFJg4XKRKZ8-Jdc-G-Ham3rMcq7maWnmKQNWEQWZAx-nfW1M6z3BMXfZ1CYYDO0ZAiNiYVtCAcxrMAqn2k_jkQvue_qvp1TPsJg3roMZaj81lDlpQ1UOZC2nFLp1tH1IX5kJHuNdEYxAR0ZUp4bkZ0VIR-5k7W2hzzxh_v12oiB0_xtDf8nPTGdmX6i9fCZBQM4sorjuiQycblhavV8-zrsAb_89PBpfWrEuQvS0hgmkljX0ClixDESN6CDnF5XNbK3AEdA5baX_Bz1GSBAo5i0Uc1BCgKuQygC7vw7RI018TXneRlvoDAb0K0qq85U5dNL2R5ANId9w8xYBSO8R16OHMaNn0Qxo2WQiIfyr_TmylT22Q38Z9RZJjKOlop35RkoslrqB-GN5DMQZa1JCAS-1ahwi3m6wegv7rrJ7-I6RvPAXWW-h0Waao6AsFjzPmf-VOq55gGwHRfyGH0SdEJWPG7k45SaODAI5ROi4lXcwIUQy1gi7EzIaddWZ4OY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzXyNKqnY_WtHNGPjuwP-NSfwAHJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTc2ODQ0MTIwMjIwODk1NTHIAQmpAmx_3a8j0LE-4AIAqAMBqgSMAk_QC_bjTtVE_lLES7pHONmKVvgRgdhCTvl-wdEi8Ca8XVdrBpRpjp52w52ub_JhGJtRZHz4_zuY2eBDTRlcSBkRWL8FjhAImrXHaW7_SQXGutiyVskUfAcGSz--GHWKm-hsIN70c10sUVkyzdQmtn-_BrlgGKdrSC9QCkJeTCatjkud44RloN6qUQuJiP5UkgXmwriGrD9sHtNkPYHazlC8HZVbCzYCoaM4PYg-OLHl1p_buPCbR3RZ8ADQeu0295ZnWoZvz5B9NDFvVkDtoSVdZxDQW2GzzT67VWuKZErfhNQ0KQqJ6ZomemclJLdAIhIr0xATr8OnVBxCFdbOKAtn8Sg2baKmUJGUSnvgBAGABoeNjdvNoMzc9AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xkVFzQerWbRkApLz1QYMm7s2jVA%26client%3Dca-pub-7684412022089551%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CC73 2 KB
1 KB 424ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CC73 308 B
636 B 401ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CC73 293 B
621 B 404ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame CC73 43 B
348 B 252ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=B6MGX6Lt6lXVfXqnVQNWc5NNmHJWjoqcs6Z2UZylpyTu39rqytaOcP5HuGl-_16Y-He8aN32cOB2CAU9lhZY-aBFD0EFGTVh3o8Hf7c9yX4bX_JG1mC2xThwQwcPH8hWuFRh2NnyBadix93yxJiDomwhum3ayJtMuR9c9MINpOfUC0hw_trpDw-snoovI6Pnw6wacBrf2cLlT9h-_eMq0T1RS3Fmwe2JUA8-Gk5kuSr4DcLVGS3Ld9PXp6Dc_GgwRtPNlXuZZhoAyGf-DIk4_78NdXEvvs_rKcw2pgruZiS0hKyKQ5r2RD5MMTaUuZGEzvg0dbPQVh4eSpHPxm6Ooo1I0dvMsRGANG1KI-_dSo7U6mmsCudsKKO4J7K5ihaY0CapFQw80B1eVMdhyc24byZtjuyldr0QwviX86XvvhHnt87t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 01:41:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3589236
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

pvs.gif
ssl.hurra.com/ Frame CC73
Redirect Chain

https://ssl.hurra.com/pvs.gif?cid=4557&tid=24538
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538

