www.yeeach.com Open in urlscan Pro
2606:4700:3037::6815:1bde Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yeeach.com/
Effective URL:
https://www.yeeach.com/
Submission Tags: tranco_l324
Submission: On March 16 via api (March 16th 2024, 6:52:15 am UTC) from DE — Scanned from DE

Summary HTTP 79 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 11 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3037::6815:1bde, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yeeach.com.
TLS certificate: Issued by GTS CA 1P5 on February 22nd 2024. Valid for: 3 months.

This is the only time www.yeeach.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	2606:4700:303... 2606:4700:3037::6815:1bde	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::ac43:8f9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3031::6815:1eee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4008:805::2003	15169 (GOOGLE) (GOOGLE)
11	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
79	21

5 2606:4700:3037::6815:1bde (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

yeeach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yeeach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:8f9c (United States)

ASN13335 (CLOUDFLARENET, US)

www.yeeach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3031::6815:1eee (United States)

ASN13335 (CLOUDFLARENET, US)

s1.juimg.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4008:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	588 KB
23	criteo.net static.criteo.net — Cisco Umbrella Rank: 694 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10714 csm.eu.criteo.net — Cisco Umbrella Rank: 9958	122 KB
8	yeeach.com 2 redirects yeeach.com www.yeeach.com	117 KB
6	juimg.top s1.juimg.top	634 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	49 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 224	57 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9861 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 18051 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10712	59 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 253	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1985	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	93 KB
79	11

	Domain	Requested by
24	pagead2.googlesyndication.com	www.yeeach.com pagead2.googlesyndication.com tpc.googlesyndication.com
11	imageproxy.eu.criteo.net	ads.eu.criteo.com
11	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
6	s1.juimg.top	www.yeeach.com
6	www.yeeach.com	www.yeeach.com
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	securepubads.g.doubleclick.net	pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	yeeach.com	2 redirects
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	pagead2.googlesyndication.com
1	ads.eu.criteo.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.yeeach.com
79	20

This site contains links to these domains. Also see Links.

Domain
themebetter.com

Subject Issuer	Validity	Valid
yeeach.com GTS CA 1P5	`2024-02-22` - `2024-05-22`	3 months	crt.sh
juimg.top GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-10` - `2024-05-05`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2024-05-31`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.yeeach.com/
Frame ID: 7EE93B3C833F0C8F0B2B88AB59E364EB
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
Frame ID: 45FA16452376F7F40931A75A5B3D0CAD
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&adk=1812271804&adf=3025194257&lmt=1710571930&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fwww.yeeach.com%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930713&bpp=1&bdt=512&idt=190&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200&nras=1&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=196
Frame ID: 24D3994D4B405D8A1C6F08F21F48922A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Frame ID: 22FCABF4CFF047AE36C28F23CEE15324
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=250&adk=3895562249&adf=2652735505&pi=t.aa~a.3999254231~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x250&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=0&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0%2C360x280&nras=3&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6
Frame ID: 93166A53FAC51ACC293218F56CFDCDF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: 59B1958A7B5973B642C21F3A2CE7CF67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: E701E4E4A4457FEF5980863A3EBDABAD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
Frame ID: 5447A9BAB8671936C271755E8C4F9D66
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfVBmwAJfR4GdhQgAAZY_IYY4yro5qw1WtimuA&u=%7C5lZzX7QKk%2BtipWQG16daq4KzWPIxschwErxQ%2FJxACoY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wddBGFpgTAKP2f14GO_wkUfK9D6VZdJWUx7I1_bYDzcQu-N5SHr7GB6AYpmEiRpZrJ8aZq4kdlAAtoYmUzIJBMW-IKm_EJ_qC0CcTC4-un1FRXnrdGBj12jj5HATDyfQbYQ1h7uGlHJZjmMjz1QqLDQRjU6JenopMzsZXFNH7EeGVPqgqcNJ9EaQ2HlWaqeL-WIN9ynyt2JkH5Ohx5ZYigc9CN4gVA6VVi2csjQpiaF8G5TeulsrY6HqJmXUY3e4f2W0Fl_xvhdCZ8lZSiemgjMw4iKAQvptx_a5uMSdillOTkfHMh0WWLJvJ3dFyJWMuTz9P0oNWKCWOl3RinQ2EnXtQof1mlK4Un4JULmRz-G6W0R_dyeY0Sow40BneduYed4QuyFUMKFRc4TBYp9EHxDQ2Owpi_P6-yJo1YpEWc4ybVfsQu5EDd0B_lcSa6t7YV0W_rSJQEFHN4e6uDH8McMh2I0De5DatCWlVym5V-2z_jhjzaRw1SSFBmaRK6WbqrNFL3i09xPbrdR5Chs-E4C6B0Tblge3XzoCSQk3lUgl_23hSCnZpm_v61w1AgJewRnw7er8nqc0MdcmSAfqcSN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXNRWm0H1ZZ76JaCo2OMP_LGZoAXJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTIxNjYyNzI5Mjg4MzQyMDTIAQmpApzIbW2TRLI-qAMByAMCqgTHAU_Q_sr3A6wsNLU3xQviUDHnN5uiQsw6EITwRq-dJ3_foEWLBwKd9thubaec-pNLQ5Mh2FJiOIkb81C0yWn6oTMdTMmzFu1MY7248G3rwc2gCgumARVbcfHgGeoTGyRQ72c0-F4V29l1u3GD6eQT_qDQw9Azz6k06Rj_LJksDnccwG08tWMBYOFbl9f00rj9i_h9vpl2F7dtwSGq9W9gYsHc39GpT5hIvRyLw-b6JkDnW6Zu-maYBmmCw5icOGSy-_B6YIXvd1uABqvu37Du3ZTZ7AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggoCJHhgHAQATIH64uA4L-ADToIAICAgICAlChIvf3BOljr_d6CmfiEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kfnIyuLY0enQEpx6VHoumdiyMeA%26client%3Dca-pub-2166272928834204%26adurl%3D
Frame ID: 2B0DA6A4395118C4040320A1AB924A01
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E156BBA6C4BA5B960F91918E607AFDA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

出家如初,成佛有余-

Page URL History Show full URLs

http://yeeach.com/ HTTP 301
https://yeeach.com/ HTTP 301
https://www.yeeach.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

100 %
HTTPS

95 %
IPv6

11
Domains

20
Subdomains

21
IPs

4
Countries

1725 kB
Transfer

3602 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://themebetter.com/
Title: themebetter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yeeach.com/ HTTP 301
https://yeeach.com/ HTTP 301
https://www.yeeach.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.yeeach.com/
Redirect Chain

http://yeeach.com/
https://yeeach.com/
https://www.yeeach.com/

37 KB
8 KB

696ms
673ms

Document
text/html

2606:4700:3037::6815:1bde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1bde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.13
Resource Hash: 3d21dd1f22e9b6c383c7484a31db317dd8985c49d062bfe79d16126e574ba4e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8652d19f9f6792e2-CPH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 16 Mar 2024 06:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referer: https://www.yeeach.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5oimjVLqcDswjqDUwQCS2gDtNrqieNkn8AwshEf%2B6JmzCEa0zWho%2BAqzj4cSThEfj7S%2FNyiydFDndVc3%2FpN35i%2BVWz6jZL3ZnSyS1C5%2FrUDQVwlkeccRA4zu2F%2Bysc2gujsQyTPDAD1KRddZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie
x-powered-by: PHP/7.4.13

