www.officepools.com Open in urlscan Pro
2606:4700:20::ac43:4a9d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Submission: On November 26 via api (November 26th 2023, 11:39:02 am UTC) from US — Scanned from DE

Summary HTTP 257 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 103 IPs in 12 countries across 81 domains to perform 257 HTTP transactions. The main IP is 2606:4700:20::ac43:4a9d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.officepools.com. The Cisco Umbrella rank of the primary domain is 842212.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2023. Valid for: a year.

This is the only time www.officepools.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:20:... 2606:4700:20::ac43:4a9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eab0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.210.101 143.204.210.101	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	192.241.157.60 192.241.157.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.217.130.42 3.217.130.42	14618 (AMAZON-AES) (AMAZON-AES)
1	18.161.97.100 18.161.97.100	16509 (AMAZON-02) (AMAZON-02)
4	23.67.137.210 23.67.137.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.239.18.33 18.239.18.33	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
7	34.107.217.107 34.107.217.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.156.60.77 108.156.60.77	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:10:... 2606:4700:10::ac43:1997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.208.5.106 52.208.5.106	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	18.66.122.63 18.66.122.63	16509 (AMAZON-02) (AMAZON-02)
2 6	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.121.101.248 3.121.101.248	16509 (AMAZON-02) (AMAZON-02)
1	176.34.96.61 176.34.96.61	16509 (AMAZON-02) (AMAZON-02)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0c:5c87:523... 2a0c:5c87:5239::2	55081 (24SHELLS) (24SHELLS)
3	157.90.0.38 157.90.0.38	24940 (HETZNER-AS) (HETZNER-AS)
3	2602:803:c003... 2602:803:c003:200::44	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.128.135.204 178.128.135.204	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	18.202.39.252 18.202.39.252	16509 (AMAZON-02) (AMAZON-02)
1	18.194.217.116 18.194.217.116	16509 (AMAZON-02) (AMAZON-02)
5	188.42.34.65 188.42.34.65	7979 (SERVERS-COM) (SERVERS-COM)
1	8.2.111.102 8.2.111.102	46636 (NATCOWEB) (NATCOWEB)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1780	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::201b	15169 (GOOGLE) (GOOGLE)
2	15.197.179.7 15.197.179.7	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20a... 2600:9000:20ab:9200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	131.153.158.209 131.153.158.209	60558 (SECUREDSE...) (SECUREDSERVERS-EU)
1	54.84.191.206 54.84.191.206	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223c:1a00:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:4800:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	157.90.211.246 157.90.211.246	24940 (HETZNER-AS) (HETZNER-AS)
1	23.32.184.180 23.32.184.180	16625 (AKAMAI-AS) (AKAMAI-AS)
5	18.157.205.178 18.157.205.178	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 1	5.200.43.131 5.200.43.131	48096 (ITGRAD) (ITGRAD)
2 2	193.232.148.134 193.232.148.134	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	151.236.118.210 151.236.118.210	204720 (CDNETWORKS) (CDNETWORKS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	44.206.140.57 44.206.140.57	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.32.27.113 13.32.27.113	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	52.30.179.44 52.30.179.44	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
15	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3 3	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	2606:4700:10:... 2606:4700:10::6816:5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (ADFACT) (ADFACT)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
257	103

25 2606:4700:20::ac43:4a9d (United States)

ASN13335 (CLOUDFLARENET, US)

www.officepools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eab0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.210.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-210-101.fra53.r.cloudfront.net

js.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper

cat.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.217.130.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-130-42.compute-1.amazonaws.com

p2.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.97.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-97-100.mrs52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.67.137.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-210.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-33.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.217.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.217.107.34.bc.googleusercontent.com

static.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aegis.anonymised.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-77.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.208.5.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-5-106.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net

p.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.101.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-101-248.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.96.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-96-61.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.0.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.0.90.157.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rt.marphezis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.39.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-39-252.eu-west-1.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.217.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-217-116.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.111.102 (United States)

ASN46636 (NATCOWEB, US)

smartssp-us-east.iqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1780 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.179.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: a938864f9581ea3da.awsglobalaccelerator.com

aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:9200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.191.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-191-206.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1a00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4800:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

695cd04a68f148eb8b80717ef15f00e0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.157.205.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-205-178.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.43.131 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.134 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.140.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-140-57.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.113 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.179.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-179-44.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.172 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:5d (United States)

ASN13335 (CLOUDFLARENET, US)

intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.211.47 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (ADFACT, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	officepools.com www.officepools.com — Cisco Umbrella Rank: 842212	1 MB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 695cd04a68f148eb8b80717ef15f00e0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	336 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	311 KB
14	doubleclick.net 1 redirects pubads.g.doubleclick.net — Cisco Umbrella Rank: 401 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	206 KB
12	gstatic.com fonts.gstatic.com	412 KB
11	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458 pixel.rubiconproject.com — Cisco Umbrella Rank: 376 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969	31 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	1 KB
7	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609	41 KB
7	pbstck.com boot.pbstck.com — Cisco Umbrella Rank: 8447 cdn.pbstck.com — Cisco Umbrella Rank: 8872 intake.pbstck.com — Cisco Umbrella Rank: 8953	25 KB
7	anonymised.io static.anonymised.io — Cisco Umbrella Rank: 23571 aegis.anonymised.io — Cisco Umbrella Rank: 23214	37 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394 s.amazon-adsystem.com — Cisco Umbrella Rank: 310	74 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 storage.googleapis.com — Cisco Umbrella Rank: 409	8 KB
6	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1638 cache.betweendigital.com — Cisco Umbrella Rank: 31780	5 KB
6	casalemedia.com 1 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 511 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	4 KB
6	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1165 x.bidswitch.net — Cisco Umbrella Rank: 351	1 KB
5	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887 id.crwdcntrl.net — Cisco Umbrella Rank: 2498	25 KB
4	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 3792 sync.richaudience.com — Cisco Umbrella Rank: 1851	986 B
4	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1601 a.ad.gt — Cisco Umbrella Rank: 1844	5 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155	106 KB
4	gcprivacy.com p2.gcprivacy.com — Cisco Umbrella Rank: 13843 p.gcprivacy.com — Cisco Umbrella Rank: 20440	13 KB
3	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 3997	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665	723 B
3	creativecdn.com 1 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139 creativecdn.com — Cisco Umbrella Rank: 592	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	672 B
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 ads.pubmatic.com — Cisco Umbrella Rank: 534 image6.pubmatic.com — Cisco Umbrella Rank: 823	6 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	69 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	259 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 cloudflare.com — Cisco Umbrella Rank: 120	7 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 14062	706 B
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 5085	673 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 15037	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	644 B
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1922	1 KB
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2189 vpaid.vidoomy.com — Cisco Umbrella Rank: 3034	19 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 19224	826 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674 cdn.indexww.com — Cisco Umbrella Rank: 1531	2 KB
2	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383 lexicon.33across.com — Cisco Umbrella Rank: 1497	5 KB
2	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	9 KB
2	liadm.com 1 redirects idx.liadm.com — Cisco Umbrella Rank: 2376 i.liadm.com — Cisco Umbrella Rank: 539	999 B
2	aggle.net aggle.net — Cisco Umbrella Rank: 18457	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1335 contextual.media.net — Cisco Umbrella Rank: 691	10 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	174 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 683	504 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 792	167 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	61 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245 pixel.quantserve.com — Cisco Umbrella Rank: 964	9 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	3 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1267	107 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	624 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 573	433 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	150 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 868	1 KB
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 35501	329 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928	279 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4524	540 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	rlcdn.com api.rlcdn.com Failed idsync.rlcdn.com — Cisco Umbrella Rank: 415	99 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 3513	272 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	633 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	186 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2650	467 B
1	iqzone.com smartssp-us-east.iqzone.com — Cisco Umbrella Rank: 80569 cs.smartssp.iqzone.com Failed	246 B
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 984	162 B
1	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3706	434 B
1	marphezis.com rt.marphezis.com — Cisco Umbrella Rank: 11327	231 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5236	478 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1462	386 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 781	173 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1779	10 KB
1	hbwrapper.com cat.hbwrapper.com — Cisco Umbrella Rank: 15215	264 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1452	638 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1333	8 KB
1	pusher.com js.pusher.com — Cisco Umbrella Rank: 15122	13 KB
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 21993	178 KB
0	usbrowserspeed.com Failed a.usbrowserspeed.com Failed
257	81