43 B
165 B

13ms
12ms

Image
image/gif

62.144.160.15
ECOTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538

Requested by

Protocol

Server

62.144.160.15 Düsseldorf, Germany, ASN12312 (ECOTEL, DE),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000
server: nginx
p3p: CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
expires: Fri, 10 Apr 1973 05:00:00 GMT

Redirect headers

location: https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538
date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
server: nginx
content-length: 0
p3p: CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"

GET
DATA 200
OK truncated
/ Frame 233D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 047141c5dd67c016c1c17950a962a73d9a8e94d6706069f109e710526f03acaf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3B2D 2 KB
1 KB 401ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6eqNAAHFvYHg4fRAAfqeKiZCHbEyeaUNX3BaA&u=%7CpWY5oGYPhSYu5k5UOetuDD6DmPDu%2FhCZYem%2BFbzhQp8%3D%7C&c1=TEbw32HdmhlTb08vzaRE01gjP6XVckOX0E50AIrFIjEPFuRnRWdG9mmJNHSfraqLusH4Be9Tm1i_-tDSjiS38y_2gKfAN-oPqcDBN2lQG_AbVbRxPBgdaOIXSI4ZXiODDZi9BL_QYfCgsR95YchgDETwwwuIb1elWYJw2S0HtYnBObdwrRLPZHczfJI_8ZeqtepIJuUmUZrpoli-yiQV50QBzbtiOaK7U4lEWiuhUJeOQoNHOe16MzgqiwF4WkIkjT2WcOamfZkbxVQhRUheNaX9e5VrWkfYwykNS2Pgs3wxlY4VlJEO4yEjWDAQjjCKMkFFEI-85Fz-ki7uloKZ4cMBbjbIsDXTcMFs_HKaRlbHh3IcLWjazIcrwLh0b004LewZ-1Sj2Raw1vL6531t-AZsXXTkC0PVrdyW29tUKNjkbMYK3wD__g9uKWFYV8FsewMcaJKsJDEZMfqzLGjF3ALq5uREloMYWudbkExT7bopofko2IuqVije3o6-8Yaxdu-El7RAYaOCJK8OvGUEDsLGsGEf-5T-idQtygzZtGkMBtYm7jKpFkxq7W9rP6Paoww2XrfMkEE-G0dzbKNw0Yn_MOhQU5zrt0jgAnJhTPsGRNnc5zZmBQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCq7nYNKqnY_atHNGPjuwP-NSfwAHJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTc2ODQ0MTIwMjIwODk1NTHIAQmpAmx_3a8j0LE-4AIAqAMBqgSEAk_Q3mm68JsWF8-rMmJi0L0f1PzwjQMsMgC0_PWr3RopPtMQF_SYdApeIIkxeQRapzQPGXp3zQpLG9LhBf7MKn_56DEY62uHuQJ8cVTz1CWoL3giD3jh1RhjRJYalOe_KMb-bQyjIVxILRKpCkTFiPMoHi7fHvcJTJPQSMnzslpSCS0k8uNKdpVbfptSFCugcZNAwCgHKG4h56yBeTUTo9emSVHYhg9q2ivuuonxuAqnTleSwPocQdOt4ngcq6KtUyntAA-93Ip1uWfuZLvEH4Hb56tepSHMvYbkAssHqcykGkcs8D_bPx-dQ5ST8Wd1QzfjH8SzFpfcHM2OJdnl6NnW0Zp14AQBgAaHjY3bzaDM3PQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2_kL57zn4lbQ5VpK48MhStFd6H-w%26client%3Dca-pub-7684412022089551%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3B2D 2 KB
1 KB 408ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3B2D 308 B
636 B 356ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3B2D 293 B
621 B 359ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 3B2D 43 B
347 B 207ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=AS5dX019E-itIo29zL2Givm12SS-7bTaUrLCS20YnexPeREf6EqRqJcuHo4zT8WcPdHe8PWq62xEfMWO3NgVBN3KYD5xUSe9cHXiQNjd68S3bSKJDEBcRZ2zk04PK9SqdYaUrinIoBlXKOviUcIcsR9TeKrtsgkifvINE8MTJ7fdvTM76CdWSg5uqOWikloLfZ2bChjo2fC9a3hryeIv5pV4uHpJ9ylaSd4YLfBFs66Wtg7uLlOhHpzAwFkmppGtaLfydWgFcQXJhZwRn8EGkIMGDpjaoLifUKTcNIZxdabKVXVweqysVd2JvnBYfTrGoOSFkVbHu1ZbVQ12p92aunEbwyhdqIRtUYZisz8lrugZZsobN9vTPuKQu0DOqHCr784x2Sang8MSHOWrvW0wp1T73ya4beKRx5mZ88RSLWpLFUXi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4011989
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