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8652d19a9a7992e2-CPH
content-type: text/html; charset=UTF-8
date: Sat, 16 Mar 2024 06:52:09 GMT
location: https://www.yeeach.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referer: https://www.yeeach.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FX63vULDGm%2FQpUURcp5fewHxLqj40o7lW%2BBmWobkPcTN0DsTzeX5uWT%2BjeV6NEND5ypxxdP%2FGFHJKCT9lleu69JAiThgqYwltSXdThkNWM8IixS7GdYOhsA07PxwslRFOhrBEpYhdmWW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie
x-powered-by: PHP/7.4.13
x-redirect-by: WordPress

GET
H2 200 style.css
www.yeeach.com/wp-content/themes/D8-5.3/ 98 KB
21 KB 34ms
34ms Stylesheet
text/css 2606:4700:3037::6815:1bde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yeeach.com/wp-content/themes/D8-5.3/style.css?ver=5.3
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1bde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e45d782acb0af0a30305e0adf97d4d3200f6089cafa041c9b3d920faa2bdc0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 671895
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 09 Feb 2020 22:38:30 GMT
server: cloudflare
etag: W/"5e4089e6-1875f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJnK1n0sfnVR4KoCliF%2Bx74LD%2F6KbBt8eu0nSO6udJ%2BG%2FznsruTG9i9GJSo423ox0ksrOamdyr7H%2FL%2F7KNa9bI0wMHz47l2jM6xAG3bSn7mEfWwSaRkCPIPGMvhp1UAnbWn3eQ7Z62FX33kTCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
referer: https://www.yeeach.com
cf-ray: 8652d1a3db6292e2-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
www.yeeach.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 33ms
33ms Stylesheet
text/css 2606:4700:3037::6815:1bde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yeeach.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1bde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1307930
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Nov 2023 21:44:46 GMT
server: cloudflare
etag: W/"654d52ce-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcL1uNZPMPPQ0lJF0QiKQBjhg1re%2BvThWZEhtlzMHziEHaPU95GgqpC6Wl1bro%2FeKtUmVIw%2FmSX3nGVOcrmgc7VGPvZWXyjvMvkKPeUB4k88chpxuMDMGCV0ewcuRnLExgjIvCNzeXjc1UWY7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
referer: https://www.yeeach.com
cf-ray: 8652d1a3db6592e2-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.js Show response
www.yeeach.com/wp-content/themes/D8-5.3/js/ 145 KB
53 KB 37ms
37ms Script
application/javascript 2606:4700:3033::ac43:8f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yeeach.com/wp-content/themes/D8-5.3/js/jquery.js?ver=5.3
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8897808139f3d0354adaee44bdf1e44d897edd1394a3f2fcb70ef8b2cef63e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1285997
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Dec 2019 11:37:58 GMT
server: cloudflare
etag: W/"5dea3d96-244d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waB9c%2FehU1bfDwYbiiIACSd%2BaqpEJrv%2BmkG7QAjFbGscG3eBvcAE2tFrsHoWrc7hsvL%2BGjk7hRIXrWG5D1tme8qxb5%2FV%2FDOp8C60VgvOsfTa9fFG3Sl1SO6zwRHxAoehPFapT0G%2FQ1OMcZ%2BBIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
referer: https://www.yeeach.com
cf-ray: 8652d1a4d8a88f5d-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a43683d33b40f413228d.jpg
s1.juimg.top/uploads/2023/04/ 57 KB
57 KB 1135ms
1010ms Image
image/jpeg 2606:4700:3031::6815:1eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.juimg.top/uploads/2023/04/a43683d33b40f413228d.jpg
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 436ee93796d788b00d81e5799700b3919d19d74b7faf32d99c8ff150730466ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 58456
last-modified: Tue, 19 Dec 2023 12:51:13 GMT
server: cloudflare
etag: "658191c1-e458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56iRSsQu%2F4ddQdFZR4m6ylXFwDdaYrAjrXLuQJw2Iji0DgFzgNZls9ZHA3qVt%2F%2FGgs08TKr7sOBHdu3qnhkshhESgmZ1GTHCNbMxx80ZK%2FRW%2BgDeVN%2Fs7o%2Frg029i7JmatDcnwwitNEdT7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
referer: https://juimg.top
accept-ranges: bytes
cf-ray: 8652d1a59a6e930b-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 25db236756c536e8766d-3.jpg
s1.juimg.top/uploads/2022/11/ 52 KB
52 KB 1147ms
1022ms Image
image/jpeg 2606:4700:3031::6815:1eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.juimg.top/uploads/2022/11/25db236756c536e8766d-3.jpg
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0454ce300a9e9fe887f8ad7ee2cbf03f571d00890050d2590c30765a1ecd7bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 53200
last-modified: Fri, 29 Dec 2023 00:55:02 GMT
server: cloudflare
etag: "658e18e6-cfd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNSeQqFBOmzJA916vd3XI%2BgG%2BCs5LKaDHd2Ok3VYqN8oAYgMhjXeL9gf42VBHlz5qNQs02L%2FT89PaIwHM90P5w99WxlFrgxcWgwwrYksUye0yIEhIAYjcos0EAO9G5uJqfHftVg3nI018DY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
referer: https://juimg.top
accept-ranges: bytes
cf-ray: 8652d1a59a6a930b-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a22016a7d77fe58.jpeg
s1.juimg.top/uploads/2021/09/ 216 KB
217 KB 1082ms
1054ms Image
image/jpeg 2606:4700:3031::6815:1eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.juimg.top/uploads/2021/09/a22016a7d77fe58.jpeg
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 697c847357f4223e44dfb99e22643c10ad44c54e6419a8d7e6323c41092c2420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 221448
last-modified: Fri, 29 Dec 2023 00:55:04 GMT
server: cloudflare
etag: "658e18e8-36108"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCQx8%2BIrEOnOJX4THBL5QFbri%2BA4VQ76rwL6wiKFiFU93KpjiVOlsbgtF3xw9r%2BczHoiY4ROrgWG1Sq5BD0tCh80AFrK5kao9w5nReZi9XAsptXQfF2h1ZCu%2BETsqqrTTXspkLpqC8cnBX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
referer: https://juimg.top
accept-ranges: bytes
cf-ray: 8652d1a59a70930b-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0678b56cc4b917ab9f9c.jpg
s1.juimg.top/uploads/2021/09/ 75 KB
75 KB 62ms
35ms Image
image/jpeg 2606:4700:3031::6815:1eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.juimg.top/uploads/2021/09/0678b56cc4b917ab9f9c.jpg
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9a4644a270faca6a3c0ab1e43721d9af1a7934d88db459cb90f17b61ba9a4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 405502
alt-svc: h3=":443"; ma=86400
content-length: 76572
last-modified: Tue, 19 Dec 2023 12:51:10 GMT
server: cloudflare
etag: "658191be-12b1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQwDNSTAKPym142YKCYNpRORobtIYoNNeL7XGVr5Rr39oz9BGuiANQ0yM492LtVEbals6KeTJFzufPgb8uar2ORgDr6PcMNT%2FgKSPfrsj5GT8e%2BSq%2BBGDW1p%2BsN8hyKT3Q4MBPSCE5pKmdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
referer: https://juimg.top
accept-ranges: bytes
cf-ray: 8652d1a59a6c930b-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4540ab8bb17a417b477a.jpg
s1.juimg.top/uploads/2021/01/ 106 KB
107 KB 1061ms
1034ms Image
image/jpeg 2606:4700:3031::6815:1eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.juimg.top/uploads/2021/01/4540ab8bb17a417b477a.jpg
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41853140d88444f366db69be1d5e0c33935c959253f41f81b994485f2c4bdae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 108884
last-modified: Fri, 29 Dec 2023 00:55:04 GMT
server: cloudflare
etag: "658e18e8-1a954"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fd4FZjireQppQgAbguU9vcXwQRTa4WfszMvbYMp6aApo6rpAKDBGFdcZXjAlqMHBPdJgVtUPw5xBeFiOrrUPv%2FQ%2Fdrd3DvS5uMhR0TmhcqXbSyvwd%2BOCOTOIbqs75Alk6%2FtOqwQ485Yzwss%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
referer: https://juimg.top
accept-ranges: bytes
cf-ray: 8652d1a59a71930b-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7f727843a480d86832d0.png
s1.juimg.top/uploads/2021/01/ 124 KB
125 KB 1078ms
1052ms Image
image/png 2606:4700:3031::6815:1eee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.juimg.top/uploads/2021/01/7f727843a480d86832d0.png
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1eee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 598a93054a8d88963a17d4d38cd786df75310e1cce144f7f12b57e9da8bb4ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 127336
last-modified: Fri, 29 Dec 2023 00:55:04 GMT
server: cloudflare
etag: "658e18e8-1f168"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCE26Dff563vFMN%2FY7k1%2BnlLn39VrFjIegEUxdBMZm4zehJy923CXcwUOiXv0tr4bXa9Qr21vtVF3oM4iNKdVnV9MJ2v0ohpS8U55kh9cL4BAGrJ%2FT6QSqUhTcbJmdNM%2FaHeCZx0ASEHPBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
referer: https://juimg.top
accept-ranges: bytes
cf-ray: 8652d1a59a6f930b-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 165ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.yeeach.com
URL: https://www.yeeach.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27dec4697f1a57d36bc57bff21a7d61bf618c54ee249de9a114f2418dd3c1bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50970
x-xss-protection: 0
server: cafe
etag: 210994673362124917
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 16 Mar 2024 06:52:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
93 KB 166ms
66ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LS5DEQ8ZLQ