	Domain	Requested by
25	www.officepools.com	www.officepools.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
13	tpc.googlesyndication.com	www.officepools.com securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	fonts.gstatic.com	www.officepools.com fonts.googleapis.com
9	pagead2.googlesyndication.com	www.officepools.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	www.google.com	1 redirects www.officepools.com tpc.googlesyndication.com
6	ib.adnxs.com	2 redirects cdn.adapex.io acdn.adnxs.com
6	securepubads.g.doubleclick.net	cdn.adapex.io securepubads.g.doubleclick.net www.officepools.com
6	fonts.googleapis.com	www.officepools.com client securepubads.g.doubleclick.net
5	x.bidswitch.net	www.officepools.com ads.betweendigital.com ssum-sec.casalemedia.com cache.betweendigital.com
5	ads.betweendigital.com	cdn.adapex.io ads.betweendigital.com vid.vidoomy.com
5	static.anonymised.io	www.googletagmanager.com static.anonymised.io
4	eus.rubiconproject.com	cdn.adapex.io eus.rubiconproject.com cache.betweendigital.com
4	secure.cdn.fastclick.net	www.officepools.com secure.cdn.fastclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com www.officepools.com
3	sync.bumlam.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	intake.pbstck.com	www.officepools.com
3	www.google.de	www.officepools.com
3	fastlane.rubiconproject.com	cdn.adapex.io
3	shb.richaudience.com	cdn.adapex.io
3	id.hadron.ad.gt	cdn.hadronid.net cdn.adapex.io
3	p2.gcprivacy.com	cdn.adapex.io p.gcprivacy.com www.officepools.com
3	www.googletagmanager.com	cdn.adapex.io www.officepools.com www.googletagmanager.com
3	c.amazon-adsystem.com	cdn.adapex.io c.amazon-adsystem.com
2	www.tns-counter.ru	1 redirects www.officepools.com
2	creativecdn.com	1 redirects vid.vidoomy.com
2	an.yandex.ru	1 redirects www.officepools.com
2	x01.aidata.io	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	dsum-sec.casalemedia.com	ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	live.rezync.com	2 redirects
2	token.rubiconproject.com	eus.rubiconproject.com
2	px.adhigh.net	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.officepools.com
2	aggle.net	p.gcprivacy.com aggle.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.pbstck.com	boot.pbstck.com
2	connect.facebook.net	www.officepools.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	aegis.anonymised.io	static.anonymised.io
2	prebid.a-mo.net	cdn.adapex.io
2	ap.lijit.com	cdn.adapex.io
2	targeting.unrulymedia.com	cdn.adapex.io
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	boot.pbstck.com	www.googletagmanager.com
2	cdn.id5-sync.com	www.officepools.com securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	www.officepools.com securepubads.g.doubleclick.net
2	cdn.jsdelivr.net	cdn.adapex.io securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	www.officepools.com static.anonymised.io
1	onetag-sys.com	cache.betweendigital.com
1	secure-assets.rubiconproject.com	1 redirects
1	cm.adform.net	ads.betweendigital.com
1	pixel.rubiconproject.com	ads.betweendigital.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	um.simpli.fi	1 redirects
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	i.liadm.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cache.betweendigital.com	ads.betweendigital.com
1	vid.vidoomy.com	ads.betweendigital.com
1	ads.adlook.me	1 redirects
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	acdn.adnxs.com	cdn.adapex.io
1	sync.richaudience.com	cdn.adapex.io
1	contextual.media.net	cdn.adapex.io
1	js-sec.indexww.com	cdn.adapex.io
1	ads.pubmatic.com	cdn.adapex.io
1	mug.criteo.com	www.officepools.com
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	lexicon.33across.com	cdn-ima.33across.com
1	695cd04a68f148eb8b80717ef15f00e0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	id.crwdcntrl.net	cdn.adapex.io
1	idx.liadm.com	cdn.adapex.io
1	id.a-mx.com	cdn.adapex.io
1	pixel.quantserve.com	www.officepools.com
1	rules.quantcount.com	secure.quantserve.com
1	www.facebook.com	www.officepools.com
1	a.ad.gt	cdn.hadronid.net
1	storage.googleapis.com	www.officepools.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	script.hotjar.com	static.hotjar.com
1	smartssp-us-east.iqzone.com	cdn.adapex.io
1	btlr.sharethrough.com	cdn.adapex.io
1	hb.minutemedia-prebid.com	cdn.adapex.io
1	rt.marphezis.com	cdn.adapex.io
1	prebid.media.net	cdn.adapex.io
1	ghb.adtelligent.com	cdn.adapex.io
1	htlb.casalemedia.com	cdn.adapex.io
1	a.teads.tv	cdn.adapex.io
1	ad.360yield.com	cdn.adapex.io
1	grid.bidswitch.net	cdn.adapex.io
1	hbopenbid.pubmatic.com	cdn.adapex.io
1	p.gcprivacy.com	cdn.adapex.io
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	static.hotjar.com	www.officepools.com
1	secure.quantserve.com	www.googletagmanager.com
1	cdn.hadronid.net	www.officepools.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cloudflare.com	cdn.adapex.io
1	cat.hbwrapper.com	cdn.adapex.io
1	alb.reddit.com	www.officepools.com
1	pubads.g.doubleclick.net	www.officepools.com
1	www.redditstatic.com	www.officepools.com
1	js.pusher.com	www.officepools.com
1	cdn.adapex.io	www.officepools.com
0	cs.smartssp.iqzone.com Failed	cdn.adapex.io
0	a.usbrowserspeed.com Failed	aggle.net
0	api.rlcdn.com Failed	cdn.adapex.io
257	126

This site contains links to these domains. Also see Links.