pvs.gif
ssl.hurra.com/ Frame 3B2D
Redirect Chain

https://ssl.hurra.com/pvs.gif?cid=4557&tid=24538
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538

43 B
119 B

19ms
19ms

Image
image/gif

62.144.160.15
ECOTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538

Requested by

Protocol

Server

62.144.160.15 Düsseldorf, Germany, ASN12312 (ECOTEL, DE),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000
server: nginx
p3p: CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
expires: Fri, 10 Apr 1973 05:00:00 GMT

Redirect headers

location: https://ssl.hurra.com/pvs.gif?bd3p=1&cid=4557&tid=24538
date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
server: nginx
content-length: 0
p3p: CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CC73 12 KB
5 KB 22ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 800521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVFCWxOTFQY%2FsFxIG6HGFGGA0qAy428KNMlQ%2BFChCN4qxsTKVing%2F4pFeRNaZO61v29hoDYNeF4GLnEFZtd5Vt1jKjHrn7qifrRlW5UkQOKh4TBywyJuteGnkZr%2Bu3NqaeisfTCv7tnGtRq9Digccnj7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77eddf6b2a6c68f8-FRA
expires: Fri, 15 Dec 2023 01:41:08 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CC73 12 KB
6 KB 354ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC73 5 KB
5 KB 193ms
13ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=196&m=0&partner=55963&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F55963%2F210714%2F216e5dfbbd934c2e9d414417ae749913_coeur_de_lion.png&v=3&w=210&s=Mj9dl567LmyPhbA3f7C2gP-i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

741f393215f518d6543928980721fde9a3cb96e743f3caeac79241f9fe098a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30953450
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4665
expires: Mon, 18 Dec 2023 07:51:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC73 15 KB
15 KB 204ms
24ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4014200312-1_c6babd76-f1db-4126-999e-6e5eb7eaa500.png%3Fv%3D1596738390&v=3&w=400&s=WVCpOdQ7-KdhrWlnpYyQGfCD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5ea564efe96b669288e55d97e78f133e5a5b3e4cc0524ef63e676dc6e55ef0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29781495
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15552
expires: Mon, 04 Dec 2023 18:19:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CC73 19 KB
19 KB 207ms
28ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4545211633-1.png%3Fv%3D1661254748&v=3&w=400&s=yFnPvwwiR63qKTCGyEbo87IA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b4099ca0eea07828a16b178afe30bcb9bf153097de6157c0bd79f6bb7462f42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28984896
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18986
expires: Sat, 25 Nov 2023 13:02:45 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CC73 0
127 B 116ms
15ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=zD7wdPmLr33yypHCcIdiLOcBNYsXgxEIFCn1fLztXdKLC2PfAHvgnwZjAqV7Na0fyBVDg9_r4Sx0lZlQQKAKAUTYZn02Lpem2bmcyBRARZgRE3pToSWDPeyr0PTOQDd_UGpq94rtI2tFjt8D2ni_1KEts75OTze-ejOxwCeoJFG85n2pzPKTXBdMn-9medjw2HNHwCFT3dks3bbOXRq-3d2-iHbFEu0ZY7DtLZpFysS2mM0ei7vkohbyMghvVWJfOR0MCg&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Dec 2022 01:41:08 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CC73 2 KB
1 KB 340ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CC73 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3B2D 12 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 800522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfouFLSta6ACTMvYJNDLb7%2FsGKiDvjkjZ1xMc5CEZUXRm39PVH8pYkWEvTSi%2BsWsP59JmYKV9w%2FvMpbX0ZAAI%2BIs9IaTEFQozg%2BUJOYEFIXjtNK9wBVj4YytkbRyRzCxHxkTRvKrd2iNobgfGaLPghQK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77eddf6b9acf68f8-FRA
expires: Fri, 15 Dec 2023 01:41:09 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3B2D 12 KB
6 KB 328ms
26ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3B2D 19 KB
19 KB 188ms
27ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4545211633-1.png%3Fv%3D1661254748&v=3&w=400&s=yFnPvwwiR63qKTCGyEbo87IA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b4099ca0eea07828a16b178afe30bcb9bf153097de6157c0bd79f6bb7462f42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28984896
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18986
expires: Sat, 25 Nov 2023 13:02:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3B2D 2 KB
2 KB 210ms
50ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=96&m=0&partner=55963&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F55963%2F210714%2F216e5dfbbd934c2e9d414417ae749913_coeur_de_lion.png&v=3&w=228&s=fg2uOx0IEVX16Sjpg2Uv4qn0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