Requested by

Host: www.yeeach.com
URL: https://www.yeeach.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c90756abe56b32a9f287883a315396219995c4b8628a0286a01c281185362f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 16 Mar 2024 06:52:10 GMT

GET
H3 200 logo.png
www.yeeach.com/wp-content/themes/D8-5.3/img/ 6 KB
7 KB 33ms
32ms Image
image/png 2606:4700:3033::ac43:8f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yeeach.com/wp-content/themes/D8-5.3/img/logo.png
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/wp-content/themes/D8-5.3/style.css?ver=5.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a163af2ecd73ec6fa5ee7173d566c28a455b48079e58f514b839c183227f1a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/wp-content/themes/D8-5.3/style.css?ver=5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56501
alt-svc: h3=":443"; ma=86400
content-length: 6208
last-modified: Sun, 13 Nov 2022 01:20:05 GMT
server: cloudflare
etag: "63704645-1840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rX6BTx1KdgZ8AleOVvt6aFTAnOGF7RjQPhKT%2BvHshcHHJSClIRme3%2BDoVoJngf69A1v4QUty507VKscprc6zbp7iUmn8RJN4Ez66e4ogqeXj9FBGvzxlLpIPXWDoIrua2fh3omLyqEk3QvEn7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
referer: https://www.yeeach.com
accept-ranges: bytes
cf-ray: 8652d1a5795e8f5d-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 glyphicons-halflings.png
www.yeeach.com/wp-content/themes/D8-5.3/img/ 12 KB
13 KB 33ms
33ms Image
image/png 2606:4700:3033::ac43:8f9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yeeach.com/wp-content/themes/D8-5.3/img/glyphicons-halflings.png
Requested by: Host: www.yeeach.com
URL: https://www.yeeach.com/wp-content/themes/D8-5.3/style.css?ver=5.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8f9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/wp-content/themes/D8-5.3/style.css?ver=5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1258133
alt-svc: h3=":443"; ma=86400
content-length: 12799
last-modified: Fri, 12 Apr 2013 12:07:52 GMT
server: cloudflare
etag: "5167f918-31ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXc%2Fqr6zS4c0FvmySxDnoR90ihqOvN0OT6wDfhVyoSLH20GAEEeqCOeHCglF1NsSfIBnt8n5%2BJOoptmCzqusJf2RhZDhG%2FvX%2BZRtp1MFk%2FvZffPg2bnY%2FgdLUHvpPRdKu18iCv3lUqNiKp%2BxRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
referer: https://www.yeeach.com
accept-ranges: bytes
cf-ray: 8652d1a579608f5d-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 406 KB
138 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2166272928834204&plah=www.yeeach.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74c9c0d992c264374ac40a35d4132354b70aa35140a9dc6aad32ffb38f1b7876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140995
x-xss-protection: 0
server: cafe
etag: 3875573237529988370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:52:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 96ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LS5DEQ8ZLQ&gtm=45je43d0v9107862626za200&_p=1710571930462&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=580933195.1710571931&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710571930&sct=1&seg=0&dl=https%3A%2F%2Fwww.yeeach.com%2F&dt=%E5%87%BA%E5%AE%B6%E5%A6%82%E5%88%9D%2C%E6%88%90%E4%BD%9B%E6%9C%89%E4%BD%99-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2513
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LS5DEQ8ZLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 06:52:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yeeach.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ 56 KB
21 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2166272928834204&plah=www.yeeach.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb07ada6556e29cb9f38d3dd723271caeb6fad88ac5aeb1d51546e58648605ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 19:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21854
x-xss-protection: 0
server: cafe
etag: 1802993166958843747
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 19:56:54 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 45FA 131 KB
42 KB 531ms
531ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01cbcda762d14707e3c9b85fe78419e269d6da0e8ba2946e084fdc610acc2839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yeeach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42845
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Mar 2024 06:52:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 24D3 130 KB
30 KB 574ms
574ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&adk=1812271804&adf=3025194257&lmt=1710571930&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fwww.yeeach.com%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930713&bpp=1&bdt=512&idt=190&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200&nras=1&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=196