Domain
www.officepoolswire.com
www.officepoolsbets.com
www.instagram.com
twitter.com
www.facebook.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adapex.io E1	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
js.pusher.com Amazon RSA 2048 M01	`2023-04-13` - `2024-05-11`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
cat.hbwrapper.com R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2023-10-02` - `2023-12-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gcprivacy.com Amazon RSA 2048 M03	`2023-11-03` - `2024-12-01`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-10-05` - `2024-01-03`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
anonymised.io GTS CA 1D4	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.marphezis.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-03` - `2024-01-03`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
*.iqzone.com Go Daddy Secure Certificate Authority - G2	`2023-04-05` - `2024-05-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-04` - `2023-12-03`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
aggle.net Amazon RSA 2048 M01	`2023-07-30` - `2024-08-27`	a year	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-10-01` - `2023-12-30`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-16` - `2024-03-18`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-02-09` - `2024-01-26`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Frame ID: 86AC7E0D10802551EA1A726C022007B0
Requests: 159 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 2EAAB1B75C85C1D0000397A0640B7296
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238329972447188&output=html&adk=1812271804&adf=3025194257&lmt=1700998735&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700998734940&bpp=2&bdt=587&idt=191&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2670709948011&frm=20&pv=2&ga_vid=1081192769.1700998735&ga_sid=1700998735&ga_hid=116507090&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079605%2C31078297%2C31079653%2C44807751%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=1559222028465625&tmod=87828280&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Frame ID: D6FDC2BA9A46A27D8B78E9D50E8F87CE
Requests: 1 HTTP requests in this frame

Frame: https://695cd04a68f148eb8b80717ef15f00e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3BDC14DA2E3760AF7F6AAB75BA9504CC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.officepools.com
Frame ID: EC5686784C245C203B3B5B805933B902
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2BDAAA454A133F45E2EFC4BE064D8805
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 4968931A16B65BC84FEDE0CDBC15120A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=148803
Frame ID: 17CDFD79761505F062DFA48D34AE02AF
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13408118
Frame ID: 5FBDF6562B375E1D2FE4D135379FAC16
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6FE7D40141345AE250DAAE1B3DF9B12E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQWX43D&prvid=2034%2C2111%2C2033%2C2075%2C2030%2C2073%2C112%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C523%2C9%2C208%2C407%2C2090%2C2055%2C2099%2C2098%2C173%2C294%2C251%2C175%2C450%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C70%2C77%2C2067%2C2022%2C141%2C262%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: F5ECD7C71142E0490DF3145246D6FE8E
Requests: 1 HTTP requests in this frame

Frame: https://cs.smartssp.iqzone.com/iframe?pbjs=1&coppa=0
Frame ID: 156648B1CA4F260C932BD86024E2382D
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7477921613
Frame ID: 200D1B23985B15708FA88A40935E21F7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 513500374BEE4F3BDDC06F95FBAECFA9
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 31CDD412880CAE0CEF2F9E4E8514FEB7
Requests: 4 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=261&external_user_id=3ced02bbfa54884d803382ed9c503c87
Frame ID: 20302DE54883180A07F4E84151772CF9
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=775e9b33-d2de-524a-88c5-ee1deda6c052&CACHEBUSTER=608537
Frame ID: 17AD871BEFF19753874E0FF88CC97E02
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: BDACFD9B733AD4F6831E6205ED0976BA
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4BA93495F5AF5419406E17D110E85E83
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: FDADC45590592A47BC2B5D122E5F9CAF
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 38FCE9B837F7B742966FE7028AC95EC9
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 90508DAF4F7A6D1DDAA814D7A5F43942
Requests: 15 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
Frame ID: C02C6F9D973D58929FA8F1FF3F500E5B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: A925366EF7D14166E6D6FDF2615EE533
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 27F381952C241E1E5740E90EAA466E6F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0F7AE03560885639EF7D60E43170B33F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12AA9E2203F95744CA5371C6CC47D590
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Subscription Settings

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

257
Requests

94 %
HTTPS

36 %
IPv6

81
Domains

126
Subdomains

103
IPs

12
Countries

3767 kB
Transfer

11002 kB
Size

75
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.officepoolswire.com/
Title: News

Search URL Search Domain Scan URL

URL: https://www.officepoolsbets.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/officepools/

Search URL Search Domain Scan URL

URL: https://twitter.com/officepools_com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/officepools

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@OfficePools_com

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@officepools

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3D100fe09b-1386-4164-bf12-d18f9182257e HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fid%253D%2524UID%2526gcid%253D100fe09b-1386-4164-bf12-d18f9182257e HTTP 302
https://p2.gcprivacy.com/v3/id/xandr?id=7410819350441759191&gcid=100fe09b-1386-4164-bf12-d18f9182257e

Request Chain 150

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&rid=esp&cc=1

Request Chain 156

https://gum.criteo.com/sid/json?origin=publishertagids&domain=officepools.com&sn=ChromeSyncframe&so=0&topUrl=www.officepools.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=05AVNXxNQnpIMjgwQmxlMktwMEJUdFpVcnNnRC9SVm95OEFtb0V4UHRxbFZpUkFMTjh5cEoyZldNMGE1RENSMW9Fc2dUZGFqYmpCTzhjcU5OaVFVaENZcEZUelVnM1NDN1REYUl5akJDblFKcUo3dDM4L2hsaHMxckM2K2xoY09INEdYZnpZTHY1V2hQandESVQ3UXU2KzRPcnROMCtZMzZCck54ZGErRXQxcHhVdS85eWMwVU01OEtueWR5TnJyRW9WL214MXJoUVVzSVFQZk1kYmRvM2NObmc4ckJtWWJ6ZEhsK1B1Y1BoQ3UrL0ZvT1lqanFINmQxV2hsYjh2d0dvQ0xPMkpUT0VROUI5TmRRY2s0NGNHd0dCUT09fA&cppv=2

Request Chain 170

https://ads.adlook.me/csync?pid=btw&uid=775e9b33-d2de-524a-88c5-ee1deda6c052&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=49630f77e60143e58872dd6df327e40a

Request Chain 171

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6nKg3McSDDw.AikABlGMC2zrEA

Request Chain 177

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 181

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWMuUBFBv-bJTrJ25iVzJAAA%262231&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=86d13409-5906-404a-9b64-27a488f9d22d HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=d4acc69b-832d-490a-977e-a8c5f48d582b%3A1700998737.1244383&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd4acc69b-832d-490a-977e-a8c5f48d582b%253A1700998737.1244383%26_%3D1700998737.1273482&cb=1700998737.1273892 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529029069467&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd4acc69b-832d-490a-977e-a8c5f48d582b%253A1700998737.1244383%26_%3D1700998737.1273482 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=d4acc69b-832d-490a-977e-a8c5f48d582b%3A1700998737.1244383&_=1700998737.1273482

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWMuUBFBv_bJTrJ25iVzJAAACLcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIBWRGZTWeQpsXCmZFZhwRo&google_cver=1

Request Chain 183

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWMuUBFBv_bJTrJ25iVzJAAACLcAAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWMuUBFBv_bJTrJ25iVzJAAACLcAAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 186

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E570E137A73B46549232650C53FD3E72

Request Chain 187

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZWMuUAACf9-EDABH HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWMuUAACf9-EDABH&_test=ZWMuUAACf9-EDABH

Request Chain 226

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjQ3IyrBqIBEGIWn4SMUBHuu7EAJZDIJDc* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=62169f84-8c50-11ee-bbb1-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=62169f84-8c50-11ee-bbb1-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=MdqiF5hEK6FPeNOH0GUh4Q& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/62169f84-8c50-11ee-bbb1-002590c82437 HTTP 302
https://an.yandex.ru/mapuid/adsniperis/62169f84-8c50-11ee-bbb1-002590c82437?redir-setuniq=1

Request Chain 233

https://creativecdn.com/cm-notify?pi=vidoomy HTTP 302
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1

Request Chain 236

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 241

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 245

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/608537 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/608537