2d2f1fa5f826c9709600c5c5df00962a23b9086873eff45e0e4b72996259c457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30953450
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2155
expires: Mon, 18 Dec 2023 07:51:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3B2D 34 KB
34 KB 198ms
38ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F4545301633-1.png%3Fv%3D1662030696&v=3&w=400&s=OpSl8uVV_EXszuwejyx-0d1B&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dffcd0cc9b6d9b3e08e6f3d9246a7454be33eafe05a2dab97ee72c816041c8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29765320
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34572
expires: Mon, 04 Dec 2023 13:49:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3B2D 34 KB
34 KB 206ms
46ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55963&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0342%2F5982%2F8869%2Fproducts%2F5033300624-1_31ec3e77-7e1c-4b5e-8194-6dc5de177611.png%3Fv%3D1596737638&v=3&w=400&s=Jf6RzI-mI2kxhmrWgO7wS9fl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

67508da38b8bd8f86e53b9b2a89f4c7c996e15e63d7d494aa9ae8e5894488253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29172271
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35014
expires: Mon, 27 Nov 2023 17:05:40 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3B2D 0
128 B 94ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=WPSfp_mLr33yypHC8m_RiB8jJkCh7Gq7rIWgFTEv0vBvolL5yeddT8cnYOrDmN7dBhOkdOh5S6p3DqsptFvPh9p-7gbYKthOPtSuaJBbAapKacI6ypVXnoBXUlRsVrWjJVhbOXhs_wC_2H68uJs8LXMeyEQcrviruJ7JrcSab9D5GKeWQVomBP7k_IICNOnnTxMvjacVgSqX55QrcFuBVdcmIM2BEAe9bhEA_m4TghJztsME-vI1HfoCU26GFVGAiATkEg&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Dec 2022 01:41:08 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3B2D 2 KB
1 KB 318ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3B2D 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Dec 2023 01:41:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CC73 1 KB
450 B 95ms
47ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cc1f33d2e98255a07f024524dc8e4301353898b61537067731fe4a0d81fe900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Dec 2022 01:41:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Dec 2022 01:41:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3B2D 1 KB
450 B 88ms
46ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cc1f33d2e98255a07f024524dc8e4301353898b61537067731fe4a0d81fe900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Dec 2022 01:41:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Dec 2022 01:41:09 GMT

GET
H3 200 Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame CC73 11 KB
11 KB 69ms
22ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v25/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a79b18e7744f210f2400940cbd7e4b7767391e833645f761b759e9a1a365af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 06:00:40 GMT
x-content-type-options: nosniff
age: 243629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10892
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:00:40 GMT