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5f299fca747e2f19a4a29454b103e42369405b2cd7eea8a79b09b482454f7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yeeach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 30645
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Mar 2024 06:52:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar-wrap&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.yeeach.com
URL: https://www.yeeach.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 06:52:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 45FA 14 KB
2 KB 153ms
54ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 16 Mar 2024 06:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Mar 2024 05:19:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Mar 2024 06:52:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 45FA 2 KB
822 B 102ms
102ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 18:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 18:11:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/551480433315862332/ Frame 45FA 23 KB
23 KB 166ms
47ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/551480433315862332/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61acbf2719c54bbfbb8b9945ee272e2a3906ed5991271467d28f23e4c1fccba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 13 Mar 2025 00:20:18 GMT
date: Wed, 13 Mar 2024 00:20:18 GMT
x-content-type-options: nosniff
age: 282713
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23402
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 14:54:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 45FA 23 KB
9 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 15:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 15:09:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 45FA 3 KB
1 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 15:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 15:09:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 45FA 20 KB
8 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 18:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 18:11:47 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 45FA 208 KB
63 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 07:09:06 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 45FA 36 KB
15 KB 146ms
46ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jun 2024 12:59:22 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 166 KB
56 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a54c3041d21712c53e718abb51f3bc58c8754bb42c0f96a6202fc8911f6c1125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57255
x-xss-protection: 0
server: cafe
etag: 5512537601559085769
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:52:11 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 22FC 38 KB
15 KB 403ms
403ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8daa5d0ff001df860648957be1b9771b039d8e426577781a57142f81b1af5a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yeeach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15271
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Mar 2024 06:52:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 9316 573 B
317 B 528ms
528ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=250&adk=3895562249&adf=2652735505&pi=t.aa~a.3999254231~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x250&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=0&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0%2C360x280&nras=3&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2087&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fb5c00ebc3a60d854f3fe41c99346eb3a1ab98a2345690ea76f258fb64b9588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yeeach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 297
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Mar 2024 06:52:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 45FA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2c7206bfdb009c62f9f74509e10155895d9de5471af4d7459389692450482a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame 59B1 9 KB
4 KB 188ms
48ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yeeach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Mar 2024 19:54:02 GMT
etag: 5035419970550746386
expires: Fri, 29 Mar 2024 19:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 45FA 33 KB
34 KB 145ms
46ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 355856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 04:01:15 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame E701 9 KB
4 KB 175ms
46ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yeeach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Mar 2024 19:54:02 GMT
etag: 5035419970550746386
expires: Fri, 29 Mar 2024 19:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 45FA 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=CRMq1m0H1ZZIBk4Wfzw-s8I-gA5mMwaR2kIXunLcR2tkeEAEgqMeXfGCV-vCBjAegAarT4d4DyAEJqQKcyG1tk0SyPqgDAcgDywSqBNcBT9DrYsEESGPt9KeBYjey1gQNUg6GtzLpE9f-Uee70yLydWLYJSQOB4R9lcakrDdHC-P2zUAE6UjzDwrV_Vw3Osd_pCXutdii-UlqWBG5c3QlqO9LxRJuvF9OPYsxuBOYP1kfTQWGrczm4JSgCb-exAlLbiSh7P6Zb3-fNRU9h58ryWWC2vuFtl95NUqlMKfKi1CN13nBIGx3_IQgZH6B-e0pMtbfnxlGD_jCZXcmw4hgjniREssK-jhEU1UK8ZDzagckg-uLDCBUuzk9tnlwTXsz0ulbpuzABOzt9t6iBIgFptHszyuSBQQIBBgBkgUECAUYBKAGLoAHvqyeIagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcEEKGfBNIIKgiR4YBwEAEYHzIH64uA4L-ADToIAICAgICAlChIvf3BOlisirmCmfiEA5oJN2h0dHBzOi8vd3d3Lm5vdnVtdmVybGFnLmNvbS9raW5kZXJidWNoYXV0b3Itd2VyZGVuLmh0bWyACgHICwHYEwyIFAXQFQGAFwGyFxwKGggAEhRwdWItMjE2NjI3MjkyODgzNDIwNBgAshgJEgKATxguIgEA&sigh=1JJsKTFaw6c&uach_m=%5BUACH%5D&ase=2&template_id=5000&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 16 Mar 2024 06:52:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5447 51 KB
20 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 18:25:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20251
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 18:25:35 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 45FA 64 KB
24 KB 145ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41184d45ee0190e745df94776022442ab923bc979486aee54db3aef923747b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 809
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24270
x-xss-protection: 0
server: cafe
etag: 1848696431517659579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 07:38:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 22FC 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 15:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 15:09:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 22FC 20 KB
8 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 18:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 18:11:47 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 22FC 208 KB
63 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 07:09:06 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2B0D 201 KB
59 KB 168ms
106ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfVBmwAJfR4GdhQgAAZY_IYY4yro5qw1WtimuA&u=%7C5lZzX7QKk%2BtipWQG16daq4KzWPIxschwErxQ%2FJxACoY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wddBGFpgTAKP2f14GO_wkUfK9D6VZdJWUx7I1_bYDzcQu-N5SHr7GB6AYpmEiRpZrJ8aZq4kdlAAtoYmUzIJBMW-IKm_EJ_qC0CcTC4-un1FRXnrdGBj12jj5HATDyfQbYQ1h7uGlHJZjmMjz1QqLDQRjU6JenopMzsZXFNH7EeGVPqgqcNJ9EaQ2HlWaqeL-WIN9ynyt2JkH5Ohx5ZYigc9CN4gVA6VVi2csjQpiaF8G5TeulsrY6HqJmXUY3e4f2W0Fl_xvhdCZ8lZSiemgjMw4iKAQvptx_a5uMSdillOTkfHMh0WWLJvJ3dFyJWMuTz9P0oNWKCWOl3RinQ2EnXtQof1mlK4Un4JULmRz-G6W0R_dyeY0Sow40BneduYed4QuyFUMKFRc4TBYp9EHxDQ2Owpi_P6-yJo1YpEWc4ybVfsQu5EDd0B_lcSa6t7YV0W_rSJQEFHN4e6uDH8McMh2I0De5DatCWlVym5V-2z_jhjzaRw1SSFBmaRK6WbqrNFL3i09xPbrdR5Chs-E4C6B0Tblge3XzoCSQk3lUgl_23hSCnZpm_v61w1AgJewRnw7er8nqc0MdcmSAfqcSN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXNRWm0H1ZZ76JaCo2OMP_LGZoAXJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTIxNjYyNzI5Mjg4MzQyMDTIAQmpApzIbW2TRLI-qAMByAMCqgTHAU_Q_sr3A6wsNLU3xQviUDHnN5uiQsw6EITwRq-dJ3_foEWLBwKd9thubaec-pNLQ5Mh2FJiOIkb81C0yWn6oTMdTMmzFu1MY7248G3rwc2gCgumARVbcfHgGeoTGyRQ72c0-F4V29l1u3GD6eQT_qDQw9Azz6k06Rj_LJksDnccwG08tWMBYOFbl9f00rj9i_h9vpl2F7dtwSGq9W9gYsHc39GpT5hIvRyLw-b6JkDnW6Zu-maYBmmCw5icOGSy-_B6YIXvd1uABqvu37Du3ZTZ7AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggoCJHhgHAQATIH64uA4L-ADToIAICAgICAlChIvf3BOljr_d6CmfiEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kfnIyuLY0enQEpx6VHoumdiyMeA%26client%3Dca-pub-2166272928834204%26adurl%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