257 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 51bcd61d-16f8-46d8-9ad9-2419882845a8 Show response
www.officepools.com/email/subscription/ 55 KB
13 KB 550ms
470ms Document
text/html 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203239e5f58dd1d399957d49ef965510be8859efc003b1ee17eeed3364f049f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82c1d906cd70bbb5-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 11:38:54 GMT
expires: Sat, 25 Nov 2023 11:38:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWNLFXHmDklX4q0tpH27DWoQdtugIAvEvklpKGxZNRpdSGSPoJVU2XGSzlIO95hFvh10MhGI51ZdhBqhlyex9%2BvKRSFQdutZ9RDRIIMHIXLbnLDRPhLSTL0sP9gu33tMGJLxxnIMQfrDxqT6POa2nkk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Origin, Cookie, Accept-Language
x-frame-options: SAMEORIGIN

GET
H2 200 I-XbpvP-MKa-ib0IFaUEsOYzIco.js Show response
www.officepools.com/cdn-cgi/apps/head/ 4 KB
2 KB 33ms
32ms Script
application/javascript 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/cdn-cgi/apps/head/I-XbpvP-MKa-ib0IFaUEsOYzIco.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653e2b6f2c678f8444dc865c3144db0db4df6ebaadbfccb088db8a567d16fca7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
x-amz-version-id: uXk3lDXUSzrDNY2enWdYZ3c2dXI9wP6q
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YREN7TVYK8TA27GV
age: 1387600
x-amz-id-2: WKwnWqDzuueGuzBg5DkR7QWKEd3gr6PzWq36TCINjnoFYX3ps2CnQMy9U0RraHlO6KU1iSaHtdc=
last-modified: Mon, 17 Jul 2017 21:24:35 GMT
server: cloudflare
etag: W/"b61ce12a3e201bc3f559f167f158017f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPzpbf%2BKGk4di%2FtJwVZvJOb3V0qxZz%2FnodvCDsrIghrgHQDaXdFc1oCnejOVTwI6hfAozSscMWdj4xO%2FcdnjrfiSK58k5rGWdQKixiOpyQzWtiVOjfN50c0wc%2BRU4KApYcazsQ6RYMGi8vEJYpQbdl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82c1d909c889bbb5-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 86ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 09:52:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Nov 2023 11:38:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 88ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,900,900italic,700italic,700,500italic,500,400italic,300italic,300,100italic,100

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 11:38:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Nov 2023 11:38:54 GMT

GET
H2 200 thirdparty.css
www.officepools.com/static/minified/ 276 KB
46 KB 363ms
362ms Stylesheet
text/css 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/static/minified/thirdparty.css
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f02a9308ef501813d63c8135299e1527f0abd38c235d5b91e2be91914285a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1198-451ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBw8N%2Fx%2FN6eNmPlF64hhIvvOchu5YVp1%2BWDxcXOG9N77NE3KhIBm53VL7jqMoAo13C89stst5jUJFDJ29qKVxn0lJ015OhXdKI0wlmcLYyQyQgESgJV7tjqtfK7UAf2w5vM2bN3o44mWRz32rwIRO%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d909c87ebbb5-FRA
expires: Mon, 20 Nov 2023 20:22:48 GMT

GET
H2 200 standard_v3.css
www.officepools.com/static/minified/ 115 KB
20 KB 365ms
364ms Stylesheet
text/css 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/static/minified/standard_v3.css
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 041efad2022b2803a1769657754b6e1a7e2751f5829c91b1eb3e25deea576623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1198-1cd86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xta4VGQ0PxHjsDuh%2BYyKY7F73UXzj978J86pGjjWBwfEwiJ7OPNSCvXPT1ju8LnWJqB0zrKspcjVdSbJtCiHq%2FI3dYjOTQdqeD4bf%2BWZobBJaGthUIJMUe9eOY0U5TGVqyuk6IFP%2BF%2FLNiNrU4%2BWs4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d909c884bbb5-FRA
expires: Mon, 20 Nov 2023 20:22:48 GMT

GET
H2 200 aaw.op-2.js Show response
cdn.adapex.io/hb/ 587 KB
178 KB 139ms
59ms Script
application/javascript 2606:4700:3038::6815:eab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.op-2.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eab0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7baeba2d7d7427d0701f72316196499b08ca27f80bddf47bfbc23f246e76fd87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57355
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 24 Nov 2023 06:20:49 GMT
server: cloudflare
etag: W/"656040c1-92d39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUrc4bJObg2Gy0CdE57BDxLqzpSjOhKjCtRKgHHcgJXo%2FLKfYPqKU7PzoLcSiw%2FAH8StZ%2Bz%2Fa6%2BYsuDlC7SD79LER1yMP0iIlh6zuk3C2pR9RI4uQWrytRKpcn0gHBi02EGCATerTRnjiqAA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 82c1d90cb8970b57-AMS
expires: Sun, 26 Nov 2023 06:21:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 156ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ed439d7b2e01b1f42cd714fe05ad4010ead0dcf44f1a9fec4112210b2db9e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52746
x-xss-protection: 0
server: cafe
etag: 12109502451659284756
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 11:38:54 GMT

GET
H2 404 email.css
www.officepools.com/static/ 0
0 346ms
345ms Stylesheet
text/html 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/static/email.css
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0IS9q9%2Fa%2FZc0qABw1p%2BiB0waoItzb4IYMrHK8JNRUURVd45%2Bix0B49DJ4t6vEC08XhMkVv8IeGhiVFByT6lWzwTRbXkKa2yeLMnOlXfRa8kWDaVC%2Fq0Y6h4VWURmUx5d0ZqLamg5avdH4lLcncwC6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=432000
cf-ray: 82c1d909c886bbb5-FRA