GET
H3 200 Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
fonts.gstatic.com/s/josefinsans/v25/ Frame 3B2D 11 KB
11 KB 69ms
26ms Font
font/woff2 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v25/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a79b18e7744f210f2400940cbd7e4b7767391e833645f761b759e9a1a365af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 06:00:40 GMT
x-content-type-options: nosniff
age: 243629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10892
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:00:40 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 129ms
56ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b84f223f699733adbe2aa4ef21b426246b5bf27f468ddab523d6d7f2940849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11222
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 104ms
55ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 01:41:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C16D 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 345756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 01:38:33 GMT
expires: Thu, 21 Dec 2023 01:38:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C6B3 783 B
1 KB 41ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e47cee033935b83f1e202443847438f867c02cd2f47b934ac8ab25a547d1552

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yDlyinbJMgYy8yeWmYunZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aapka-msg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-yDlyinbJMgYy8yeWmYunZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 01:41:09 GMT
expires: Sun, 25 Dec 2022 01:41:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C6B3 0
0 111ms
58ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=974381387604227&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame C16D 36 KB
16 KB 74ms
26ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 18:23:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD72 42 B
64 B 106ms
56ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfo3BsT9weEutfvzz_wbhUPU3B6DTdc3sdqDBBRa9qnfJP9IczmCCn_njM39xgbNl38cin-pOXRQql7ItvYkC2qGY&sig=Cg0ArKJSzOhdOqBDlvXgEAE&id=lidar2&mcvt=1002&p=15,650,65,950&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1038384195&rs=4&la=0&cr=0&vs=4&r=v&rst=1671932468645&rpt=367&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 01:41:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C16D 0
10 B 22ms
22ms Image
text/plain 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dUNJ1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 01:41:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame CC73 0