31576ab3c73ef52b7d9daef26bae21d6124c83755552aca8b61af2aa2d67b3d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pagead2.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 16 Mar 2024 06:52:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=d0c8m8QhLy3RuNnS9iiaPiuLtx2Yziqh20YVMrDsnS_X1dPWuSoKHUmYIdFxlKn_K5U-TqvB5O7WhYzWe8ZEvHUexI1ZwDWAnjaR9-OM---HLb3YiWjfFwaYxCjFTNm8pa77goI_rQ8T66rV9CIhlXju6_wAdKYoNuGEGHkxDpbrzGsVfZTxOZAPHHB9phYvhcyl68rTfxVKAf6cEYOgkz7BW3WTYOGBcQ3LqSZY85bKG4G4T6UFE4AcUmE-waQFV1-phw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65059484
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 22FC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a3adc7bab0b433bc9609953c50781687b16ff2098c737aafbf86729e43f399a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 22FC 0
19 B 82ms
81ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=C6VySm0H1ZZ76JaCo2OMP_LGZoAXJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTIxNjYyNzI5Mjg4MzQyMDTIAQmpApzIbW2TRLI-qAMByAMCqgTEAU_Q_sr3A6wsNLU3xQviUDHnN5uiQsw6EITwRq-dJ3_foEWLBwKd9thubaec-pNLQ5Mh2FJiOIkb81C0yWn6oTMdTMmzFu1MY7248G3rwc2gCgumARVbcfHgGeoTGyRQ72c0-F4V29l1u3GD6eQT_qDQw9Azz6k06Rj_LJksDnccwG08tWMBYOFbl9f00rj9i_h9vpl2F7dtwSGq9W9gIMP9TVE6n6XubTtRT8YTgk7AURBk1H4asqG_ZWojJkiqYzruQGyABqvu37Du3ZTZ7AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggoCJHhgHAQATIH64uA4L-ADToIAICAgICAlChIvf3BOljr_d6CmfiEA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTY2MjcyOTI4ODM0MjA0GAA&sigh=AA70sNeqFug&uach_m=%5BUACH%5D&cbvp=2&vis=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 16 Mar 2024 06:52:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 22FC 0
126 B 152ms
45ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=mOz_GLr5ROgCmAKdg2ICAgAAAKkI90EiuOk3EJpB9WUkBNHY0bH9cDS4AAASAAAKCkFRVUJEd0VCRHd_L6sYIRy_J3vmYizrh--b&wp=ZfVBmwAJfR4GdhQgAAZY_IYY4yro5qw1WtimuA&cbvp=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 159698
server: Kestrel
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 45FA 0
234 B 166ms
51ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lttqd20m&chm=1&ctx=2&gqid=mkH1ZbLcN-OD_NUP9_u3yAU&qqid=CNK6vYKZ-IQDFZPC5wMdLPgDNA&met.4=fb.ez~lb.hy~ol.pd~bdt.-j6~bpp.-4z~idt.-b~dtd.-2~dt.-51&met.3=492.fa_1~555.jz~556.jz_1~113.vg_4~112.vf_5&met.1=1.lttqd158~6.0~7.0~8.0~9.0~10.0~12.1~13.es~14.fh~15.eu~16.iu~17.iu~18.iu~19.p2~20.p2~21.pd~22.fm~23.fm&met.7=CBwQCBgBMK4EOJEHaAFwlAR4idECgAHdzgKIAaqVCLABAbgBAw~CBIQBxgBIJoEKJoEMLQFOJsBUJsEWP0EYMgEaP0EcLMFeKUMgAH5CYgB83GqARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIKYEKKYEMI0FOGhopgRwjAV4xwiAAZsGiAGIDbABAbgBAw~CBcQAhgBIKsEKKsEMP4FONQBUL8EWKIFYOwEaKIFcNEFeJa5AYAB6rYBiAHqtgGwAQG4AQM~CAkQChgBIK8EKK8EMJIFOGNosARwjQV4pkiAAfpFiAHOtAGwAQG4AQM~CB4QChgBIK8EKK8EMJQFOGVosARwkgV4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIK8EKK8EMOgEODhosARw4gR4x0KAAZtAiAHYnAGwAQG4AQM~CBwQChgBILAEKLAEMIsFOFtosARw6AR45_gDgAG79gOIAfP-DLABAbgBAw~CBsQChgBILAEKLAEMM0FOJ0B~CCEQBBgBIJEHKJEHMOIHOFFokQdw4Qd4rAKwAQG4AQM~CCgQChgBIJMHKJMHMNMIOL8BUJQHWPcHYMIHaPcHcKUIePq_AYABzr0BiAGp_gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 06:52:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2B0D 2 KB
1 KB 127ms
60ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfVBmwAJfR4GdhQgAAZY_IYY4yro5qw1WtimuA&u=%7C5lZzX7QKk%2BtipWQG16daq4KzWPIxschwErxQ%2FJxACoY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wddBGFpgTAKP2f14GO_wkUfK9D6VZdJWUx7I1_bYDzcQu-N5SHr7GB6AYpmEiRpZrJ8aZq4kdlAAtoYmUzIJBMW-IKm_EJ_qC0CcTC4-un1FRXnrdGBj12jj5HATDyfQbYQ1h7uGlHJZjmMjz1QqLDQRjU6JenopMzsZXFNH7EeGVPqgqcNJ9EaQ2HlWaqeL-WIN9ynyt2JkH5Ohx5ZYigc9CN4gVA6VVi2csjQpiaF8G5TeulsrY6HqJmXUY3e4f2W0Fl_xvhdCZ8lZSiemgjMw4iKAQvptx_a5uMSdillOTkfHMh0WWLJvJ3dFyJWMuTz9P0oNWKCWOl3RinQ2EnXtQof1mlK4Un4JULmRz-G6W0R_dyeY0Sow40BneduYed4QuyFUMKFRc4TBYp9EHxDQ2Owpi_P6-yJo1YpEWc4ybVfsQu5EDd0B_lcSa6t7YV0W_rSJQEFHN4e6uDH8McMh2I0De5DatCWlVym5V-2z_jhjzaRw1SSFBmaRK6WbqrNFL3i09xPbrdR5Chs-E4C6B0Tblge3XzoCSQk3lUgl_23hSCnZpm_v61w1AgJewRnw7er8nqc0MdcmSAfqcSN&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXNRWm0H1ZZ76JaCo2OMP_LGZoAXJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTIxNjYyNzI5Mjg4MzQyMDTIAQmpApzIbW2TRLI-qAMByAMCqgTHAU_Q_sr3A6wsNLU3xQviUDHnN5uiQsw6EITwRq-dJ3_foEWLBwKd9thubaec-pNLQ5Mh2FJiOIkb81C0yWn6oTMdTMmzFu1MY7248G3rwc2gCgumARVbcfHgGeoTGyRQ72c0-F4V29l1u3GD6eQT_qDQw9Azz6k06Rj_LJksDnccwG08tWMBYOFbl9f00rj9i_h9vpl2F7dtwSGq9W9gYsHc39GpT5hIvRyLw-b6JkDnW6Zu-maYBmmCw5icOGSy-_B6YIXvd1uABqvu37Du3ZTZ7AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggoCJHhgHAQATIH64uA4L-ADToIAICAgICAlChIvf3BOljr_d6CmfiEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3kfnIyuLY0enQEpx6VHoumdiyMeA%26client%3Dca-pub-2166272928834204%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2B0D 2 KB
1 KB 99ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2B0D 308 B
637 B 97ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2B0D 293 B
621 B 97ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2B0D 43 B
348 B 111ms
34ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=J40w4gvU4uYIeOE6sMMmvhXqeZJ3KY0fSEl1Tnqpn1mgWXwvQPJFbVEPzQwzzJz6KvYdcV8JHcD5yEMSxkDyRRa-xp-6nKKFwj9Wgyt1fwlGWfUSRlMzu5RehjFde_U0dsKlTiQDn8aRiyn4-Zvem1RZxqhPmELjyjahjJoTEHHUP6bAmU6afffJffq8lH2WMcUp7JsuZ8VNjKFRmyn-G3_l0oWCY8ove4LOW0KnZPpjK10DFcX3WbdbeFvsVRcx2NW4L5-tH77oTF6D2PE4sdhZccFt4bZSib9Vz5Nen2syIjytE2Yqg8H3DM-n-IRCBRgbuL1dEx-FYapiMY6mCKo4HMEEyHENlBynkc6L9o_qbEgOdwBsXKo99X79xHO58OcwAhmA5up_f3w5DsfiQ3H9bcG6h6JTujWQ-hUtFRfxTlAdt4QHw7ytddDJAINi8QIXSQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2285754
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2B0D 12 KB
5 KB 103ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 221399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYP%2F19ZLt563SCsqIISN7dG8C5utVsCjnSsht5zNvP0jzfADsWtr%2BTMPMmBtd07cecXIH5yCSwdktNjVfU%2F%2FjpuGU8Nys%2FI0OuLJ%2B47f%2BySjeCQNQRQBgWQgA8icerq6mScMlrZLsaZJkIiilZvuKad2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8652d1b04e48356c-WAW
expires: Thu, 06 Mar 2025 06:52:12 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2B0D 12 KB
6 KB 56ms
36ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 17 KB
18 KB 139ms
66ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=716&rid=4&s=VxvJGkMrU59SQwXnRybjzqT-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bdd73c385acd8a79ed500526104018c60da58e08c70b8f4053fe2c69a7444061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17802
expires: Sun, 09 Mar 2025 03:19:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 7 KB
7 KB 151ms
78ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F29407736_4-202301251236.jpg&v=3&w=400&rid=4&s=CMSxDHaTw1HZ621Fl5LouDkj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