GET
H2 200 pp_announcement_logo.png
www.officepools.com/static/images/ 12 KB
12 KB 384ms
384ms Image
image/png 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/pp_announcement_logo.png
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86abd3729f207645ed7f540f99a82c47321191cc4df2602e5287ba6540ce38c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655d1196-2fda"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPCNOEb6L%2F9X0SymIUJfgiilMh2mzJCcJsrlVG6%2BgI7GQppwMBa3LQlxK8JeoC1E2bXtszSs3EBkXFScL62lVMFqY0rG0z5FXXm6pKKcm78ilHH3BvvBOL3ZpbiacHP0ZXxBY5I%2FT5mT88k3yKr8SjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 82c1d909c88cbbb5-FRA
content-length: 12250
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 pp_announcement_prizes.png
www.officepools.com/static/images/ 236 KB
237 KB 385ms
385ms Image
image/png 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/pp_announcement_prizes.png
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94691def3f31e9ac5f1f68fb951c3cddf6ae933d06a616328febf457356d5121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655d1196-3b1b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTlYOFXWRx1CThOFmT4m63utqg5yohMziV79kPA13avQTwx4pJbQI0jZV8p6wxunUiDM80tApxNvyNdRbf2OCDyIH2FBAkRiDWGJ%2FXX8qfzudI137CC8sdwerotMUv9bB3fjcCWc0Oyys8jhg%2B9USKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 82c1d909c88ebbb5-FRA
content-length: 242096
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 pp_announcement_sponsor.png
www.officepools.com/static/images/ 16 KB
16 KB 368ms
367ms Image
image/png 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/pp_announcement_sponsor.png
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05cec6146ad9f8fc0d19ad623ee20d2fd23f581db737db13f524395298a8120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655d1196-3fd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LEL6jS%2FFyqL3%2BJ97VgeQZNKSiuILoTP83gM6DrpaFLhi4oQQXAk2BAcNKdTn%2Bl4a%2FsmN9AqzF3fllRywsECn1pqht4orWYjj29SsvFWPD%2FMMhFiSnGMQofjMWHTIC46QRlfcnP5DoWNf%2BoiB6I4ej0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 82c1d90c3b87bbb5-FRA
content-length: 16343
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 logo-op.svg
www.officepools.com/static/images/ 6 KB
3 KB 362ms
358ms Image
image/svg+xml 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/logo-op.svg
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1952d6146ab8504190f0628aff6f6cc635e7f33d4d76b5ee6602c56d2a1f2dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1196-1860"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDdRqsUfbGOXxXL9jPfTFGKp%2B3syMpO5ti3XcfrBIK06X0yg%2FekxPYhWUoeYKoMxbK0rQ6Jys5pHpZR6he1c2ryUNqKu8h6CR9yDGDlHm8aGt3PqUssP4CrLB8Cd6I%2BFMfInD88nI94TIwjg9jJFRpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c3b93bbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 logo-op-mobile.svg
www.officepools.com/static/images/ 1 KB
1 KB 353ms
351ms Image
image/svg+xml 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/logo-op-mobile.svg
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2efd3392a522ac1ad2a480838f09e6a0c23ac50eed6697b4104f0b0617fda33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1196-598"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnrvTiQH5FlgIvSEGg6jVhQcb8%2BeLNutFKvKh2PEG30o%2FMbCbEof2QQR9LCWgyet4Hu3%2Fe%2F8bF8BMTgllhdiAD40RphpxEEfnMg7X2JlQ%2Bi8A5SWG8kEjcBq8tqERsjD4TMZcNh6aZeOIyG0Iy%2FmHz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c3b98bbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 arrow-bottom-red.svg
www.officepools.com/static/images/ 342 B
580 B 375ms
373ms Image
image/svg+xml 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/arrow-bottom-red.svg
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9754c8a3aba59957988aecd33f45f64a5bf1554e8d956608657739ab2bda115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1196-156"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jx32hBcg0eJ0cNy0%2FQojfk0pwplbrFhrEwiTudKPx1tKxZ29zYay1jq0vI2gfSNR87uAOeHHwkFJBEVZp5eUhfzi8K4CVEbxRlIgOF9Yp%2FfXbCpxK%2BvB%2Fo4IMxSeplNmOvhdZtEszpB%2F20bW0HknX40%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c3b9abbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 logo-inverse-min.svg
www.officepools.com/static/images/ 1 KB
1 KB 360ms
357ms Image
image/svg+xml 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/logo-inverse-min.svg
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81ee1eb09bffbe97a51660e7a7b932459436f2f0db79414a5e1f76dbaeb5dcfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1196-5ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdmx%2Bx4gxYcDd4mjiNvg%2FQMZ2ZGhvlo0H8eDHE9zeK%2FlK3DkfThqS9UaLfvvXxk89tJ1lTkuNVau2wicT4qowXYYA3h11WTD7ewwYeR%2BnBhE4eSjp6yK408rmQenZaS5ZvcqJKQYHDth0nbBCC1DL%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c3b9bbbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 open_in_new_red.svg
www.officepools.com/static/images/ 294 B
544 B 376ms
374ms Image
image/svg+xml 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/open_in_new_red.svg
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e875c6751d3c59cd8d298e8b0269e6a4ec5c61ae6e61f88d4e631636c236235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1196-126"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2mLlYcsVGUOf81nNUyNi4w9NfV4CvIRZ9gQ%2BT3%2FVE1hvl9mqVwQ%2FJeBcbSIeWRljpYPXVm3RMei5i%2BTK5GWUEUWpV9EhxQPOTzenPCnyGG12S5gSigNQqexHqs20a9AWllBDf%2BKDa7K89yUKO%2FeuWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c3b9dbbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 homepage-banner-desktop.png
www.officepools.com/media/site-content/ 112 KB
113 KB 546ms
544ms Image
image/png 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.officepools.com/media/site-content/homepage-banner-desktop.png

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47ff311d507d16d4c0783611315b4229158616017127e831fec676f12ac33afb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: BYPASS
last-modified: Wed, 22 Nov 2023 21:50:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Language, Cookie, Accept-Encoding
content-language: en
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neQZp4PxcE%2BGtX03ooJrbsQUS4oclM1zuSKtS2mstD33c%2FuHTPiEL4nUyFNuTED7gK9I2hJEDbGrHEHHI9mwumofYDr1oOVt7p5UCfuqYCXqdYmB%2BP2qpT9ye9r657DqVbYyxkRmfRpN1JuQG%2FAwaUU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
accept-ranges: bytes
cf-ray: 82c1d90c3b9fbbb5-FRA
content-length: 114592
expires: Tue, 21 Nov 2023 21:50:28 GMT

GET
H2 200 homepage-banner-mobile.png
www.officepools.com/media/site-content/ 34 KB
34 KB 573ms
571ms Image
image/png 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.officepools.com/media/site-content/homepage-banner-mobile.png

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51c507bb06e70439aeb360d4ffc02ded1d414b8d959d1b48ed7a995286ea2b7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: BYPASS
last-modified: Wed, 22 Nov 2023 21:50:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Language, Cookie, Accept-Encoding
content-language: en
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VaAv7PPRC0xRpv%2FIsJZAbPikQYyOcRD3p29dWcYJg9E8G4DA61T03%2FiW%2Br0mdJ5ZDZQAQUATqfdxk%2FNF3M3W9duEjkk4bDEIswVnZobDEe5Xhq46bXpq1nMr4y1ODm%2BDlGOxsrNuA59NCzpaK7avqk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
accept-ranges: bytes
cf-ray: 82c1d90c5bb1bbb5-FRA
content-length: 34527
expires: Tue, 21 Nov 2023 21:50:49 GMT

GET
H2 200 loading_bar.gif
www.officepools.com/static/images/ 11 KB
11 KB 369ms
368ms Image
image/gif 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/loading_bar.gif
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 476a7b1085cc64de1c0eb74a6776fa8385d57eb18774f199df83fc4d7bbcc24e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655d1196-2a43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdLkUeI5ZFkJXdSCE6dDOHDSC41VWTtO0Olr55myjTY4UMERyX9dsGp3mimbUUT2lWN4NReM7uJgr4ullCe5Ngx%2FwcdC4vROK71hSLNxVL34qymBNtPuGkkMuhrgjkIJE11VJNTo4d9l%2BRoNYHB%2BlbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 82c1d90c5bb4bbb5-FRA
content-length: 10819
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 logo.svg
www.officepools.com/static/images/ 6 KB
3 KB 378ms
377ms Image
image/svg+xml 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/logo.svg
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1952d6146ab8504190f0628aff6f6cc635e7f33d4d76b5ee6602c56d2a1f2dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1196-1860"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fjeUCc9zB%2FTxESs1WI2mWCaAftZy3GoFG6qst6Co8bZKTIiti9c%2B6QMkKarXYnG2pqBpfhU1bQ7jzzo%2F2%2BXImJp2yLHedCKAkEp2ZGOgl1VPKcI0M9gEkNcKl%2BMY69IJSkuNJ2VgDiq66PfLmQ3h90%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c5bb5bbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 tiktok-ico.svg
www.officepools.com/static/images/ 1 KB
943 B 220ms
219ms Image
image/svg+xml 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/tiktok-ico.svg
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 707531dde8909f05d743fd90cbf2d7fd9dfd98bb02ca12127ca7e4cd161a9378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1196-4b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuTKkOhYUCWJ6K%2BnaTGvq26mCazxxbxs8ls0GlOYgHWb%2B4BiWWU0lBGKBS4%2By4W%2FYHn4sDJPrJ5JxabQTgRMQxmFCjlN03PkY5RLNM0PyebxR9yqqml3b6AtILGIwftr1LWUmcmbL3QiitbZBaoTOf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c5bb9bbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 stats_provider_logo.png
www.officepools.com/static/images/ 4 KB
4 KB 364ms
363ms Image
image/png 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/stats_provider_logo.png
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8265f78106a4d71d9417e6f70f16e2e362404b0549be5e5b7350b800ab13b852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655d1196-1050"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3z9Kkd%2FG87BKWWuT4JEYoKH%2FWTy8X2EA6HSN0%2Bm%2BBKkNVxrTXErJTBFE6GM37TUQgwc%2B2N614N4ICdCQK%2FGLgtUM3%2BJZpfxgKqhFwvPpcHAO8xZbPSR8vf9DT91I2XaYb%2FzIP2rBcX53A6v87DXR7L8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 82c1d90c5bbbbbb5-FRA
content-length: 4176
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
5 KB 76ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1359751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3980
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXktd%2BudZwICPQoz%2B550HFxqCsYu%2Bcxk7ljhBY8RX7VrHlg3TdBLXY%2BfHxg2emg%2Fuf7DUAT%2FqjV59qsXm8St5dwUGoyt8vlKoCg15tt%2BScIe8Gzi%2B5rKDSxsLVbHVZrZm5fd0FH%2Flu3vXXxR9BHhUUbv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82c1d90c7aa43738-FRA
expires: Fri, 15 Nov 2024 11:38:54 GMT