127 B 14ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Dec 2022 01:41:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 3B2D 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Dec 2022 01:41:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 233D 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszsWoXhh0T__9HvNY_sFdT1_qxzTFfBfUvbg0Hb54r6QquzraNDVsDF7PsB4XHPRKwXQGxnSzE8Ma6i8KU9uzRecM&sig=Cg0ArKJSzDpMio-X6xGfEAE&id=lidar2&mcvt=1030&p=921,650,1021,950&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1993804009&rs=4&la=0&cr=0&vs=4&r=v&rst=1671932468638&rpt=448&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 01:41:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
60ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=974381387604227&bg=!vr2lvfnNAAYgquz3AKo7ACkAdvg8Wp8aywXs3hmwq-O2JyzgkvxBwrUtimOavAPDJ7Lqi5Q22ahzFgIAAAC5UgAAAAJoAQeZAtPK9Zs0g1J7IyXRv0qScmEzXfbLphQVi_dL8g6nTw6jD1cuzKY0zxIvOBKqsekzrHd029EeXOscIsxO4kegbn7DaOerBVRWfFoqrDb59zs_A1OiH2vEnqnR1dTMgLInfMty4p8JlNkNoKrclwLGg5UC4ybH4nJuRUE3DupNaLxd8ezk-obq-BV-T-0teDOZtJJoVJkHoOCPDfy5YQakahWnhNTuhn7ttYEA7Kw6h7oBXgqUVG8ic8VX3EaoH52Z98uNwhtlueODz16hvH4v93jwsA28oOJAW3BXbgARx2gr45lZiNCMR2f_sJ88YHKn28bF-R3HiVux0gq6uLdB1hvh0ok5VxkvIo-HbPacgF52XyFLmypmBjS5FP8xmc-dO8uU2svVZT_bGziYxoY5XyDFX-EPx4TPMUfQWOFqh8YYo6xLFLbM2-_G2gHiiogzeoitQzeQG95jvs64i_RhqE2ds52Alsr9HD3qwLSfXdA4WzyRlFOzR-MjZ-nn9-6dEG4f6h-epgcBj9pMy9RZICeU9ULjkwxpiGCy8P_Z5cnYJd4fjW4dmbv2eJvc-MVs85F27RwRnQYCFnaGn48ZeyNxAf3LgutNFrP07j2XredvoSc9q4_mjFNjwU2YDWQVf4jsbHWZCyGxXEuTaqXXqt7j0cctvM64l2lXZ3pY0jOE2Gr3s2tPGeSCxoxzuFw1mHzEF0RmmYGivYBoaY2F4GRdlbzrcNeGTEhgxGB-RkU8FOAKDXxb672myrXYxCnb5SJp0M4t3UwFlJr4JZxAzajRlXTlVHe4l7LATP5V8I757z0nlldNR9mV8RLnpfOtzKoatSOkeroySYvFGc8dIjOxKcFqOc_hD4UaXYLyUHmDbXgzPBcyt6ExGBMGyXdXfXQ4xV0TZs1L6Nn2brRLVS3uzadcruWce0Hfi-8btwJNKUGKKC7pAsp7mA0SJjkwsM03YPM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aapka-msg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aapka-msg.com/	1970-01-20 18:01:32	Name: _ga Value: GA1.2.710588906.1671932468
.aapka-msg.com/	1970-01-20 08:26:58	Name: _gid Value: GA1.2.70382377.1671932469
.aapka-msg.com/	1970-01-20 08:25:32	Name: _gat_gtag_UA_155864431_1 Value: 1
.aapka-msg.com/	1970-01-20 17:47:08	Name: __gads Value: ID=578ad496bcd6dd39:T=1671932468:S=ALNI_MbcGSBlxDGMv_xlD_z7AlRtAzX2gg
.aapka-msg.com/	1970-01-20 17:47:08	Name: __gpi Value: UID=00000b9810bf49ee:T=1671932468:RT=1671932468:S=ALNI_MbEkxVP4NrYY9jISVvU378JlmAwzw
.doubleclick.net/	1970-01-20 17:47:08	Name: IDE Value: AHWqTUlzayMHt8G0qklsvl54S3jPoSJEoY2yAtL3bXHlT7g7Ar7SsrKOjn5MP7aZtc0
.hurra.com/	1970-01-20 17:11:08	Name: __uu Value: MuSeBEM0GOpq3--Czzzzzzzz