850d03f4bd756094fba05787be588abd044ac6ca5a6911a425d57a34f0812acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7208
expires: Wed, 19 Feb 2025 06:37:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 2 KB
3 KB 103ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F26406312_3-202102042232.jpg&v=3&w=400&rid=4&s=VIXxIM-tUV_zG86JHylW2A5e&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a9cecffa39da6a93a09974a8e21e14c3e6f627ad9bb7d9a462915e1fccd7e704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2506
expires: Sun, 09 Mar 2025 07:36:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 4 KB
5 KB 155ms
82ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&rid=4&s=sFPYPwb7keL_Ew6_IWjCVNv_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4547
expires: Sat, 22 Feb 2025 21:06:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 5 KB
6 KB 107ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F13303531_1-201811271610.jpg&v=3&w=400&rid=4&s=JyOcG4RP3Bqkf8FFvAbND4SQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eb610efb767d603d0a9bbf086f4b977181539a65577010dbf7b7b9d4e39f7b71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5566
expires: Thu, 06 Feb 2025 09:28:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 7 KB
7 KB 146ms
74ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F23407654_2-201905222035.jpg&v=3&w=400&rid=4&s=amdMQ1VPLrmZsHMOOW6Xr3mk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4ba9dd3b3a4bd5623d429e90fc28f7395bf5b91c86f5aaff9d0e3433576f8e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6702
expires: Thu, 06 Mar 2025 03:59:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 8 KB
9 KB 74ms
73ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F15401441_6-201811271456.jpg&v=3&w=400&rid=4&s=iyHAXN1jB4dlGURAfRgfsY7X&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ae7cefb980da7f6c23343e2fb19657b90b8539be11ae5fbbcf01899a306eedc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8614
expires: Sun, 09 Mar 2025 01:06:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 11 KB
11 KB 79ms
79ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F529512_2-201811271554.jpg&v=3&w=400&rid=4&s=go0uZIuFGMjBzEqLEj1sWDBY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5321a302afe61684aa5ea16f59fbe5c9ee2059538fb1af7b0e2977fb480e00b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11046
expires: Thu, 06 Mar 2025 02:21:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 3 KB
4 KB 81ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F26406326_2-202102042232.jpg&v=3&w=400&rid=4&s=bIcUZUgf_bxjLfnje-q7ngyi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c7e8c3adfa7bc1985ba4fc7955bad5424d0ea2e5b759362bc816a1f2b3eff93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3444
expires: Fri, 07 Feb 2025 13:22:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 2 KB
2 KB 82ms
82ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40400234_7-202302282232.jpg&v=3&w=400&rid=4&s=U24VDauO5-kEYSPxt6LJBiPr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eca5b92e4d153edb225ffcc37d555ed353dfc5d3e4f4446d08b55eaae4170a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2132
expires: Thu, 06 Mar 2025 06:30:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2B0D 4 KB
4 KB 85ms
85ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40404473_7-202303151234.jpg&v=3&w=400&rid=4&s=nLRsmOrvq9lPl7q5JVSWEHIx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4551b443c1dfbd08466824086da4cff750794e4bda2a93e23e797e898ed6c19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4350
expires: Mon, 10 Mar 2025 04:10:37 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2B0D 0
128 B 92ms
30ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=d0c8m8QhLy3RuNnS9iiaPiuLtx2Yziqh20YVMrDsnS_X1dPWuSoKHUmYIdFxlKn_K5U-TqvB5O7WhYzWe8ZEvHUexI1ZwDWAnjaR9-OM---HLb3YiWjfFwaYxCjFTNm8pa77goI_rQ8T66rV9CIhlXju6_wAdKYoNuGEGHkxDpbrzGsVfZTxOZAPHHB9phYvhcyl68rTfxVKAf6cEYOgkz7BW3WTYOGBcQ3LqSZY85bKG4G4T6UFE4AcUmE-waQFV1-phw&sds=2&rev=91140.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 16 Mar 2024 06:52:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2B0D 2 KB
1 KB 59ms
58ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2B0D 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 2B0D 2 KB
899 B 33ms
32ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 2B0D 2 KB
900 B 31ms
31ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 2B0D 16 KB
17 KB 133ms
73ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 2B0D 16 KB
16 KB 108ms
62ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Mar 2025 06:52:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 155ms
60ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3292b71f8e11598e356db8b6ca1054ccc7e32c699467f04ad1a1961a9d93c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12225
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 22FC 64 KB
24 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41184d45ee0190e745df94776022442ab923bc979486aee54db3aef923747b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 810
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24270
x-xss-protection: 0
server: cafe
etag: 1848696431517659579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 07:38:42 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 22FC 0
54 B 52ms
51ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lttqd2de&chm=1&ctx=2&gqid=m0H1ZaqVIdvi1PIPy6Km8A8&qqid=CN6z44KZ-IQDFSAUdgYd_FgGVA&met.4=fb.bf~lb.ct~ol.oo~bdt.-10o~bpp.-2~dtd.-1~dt.-3&met.3=492.bh_1~492.bh~113.qo_1~112.qo_1&met.1=1.lttqd1mq~6.0~7.0~8.0~9.0~10.0~12.1~13.b8~14.bb~15.ba~16.e1~17.e1~18.e2~19.on~20.on~21.on&met.7=CBwQCBgBMJgDOPgGaAFwlAN403mAAad3iAGbswKwAQG4AQM~CB4QChgBIJoDKJoDMNYDODxomgNwyAN4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIJoDKJoDMMsDODFomgNwyQN4x0KAAZtAiAHYnAGwAQG4AQM~CBwQChgBIJoDKJoDMNUDODtomgNwygN45_gDgAG79gOIAfP-DLABAbgBAw~CBsQBSCdAzjaAw~CCEQBhgBIPoDKPoDMM0EOFJo-wNwzAR4rAKwAQG4AQM~CBsQBiD6AziYAQ~CCgQChgBIIAHKIAHML8HOD5ogQdwrgd4-r8BgAHOvQGIAan-A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 06:52:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 06:52:12 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E15 13 KB
5 KB 46ms
46ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yeeach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Mar 2024 22:39:02 GMT
expires: Sat, 15 Mar 2025 22:39:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E15 40 KB
15 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 18:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15583
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Mar 2025 18:56:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5E15 0
10 B 46ms
46ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aWIn8g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 06:52:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 45FA 42 B
66 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6QYZfwTafJeMCIhcxyFuotC941QpoCx-PCY5qf71YTk6GyuGQ0j5sKBAGLguipaqvgofAgrulcTl_KvL8vLxpv4UOk8_0GK16dMJubeBDB_ol6pM7t8hs892MEd0R4Xpg1G5rwDFGHcuQhHfkGZB0tgjFJvGmgp3FdRt8JcY&sig=Cg0ArKJSzE0J_5ViPqL6EAE&id=lidar2&mcvt=1001&p=0,0,200,945&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2411542968&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=650473100&rst=1710571930892&rpt=909&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=200&slotname=1144202306&adk=2411542968&adf=4034921668&pi=t.ma~as.1144202306&w=945&fwrn=4&lmt=1710571930&rafmt=11&format=945x200&url=https%3A%2F%2Fwww.yeeach.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571930711&bpp=2&bdt=509&idt=170&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&correlator=4379817152005&rume=1&frm=20&pv=2&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 06:52:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
79ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=3354449846625600&bg=!IiGlIW7NAAY_ejuoH3o7ADQBe5WfONzXyqEb2FKVETeVHC3wiH_QFGgf5ZkZXkMx5Spm2tSuzMr1GZjpielrqA52XERMAgAAADBSAAAAA2gBB5kC2aVBXG-21fWakohh083kLiXyy-95GPOZLtQQPrxVttlCEc0NzD7VdbUnWm48oANKUk9FCaEKglD24o2CvzmtF463b0p9FFtou6FonoYZMQpfQtAB0E6Ldb9EITrstEpEWQ-0xsHQH11d91xOzH-1aRhxrEZJBdSRx8TehUEmGnt4sHbNVJyMk7-oSGTLTaVsC0ScnAdMhyHaGZMb01W5ZGawpWvWEQPU6LVZDFH96mLAhiIECsfaQqrDvxU2djLHnNCSiqDtJKW_es4yGl5lp0XpHcYxuB49NZk61gFBRauxdeFEJ647-4zJkGo0r7WD7GtHrCuzNYtekQpQDaCTPUR24x1EXEWkjwVtt22cNvPdPwbzJNPk5-jqzGFSxUGNI8wkltnJF0q8J3hCBJhYySK8y4aTxXHD39Jan-5Bj9KHFAabIE7lOkj-tphoU9LHBLnssJP3fiaDH859UC5_Q92nOLyDEoQ2efcVvdzRlh9gW_LHd_fTD13SZmVTObFeiggsn0GY89UqxJJDp3rbzOBfCnUXrMPYJPC-1Jy0MFllvkViSsNmk14sAVeVE_vgL2aYlfJPkYeuwY-jcm-13YEwgdnPDiNKBeUnHmprSLBPWvBVsn4M3W6DGjGSRnYSSZq7Liw9pGqd3Y0VLrGVEgsFZotJxTD5Jq6WniCW8f0-Z4hIlz7txisRICJjEHg4wIBfRso5eH4_XMMT8mTU0jaz43Qx9iYupK6UAh4G6t8HB9-WnWcWG8MqPghVIj2hWaES6tRQ5kQL26x51RwZcJ9dXtEmiBZSLekH4DQKVI-FROWCz7uxN_kKF57NjoZB_NqVDZIGpKne3f1V-GyLNlqwznsWo_PjZiRuMJM0Lbm0ZPX2pRC9epuQI3xjFDVN-4yWYO3Cmp_d1TRZ6IPOj7BRGVRvfdqZc5FourQd46QTtNz0txzMfM35aElipFQKbFputaBJjYHkyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 53ms
52ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lttqd16m&c=3354449846625600&e=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C31061691%2C31061692&ctx=1&met.3=164.1wl~165.1wj_2~166.1wa_c~1001.1wm_1__1~164.1wn~165.1wm_1~1032.219~326.21b_1~832.21c~868.21c~216.219_4~215.219_4~843.218_5~889.21h~639.21s~1032.21v~326.21w~832.21w~868.21w~216.21v_1~215.21v_1~889.221~639.222~112.22y_1~429.2im~993.2io_2__2~992.2iq__2~994.2iq__2~991.2in_3__2~990.2in_3__2~353.2in_3~453.2ir~754.2is__7~995.2is__7~998.2ir_1__7~453.2is~754.2it_1__a~995.2is_1__a~247.2iy~248.2iy~1032.2iy~326.2iz~832.2iz~868.2iz~164.2iy_1~165.2iy_1~996.2ix_1__a~997.2iu_5__a~453.2iz~754.2iz__a~995.2iz_1__a~247.2j0~248.2j0~1032.2j0~326.2j0~832.2j0~868.2j0~164.2j0~165.2j0_1~996.2j0_1__a~997.2j0_1__a~453.2j0~754.2j1__a~995.2j1__a~998.2is_9__a~889.2j1~889.2j5~639.2jd~639.2jd~453.2je~754.2je__l~995.2je__l~998.2je__l~453.2jf~453.2jf~453.2jf~453.2jg~454.2jg~454.2jg~454.2jg~453.2jg~753.2jh~168.2jl~168.2jl~168.2jl~168.2jl_1~168.2jl_1~168.2jm~168.2jm~168.2jm~168.2jm~168.2jm~168.2jm~168.2jm~168.2jm~168.2jm~210.2kx~1032.2ky~326.2ky~832.2ky~868.2ky~164.2ky_1~165.2kx_1~466.2kx_1~1032.2ky~326.2ky~832.2kz~868.2kz~164.2ky~165.2ky_1~466.2ky_1~522.2kx_2~1013.2l4~525.2kz_b~525.2la_3~639.2le~639.2le~264.2lf~264.2ll~264.2m2~264.2mj~264.2mz~264.2ng~264.2nx~264.2od~264.2ou~264.2pb~264.2pr~264.2q8~1228.2qh~273.2qh~273.2qj~264.2qy~264.2r5~264.2rm~264.2s3~264.2ti~264.2tk~264.2tx~264.2ug~264.2uv~264.2vb~264.2vs~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vw~168.2vx~168.2vx~168.2vx~264.2wv~264.2wx~264.2x6~264.2xn~168.2xz~168.2xz~168.2xz~168.2xz~168.2xz~168.2xz~168.2xz~168.2xz~168.2xz~168.2xz_1~168.2xz_1~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~168.2y0~264.2y3~264.2yk~264.2z1~264.2zj~264.2zy~264.30f~264.31g~264.31h~264.31t~264.32a~264.32q~264.337~264.33n~264.344~264.34l~264.351~264.35i~264.35z~264.36f~264.36w~264.37d~113.37z_1~264.380~264.38a~264.38r~264.397~264.39o~264.3a5~264.3al~264.3b2~264.3bj~264.3bz~264.3cg~264.3cx~264.3dd~264.3du~264.3eb~264.3eu~264.3f8~264.3fp~264.3g5~264.3gm~264.3h3~264.3hj~264.3i3~264.3ij~264.3j6~264.3je~264.3jv~264.3kb~264.3ks~264.3l9~264.3lp~264.3m6~264.3mn~264.3n3~264.3nk~264.3o1~264.3oh~264.3oy~264.3pf~264.3pv~264.3qc~264.3qt~264.3r9~264.3rq~257.3s7~264.3s7~264.3sn&met.1=1.lttqcz3n~6.z0~7.z0~8.z0~9.z0~10.z0~12.zn~13.1ic~14.1or~15.1ie~16.1q5~17.1q5~18.1qa~19.37q~20.37q~21.37r~22.1qr~23.1qr