GET
H2 200 pusher.min.js Show response
js.pusher.com/3.0/ 46 KB
13 KB 111ms
26ms Script
application/javascript 143.204.210.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pusher.com/3.0/pusher.min.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-101.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24135d778329677664a6cad9b0abac537f5a787aeb68bb0b7f9c50b65c750678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 19:17:38 GMT
content-encoding: gzip
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Tue, 06 Nov 2018 11:41:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1268477
etag: W/"a568d73f6d051d3da759dbdfe7cc1150"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=2592000
x-amz-cf-id: sYoQl44OuQ0vsll7bprcl6v4qmvxXz27xHu50I4xLKbLPPPQTh5gxQ==

GET
H2 200 standard_v3.js Show response
www.officepools.com/static/minified/ 2 MB
574 KB 372ms
369ms Script
application/javascript 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/static/minified/standard_v3.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2be5ba0b34cd75f80764f4c06596f5c17f22f57c0434aa165cc2817d26f6632d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1198-27ca9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFj%2BTu0zBP2qPfNz7%2FTO2FNbaqlqnVHl9KKG7DNDUyP0egPRQSFhMIKhAq2%2B7er29a38fO6VhPn3r2UOD8AIcoEVkxq4Mm2fk4uA5PZmfm1%2BMvUPwMWGYdMUGPjAz19smLKlGOKthaANClCScJ0dqss%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c3b94bbb5-FRA
expires: Mon, 20 Nov 2023 20:22:48 GMT

GET
H2 200 admin.js Show response
www.officepools.com/static/minified/ 176 KB
39 KB 355ms
352ms Script
application/javascript 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/static/minified/admin.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f4ed63dd494364dab9ba4c97b729a4fc391b774fce06dd9814a1243f4b8173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1198-2bfd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRtALLP4pnBmAGX0uZ1ZV4R65VHXzni6ilsbKDizVgcH0BuN49fcWoetbb37zHfoAt3%2FjrKjE3p2lnJcerCxPB9HUo7w8MuF6Ey2i%2BZxYhc%2BrbvDN2mnhlrB0bByLGtUgugBpDiikIVXbo2I1gpTCcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c3b95bbb5-FRA
expires: Mon, 20 Nov 2023 20:22:48 GMT

GET
H2 200 djangojs.js Show response
www.officepools.com/static/js/en/ 3 KB
1 KB 381ms
378ms Script
application/javascript 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/static/js/en/djangojs.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 939cd8638170f1fddfc372282ff7602db9cd55f5888709457c8e5cbdd18db9bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"655d1196-c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4zhE4ZhppTQFGUcaYQ%2BqKhYTi8iQyJhEafnZh65dqkbwYZR7JH5YnipFPauripICwXbdTb95XMdK%2FvEMphDLQ6GNWTISTgJpjB0D%2Fz3FYjHcNVA1rClcw0%2Bn7oio7SsNzJiA1I9AyBur04RQzE00x0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 82c1d90c3b97bbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 8_U9A1LUlkeHcQqJeehFn7908v4.js Show response
www.officepools.com/cdn-cgi/apps/body/ 11 KB
6 KB 61ms
60ms Script
application/javascript 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/cdn-cgi/apps/body/8_U9A1LUlkeHcQqJeehFn7908v4.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/cdn-cgi/apps/head/I-XbpvP-MKa-ib0IFaUEsOYzIco.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e17a062becfc9475de23e29371e69c8508c6ee57f172435f3155330e3366cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
x-amz-version-id: neM6b0ix7sh8u3LgHkeXg15BhYneAPiV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPJQWK8EWTP4TMTM
age: 1439355
x-amz-id-2: P+ZFn3N1Rxp1fS5ZhaCW3dcLzr0BM7iXFFyR7eEk2/K+BlKadz25JVWCI3aVqnRf2/jheEH2PFI=
last-modified: Mon, 17 Jul 2017 21:24:35 GMT
server: cloudflare
etag: W/"3d1061759590ff810b33e11e82cdb745"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrAXIP%2B564XNISrdB%2BvtWdK6KhvSdnN%2Fda7PDNaaMnaRR1DYGJVE1E7LOgvqBOdSPSxVWOqtDelo7jtQP8HtijM3iiStvUKCl0Mjq222HN92BrgxKZMP7dXEnKXDkXXKyCpY8CgZ5naauOcfpEqvDOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82c1d90c5bbdbbb5-FRA

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 73ms
21ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 activity;xsp=5009571;ord=5169938266297323
pubads.g.doubleclick.net/ 42 B
543 B 112ms
60ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=5009571;ord=5169938266297323?

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nav_background.jpg
www.officepools.com/static/images/topbarbg/ 92 KB
93 KB 371ms
371ms Image
image/jpeg 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officepools.com/static/images/topbarbg/nav_background.jpg
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/static/minified/standard_v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 461bdb5cbc52eb92b85db5b4b85dd97acbc4e283a7d710a27e1ade0edced47a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/static/minified/standard_v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 94458
cf-bgj: h2pri
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
server: cloudflare
etag: "655d1196-170fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25fvCT648gbT1g%2BnDKstVhuIb6Tels2K%2FVCxS3EOiTgKB8ZfKhLZmbE4MMclYLw5h92Ljpx%2BEv7VR9R6T3Wi7eZWC7FFg%2Fn6iWFJENMQDde7drKElZomQGtNs4FqohD%2FoZpu2MMb0Lt7BZsBQNxbz5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 82c1d90c5bbebbb5-FRA
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6V1s.ttf
fonts.gstatic.com/s/poppins/v20/ 148 KB
68 KB 123ms
71ms Font
font/ttf 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6V1s.ttf

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/static/minified/standard_v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dae40ca7b35fe7501bda2e4140a6860b1db47330be5d3c8ab6971fd83a70e9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 04:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69206
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:56:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 04:11:56 GMT