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0c5a500c63f52321131b16d17245c24.safeframe.googlesyndication.com
aapka-msg.com
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
securepubads.g.doubleclick.net
ssl.hurra.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
178.250.2.148
2606:4700::6811:180e
2606:4700:e4::ac40:ab0f
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2002
2a00:1450:400d:802::200a
2a00:1450:400d:803::2008
2a00:1450:400d:805::2001
2a00:1450:400d:806::2001
2a00:1450:400d:807::2002
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200e
2a00:1450:400d:80e::2003
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::3
62.144.160.15
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0021cc31ef85472442faea06bf18b65ffa357924a49287f15a124d7883d0b8f9
047141c5dd67c016c1c17950a962a73d9a8e94d6706069f109e710526f03acaf
07031397ff2404f97eebd395be1ca2375d964c70e4cf907994983b6a31256eb8
071580e34aac88161af882024da6f38d3e3257a1e60764a90661de10b0b6c387
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
127a88386cb8554048411fd46aa6fd205fbb7fa15afc3ebd925a030e50771404
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
190218113db16896a2f26497538861ac58c25280fdca5bf68de076371e39fd38
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
2d2f1fa5f826c9709600c5c5df00962a23b9086873eff45e0e4b72996259c457
310001a8675aebd6b36161e93995e099a69ec8271c2d0255b248e396a380f92a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b43a6b0a1736d80d625e43d5edf3bb81816daa5692650f55801f1762b10bd36
3d9f1b086035ff8124b2e476451c42c7a99f49826dc50303197112f81ce2c367
4049a3a86643679a6666e496dc58ba43256b4233bb00627b907b1705d3db950a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a707af048791c2d3c43f40a21074450b927036d97510f2eea887b06f2f75a07
4a79b18e7744f210f2400940cbd7e4b7767391e833645f761b759e9a1a365af7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50488656aeea003d0042da0979cd15675c0bc1c028a21dddfafd7656d54c709e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587c3f9e66745f4d0ea9700254310f4089e2093172879f2a15f740e9bcdf532d
5cc1f33d2e98255a07f024524dc8e4301353898b61537067731fe4a0d81fe900
5ea564efe96b669288e55d97e78f133e5a5b3e4cc0524ef63e676dc6e55ef0a4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ff476ab12ef621ba34a8631e0db1bb9fb5f6d953cbf7081f12df8971e25778
644989ba5a3848da57ea199a7749d7c97577dff068ae7a5afc82d5fed3153e39
67508da38b8bd8f86e53b9b2a89f4c7c996e15e63d7d494aa9ae8e5894488253
6b0ae1a27a1a5218dd8b07b5467880941e69b9028e01f2236e206637f87f3129
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73f91bbf6ef892cc1d97608578c674ab8cf477751ee44465371b02d73c82e60f
741f393215f518d6543928980721fde9a3cb96e743f3caeac79241f9fe098a16
8a693f4bb5b25c924b8a68734694fca6c94344153f2e21f798bbfc174210e536
8e47cee033935b83f1e202443847438f867c02cd2f47b934ac8ab25a547d1552
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
926bf8f51f94269d9b25a4c71b7e44920df0804530ca6f276bfcfd65cad21cd6
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a47279a0403043586908f5963250b7e0d7e1e26ecd42276258a319e3636d0617
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b8429f9ba44b320c4acee489b17d479b37401527a6a83746637c99385c3bd9
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a1a7acc572cd43c46700d8e6027931ea53659a01a4d1304a02b4c239a3cb0b
aa404f41bb73cd8b56987b71df35705c85824ae0862b82f58412c439004d48c0
aac4a423f94af29edab7eb8fc77cdeaca64cc48ee9624742954d4b025101ccd8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4099ca0eea07828a16b178afe30bcb9bf153097de6157c0bd79f6bb7462f42d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bfb12519b691771d4ca01f216cf5aa6a90483ccbc296ef944a796652bbc291d0
c1e3391112308e5efd32700291154fb595082773f256375ee5f3b09962816f5e
c7b866c784222aacee7180824f5accd895ba6f4ff2e0b37d61fcd0dabcc244e4
cb50263e817e17a8658bb0438723cfe888920428e7e60d108f3db30c4a18bcf8
d412b991646e825e0e5447590d48a7072c37dcd3b954c4f8419e029bf343a2ba
d481a984636a19a83ff91f330b6c3584e7055434ba07510dd6f9fc6c5806bb3f
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
dffcd0cc9b6d9b3e08e6f3d9246a7454be33eafe05a2dab97ee72c816041c8b3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e34d1a45e337bc82cf0db381d4abdaa0df412cc3598036b54945b179842e619a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b84f223f699733adbe2aa4ef21b426246b5bf27f468ddab523d6d7f2940849
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2bbc1a0becbfc55034c3751a58f9b45fce467e9c305d9191c42a8d12e7bcb1c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fab19bbeabdb2d495e65483edb2821a85f01ee1ae72c6cb1f4df3eae2c325e32

aapka-msg.com Open in urlscan Pro 2606:4700:e4::ac40:ab0f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

77 %HTTPS

91 %IPv6

14 Domains

22 Subdomains

23 IPs

4 Countries

1050 kBTransfer

2184 kBSize

7 Cookies

0 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aapka-msg.com Open in urlscan Pro
2606:4700:e4::ac40:ab0f Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

77 %
HTTPS

91 %
IPv6

14
Domains

22
Subdomains

23
IPs

4
Countries

1050 kB
Transfer

2184 kB
Size

7
Cookies

99 HTTP transactions
2 data transactions