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yeeach.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Mar 2024 06:52:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yeeach.com/	1970-01-21 04:45:31	Name: _ga_LS5DEQ8ZLQ Value: GS1.1.1710571930.1.0.1710571930.0.0.0
.yeeach.com/	1970-01-21 04:45:31	Name: _ga Value: GA1.1.580933195.1710571931
.yeeach.com/	1970-01-20 23:28:43	Name: __eoi Value: ID=d89d83f33b2fc179:T=1710571930:RT=1710571930:S=AA-Afjbhg3FbDIGWgXQQlgxvY342
.criteo.com/	1970-01-21 04:31:07	Name: receive-cookie-deprecation Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2166272928834204&output=html&h=280&adk=1278086041&adf=3369294102&pi=t.aa~a.3999254231~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1710571931&rafmt=1&to=qs&pwprc=6052759817&format=360x280&url=https%3A%2F%2Fwww.yeeach.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710571931519&bpp=1&bdt=1317&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=945x200%2C0x0&nras=2&correlator=4379817152005&rume=1&frm=20&pv=1&ga_vid=580933195.1710571931&ga_sid=1710571931&ga_hid=1641907487&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=2352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081793%2C44795921%2C95327951%2C95327954%2C95321957%2C95322398%2C95325785%2C31061691%2C31061692&oid=2&pvsid=3354449846625600&tmod=287279157&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csi.gstatic.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s1.juimg.top
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.googletagmanager.com
www.gstatic.com
www.yeeach.com
yeeach.com
178.250.1.6
2001:4860:4802:34::36
2606:4700:3031::6815:1eee
2606:4700:3033::ac43:8f9c
2606:4700:3037::6815:1bde
2606:4700::6811:180e
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:829::2002
2a00:1450:4008:805::2003
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
01cbcda762d14707e3c9b85fe78419e269d6da0e8ba2946e084fdc610acc2839
0454ce300a9e9fe887f8ad7ee2cbf03f571d00890050d2590c30765a1ecd7bca
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
1e45d782acb0af0a30305e0adf97d4d3200f6089cafa041c9b3d920faa2bdc0d
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
27dec4697f1a57d36bc57bff21a7d61bf618c54ee249de9a114f2418dd3c1bf1
31576ab3c73ef52b7d9daef26bae21d6124c83755552aca8b61af2aa2d67b3d3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
3a3adc7bab0b433bc9609953c50781687b16ff2098c737aafbf86729e43f399a
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d21dd1f22e9b6c383c7484a31db317dd8985c49d062bfe79d16126e574ba4e6
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
3fb5c00ebc3a60d854f3fe41c99346eb3a1ab98a2345690ea76f258fb64b9588
41184d45ee0190e745df94776022442ab923bc979486aee54db3aef923747b76
41853140d88444f366db69be1d5e0c33935c959253f41f81b994485f2c4bdae8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
436ee93796d788b00d81e5799700b3919d19d74b7faf32d99c8ff150730466ce
4551b443c1dfbd08466824086da4cff750794e4bda2a93e23e797e898ed6c19e
4ba9dd3b3a4bd5623d429e90fc28f7395bf5b91c86f5aaff9d0e3433576f8e7f
4c90756abe56b32a9f287883a315396219995c4b8628a0286a01c281185362f3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5321a302afe61684aa5ea16f59fbe5c9ee2059538fb1af7b0e2977fb480e00b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
598a93054a8d88963a17d4d38cd786df75310e1cce144f7f12b57e9da8bb4ed6
5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d
61acbf2719c54bbfbb8b9945ee272e2a3906ed5991271467d28f23e4c1fccba9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
697c847357f4223e44dfb99e22643c10ad44c54e6419a8d7e6323c41092c2420
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6ae7cefb980da7f6c23343e2fb19657b90b8539be11ae5fbbcf01899a306eedc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74c9c0d992c264374ac40a35d4132354b70aa35140a9dc6aad32ffb38f1b7876
850d03f4bd756094fba05787be588abd044ac6ca5a6911a425d57a34f0812acc
8daa5d0ff001df860648957be1b9771b039d8e426577781a57142f81b1af5a63
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a163af2ecd73ec6fa5ee7173d566c28a455b48079e58f514b839c183227f1a0c
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a54c3041d21712c53e718abb51f3bc58c8754bb42c0f96a6202fc8911f6c1125
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9cecffa39da6a93a09974a8e21e14c3e6f627ad9bb7d9a462915e1fccd7e704
b3292b71f8e11598e356db8b6ca1054ccc7e32c699467f04ad1a1961a9d93c7d
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b5f299fca747e2f19a4a29454b103e42369405b2cd7eea8a79b09b482454f7d2
bb07ada6556e29cb9f38d3dd723271caeb6fad88ac5aeb1d51546e58648605ae
bdd73c385acd8a79ed500526104018c60da58e08c70b8f4053fe2c69a7444061
c7e8c3adfa7bc1985ba4fc7955bad5424d0ea2e5b759362bc816a1f2b3eff93c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7
d8897808139f3d0354adaee44bdf1e44d897edd1394a3f2fcb70ef8b2cef63e6
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2c7206bfdb009c62f9f74509e10155895d9de5471af4d7459389692450482a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a4644a270faca6a3c0ab1e43721d9af1a7934d88db459cb90f17b61ba9a4ca
eb610efb767d603d0a9bbf086f4b977181539a65577010dbf7b7b9d4e39f7b71
eca5b92e4d153edb225ffcc37d555ed353dfc5d3e4f4446d08b55eaae4170a38
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

www.yeeach.com Open in urlscan Pro 2606:4700:3037::6815:1bde Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

95 %IPv6

11 Domains

20 Subdomains

21 IPs

4 Countries

1725 kBTransfer

3602 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.yeeach.com Open in urlscan Pro
2606:4700:3037::6815:1bde Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

95 %
IPv6

11
Domains

20
Subdomains

21
IPs

4
Countries

1725 kB
Transfer

3602 kB
Size

4
Cookies

79 HTTP transactions
2 data transactions