GET
H2 200 pxiEyp8kv8JHgFVrFJA.ttf
fonts.gstatic.com/s/poppins/v20/ 151 KB
68 KB 132ms
80ms Font
font/ttf 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrFJA.ttf

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/static/minified/standard_v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdedb1729acac414ed01744a11da7badb86adf13108e7bd3fa161b9323f7fe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 08:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69472
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 08:57:57 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9V1s.ttf
fonts.gstatic.com/s/poppins/v20/ 149 KB
67 KB 97ms
46ms Font
font/ttf 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9V1s.ttf

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/static/minified/standard_v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcff04f4bec2b3636f05ed894dc1f9a752c4cb587ee49857ec7a82abaf6ca016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 23:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68742
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 23:53:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 80ms
29ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,900italic,700italic,700,500italic,500,400italic,300italic,300,100italic,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:19:38 GMT
x-content-type-options: nosniff
age: 98356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 08:19:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,900italic,700italic,700,500italic,500,400italic,300italic,300,100italic,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 79305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 13:37:09 GMT

GET
H2 200 fontawesome-webfont.woff2
www.officepools.com/static/font-awesome-4.7.0/fonts/ 75 KB
76 KB 395ms
395ms Font
application/octet-stream 2606:4700:20::ac43:4a9d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officepools.com/static/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/static/minified/thirdparty.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.officepools.com/static/minified/thirdparty.css
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Nov 2023 20:22:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "655d1196-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ohh0%2BrQKC9Dhx6tKAj4wbCxKzWzR0FUSZGKeALSJFpQ1eooNVjPq4ad%2Fdiy05s54ivWxvWneSrEhmmdnBSoSuJr9U85WZ6ZX5iR7hRRxgdqgGohtegpW8m%2BKSkMlb%2BMQJGhW%2BGoLvw8rLNgGareXWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 82c1d90c5bbfbbb5-FRA
content-length: 77160
expires: Mon, 20 Nov 2023 20:22:46 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7V1s.ttf
fonts.gstatic.com/s/poppins/v20/ 147 KB
67 KB 136ms
86ms Font
font/ttf 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7V1s.ttf

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/static/minified/standard_v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1984efdda0fbe207d7ac20feac2ba7c2768c92a90094b02a206c9d58cc30ff2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 08:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68564
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 08:57:57 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c89a2cf8bf444df7e11af2befd8c1f20a96c34bee6d13270e7692441843395da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
638 B 121ms
37ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1700998734832&id=t2_67zul3r1&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e2052a55-f9ba-4296-86cf-a6c6dc398e6a&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7238329972447188&plah=www.officepools.com&bust=31079653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55bcfa32e7026932877bb4efbfad1e974a0195c00129673f1a4910d43029ce90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138525
x-xss-protection: 0
server: cafe
etag: 15890825427566627731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 11:38:54 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 2EAA 9 KB
4 KB 76ms
23ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:04 GMT
etag: 16674218716276178799
expires: Sat, 09 Dec 2023 16:18:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
cat.hbwrapper.com/ 15 B
264 B 336ms
107ms Fetch
text/html 192.241.157.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.officepools.com
Date: Sun, 26 Nov 2023 11:38:55 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 319 B
457 B 77ms
22ms Fetch
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22713b59df97115dbdc0e0bffc77cd68d2d8982064dae689a4c039fa4e4f9455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 82c1d90ded670487-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 163ms
112ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f73cceeba3e0923f8c2e173f0c8cc7981d5310828790e7bb25d9aea549e153e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30726
x-xss-protection: 0
server: cafe
etag: 378 / 19687 / 31079694 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 11:38:55 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 75ms
24ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 10:43:56 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3300
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: ubmfKrY3tbG4z3eCSBjnHW5iyYWyeZq4CmNLWdbpEzeo03jO31J-yQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
79 KB 85ms
32ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1325de1e056a194a002e3471eaff649d99a30cf61f8fdd4a382194e4704736c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80879
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Nov 2023 11:38:55 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 74ms
29ms Fetch
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90676b05ea199049b9bfa1498f4042e8ae9a93ca8bb2a66761b9bd366b135a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27483
x-jsd-version: 1.0.1885
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230055-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-LLVpLwzaqI0HZUpLiT967VhvT+s"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FJ53RpTHwNdy5MtFz0gOMhnhpBBFcHF5veLv1zHT%2BoSRbeHVcJcx5FniQhcLEN6O7c5YkB86UMFZHQS9DcJTf2j7cHwWHHxkWf4WpxJAscP37noJ4ublR7Fdc6AjPYfu5fxI8xLGK71%2FxXY%2FGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82c1d90dfe9d1e18-FRA

GET
H2 200 rtd Show response
p2.gcprivacy.com/v2/ 19 B
292 B 397ms
115ms Fetch
application/json 3.217.130.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/rtd?pid=Q6CV1VBC&u=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.130.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-130-42.compute-1.amazonaws.com
Software: /
Resource Hash: 9bfe1bbdb54edf381f3b49b277e17504e1101e48f4ab612d78ab10f240544461

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.officepools.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length: 19

GET
H2 200 1ad7261b-91ea-4b6f-b9e9-b83522205b75 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
813 B 132ms
40ms Script
application/javascript 18.161.97.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.97.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-97-100.mrs52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 97c57548ef54a1666575f1130be49a73c2106f0958c6e2f95b48f66141eaf6ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 10:50:06 GMT
via: 1.1 6420b771591b2927aaad391c05ef7460.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MRS52-P3
age: 2929
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: BcbPu2KPpIHo_--VCLLKhKaXPz5CpwXrL3D9RgRSJMe7vPDroaqe3Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 25ms
25ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.officepools.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 685b4e34c73d5fdd68b48efebeac401849e8b5cbff73e072c838d7d71d245bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:31:01 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 473
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.officepools.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3103
x-amz-cf-id: 8wNnEux2tY7g21nCeCrjF4FQDP-RKRjxM7L4TP0UaBZPyrde6U1xQw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 67ms
22ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
date: Sun, 26 Nov 2023 07:38:51 GMT
x-amz-cf-pop: FRA56-P6
age: 14405
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ueWQaBU9cNx9OEAUIvHNqREggWOG8RaQiozGs5iOiDiBtSA-ZzDGtQ==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 157ms
43ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 26 Nov 2023 11:53:55 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 100ms
31ms Script
text/javascript 18.239.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-33.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 06:08:51 GMT
content-encoding: gzip
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 19805
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: PFoetxvHpcO_SarcCwubTCC6i2Af3jsCF0a0EvuSkW0QU1RJ0qZVwQ==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 125ms
61ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&ref=&_it=amazon&partner_id=405
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 07 Sep 2023 17:31:32 GMT
server: cloudflare
x-amz-request-id: 907P0TB94S36DGVM
age: 3162
etag: W/"8bbf05f440008747d4df642e30fc4ddc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 82c1d90ecfcb4dc6-FRA
x-amz-id-2: h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 155 KB
34 KB 92ms
36ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 08:19:05 GMT
server: cloudflare
x-amz-request-id: RGCG975APC3X73FS
age: 238
etag: W/"7e3d98894def0807c1c46e98e575ca88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82c1d90ebd272c6d-FRA
x-amz-id-2: IX4VO78y36u0zsHk+gPY3mMWg3xRIkMFH51pMbpCXa2+1Gw4IDJuR8eELOzTxE8LEHSwvvxfjI7LP/6lYSkaqQ==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 155ms
42ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Sun, 26 Nov 2023 11:53:55 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 21 KB
9 KB 202ms
85ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 03 Dec 2023 11:38:55 GMT

GET
H2 200 loader.js Show response
static.anonymised.io/light/ 447 B
841 B 98ms
23ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f069c0d462d904edb8429fca6e2cb45eef0fd58bf7019a6bf11c9656184c55f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:35:00 GMT
content-encoding: gzip
age: 235
x-guploader-uploadid: ABPtcPpzEr2wO_JIyO20FjDyVvGYYzR-19UXCH_opnv6eBcWC53SGLRO0pdBI7pXONy2--PWKuA
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
last-modified: Thu, 23 Nov 2023 10:26:23 GMT
server: UploadServer
etag: "fdd7d8916150943b05804d5391cd8015"
vary: Accept-Encoding
x-goog-generation: 1700735183829005
x-goog-hash: crc32c=pjMmog==, md5=/dfYkWFQlDsFgE1Tkc2AFQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=600
x-goog-stored-content-length: 313
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Nov 2023 11:45:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6FD 10 KB
5 KB 307ms
306ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7238329972447188&output=html&adk=1812271804&adf=3025194257&lmt=1700998735&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700998734940&bpp=2&bdt=587&idt=191&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2670709948011&frm=20&pv=2&ga_vid=1081192769.1700998735&ga_sid=1700998735&ga_hid=116507090&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079605%2C31078297%2C31079653%2C44807751%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=1559222028465625&tmod=87828280&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7238329972447188&plah=www.officepools.com&bust=31079653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80a7954255c29d8d63a3fe0e6cea1979f0c38969495a68f85788e31180b8483a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4418
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 11:38:55 GMT
expires: Sun, 26 Nov 2023 11:38:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 430 KB
135 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:45:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78783
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 24 Nov 2024 13:45:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 257 KB
88 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNKZGF

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

889bd0eff3962093fa4f4deca6b36bf30d2c801565398202078e3e69399f5b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90184
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Nov 2023 11:38:55 GMT

GET
H2 200 hotjar-2922416.js Show response
static.hotjar.com/c/ 9 KB
4 KB 121ms
38ms Script
application/javascript 108.156.60.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2922416.js?sv=6

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-77.ams1.r.cloudfront.net

Software

Resource Hash

a36cb9bb1e84cfd81007b838bbe925b0ce48583fadc5c2214f667eb0251d2ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 36
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b7f26964238d914c05018e065d6fe7d3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: AW_Y0lBuAo5fDHO65kZWQKaPOSOjhx6DmNyPq5qNsg2o5WqSlYqUKQ==

GET
H2 200 2d986e62-d764-42fe-aa79-9ec1562c635a Show response
boot.pbstck.com/v1/user-sessions/ 1 KB
652 B 130ms
67ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/user-sessions/2d986e62-d764-42fe-aa79-9ec1562c635a
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e330f79a96ea77687afb01cd85f6859a8b866bd5295e21832c6c88b85dedb4ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 82c1d90f7cd56933-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2d986e62-d764-42fe-aa79-9ec1562c635a Show response
boot.pbstck.com/v1/tag/ 1 KB
853 B 126ms
64ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/2d986e62-d764-42fe-aa79-9ec1562c635a
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05bd10ae0644358449b6562eeaa7ec2430de71e71f7b11122969495c9efb0384

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 82c1d90f7cd16933-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 151ms
48ms XHR
application/json 52.208.5.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.5.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-5-106.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7abab15f8cf21035cf86fb84bc7f91656635f8b194cf4e4bed574106fd740913

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache
x-server: 10.45.25.245
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 bundle.js Show response
static.anonymised.io/light/ 112 KB
32 KB 24ms
23ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/bundle.js?v=0.2.9
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ce01c8b4dd905618d8b9920c8528070c5f138eb8d751e7355b586a72f546982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:31:44 GMT
content-encoding: gzip
age: 431
x-guploader-uploadid: ABPtcPqhJ8iYYVh42QwnvXXwMTj_UC0ToHKpnqrwAroEpSrb-KEwLEXx8-T8oLT0O9-DWrY9Ldw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32297
last-modified: Thu, 23 Nov 2023 10:26:18 GMT
server: UploadServer
etag: "50bf1a83031c3c1176ae37e02428e2d8"
vary: Accept-Encoding
x-goog-generation: 1700735178727588
x-goog-hash: crc32c=oDzpdg==, md5=UL8agwMcPBF2rjfgJCji2A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=1200
x-goog-stored-content-length: 32297
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Nov 2023 11:51:44 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 100 B
289 B 121ms
121ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=www.officepools.com&url=https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0f4b04caf15fc28fd428b8d48e3e8aff8ee365ff6f0cf150469d60de0d487c

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 82c1d9106fec9036-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 193ms
121ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=www.officepools.com&url=https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.officepools.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 82c1d90faf509036-FRA
content-length: 0
content-type: application/json
date: Sun, 26 Nov 2023 11:38:55 GMT
debug: OPTIONS block
expires: Mon, 25 Nov 2024 11:38:55 GMT
server: cloudflare

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 157ms
65ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&pid=BX8wMCEwz10K7&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%222e523083-bcd0-4b8c-9993-caf3354b6635%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2FOP_728v_2%22%7D%2C%7B%22sd%22%3A%22dfp-skin-left%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fop_left_rail%22%7D%2C%7B%22sd%22%3A%22dfp-skin-right%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fop_right_rail%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs102%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: 90HX7S809578YT5J673Q
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.officepools.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: PDiWf9eONJzkWaAi96dhkv6Flp60jOXjdiHrWwmHE9ZzFhjkibA6ew==

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 118ms
30ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.officepools.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.officepools.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 26 Nov 2023 11:38:55 GMT

GET
H2 200 gcid_s.min.js Show response
p.gcprivacy.com/t/ 12 KB
12 KB 97ms
26ms Script
application/javascript 18.66.122.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.gcprivacy.com/t/gcid_s.min.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-63.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5845423fa671b1f437768658bc1424ba2f089f85a8645e102bee9608a73e7e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: VAq4q9ukaYshS6vfUaowIF9rM2JrIXC2
date: Sun, 26 Nov 2023 09:10:11 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
last-modified: Tue, 24 Oct 2023 12:34:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 8925
x-amz-server-side-encryption: AES256
etag: "ec6bb0b9d5dd7f05019f70766eb4a9b2"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 12142
x-amz-cf-id: BtCwQcQWZxnQ3Z7V3vVs6doa4w_8_f5IaGsQqHV_HwuR0PRazqWcRQ==

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 48 KB
15 KB 461ms
388ms Fetch
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a9d1263fa61e3d5275fb3ad1abd37f072bd833142b68d3318d641b0f64a69f07

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
an-x-request-uuid: 4db220af-f6de-461b-9cdb-09ef30cea614
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.officepools.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
504 B 135ms
60ms Fetch
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.21.0
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 4493da95b09dbe4b3b7c47dccc069a17fab201a386cbc658ae19ef269be7dba2

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Sun, 26 Nov 2023 11:38:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.officepools.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 119ms
38ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.officepools.com
date: Sun, 26 Nov 2023 11:38:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
370 B 143ms
32ms Fetch
application/json 3.121.101.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.101.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-101-248.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 69964e96e2be09052b76b4e18e827aab2b08641e457ff708fc5b4dc9391dd617

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Sun, 26 Nov 2023 11:38:55 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 204 pb Show response
ad.360yield.com/1914/ 0
173 B 183ms
50ms Fetch 176.34.96.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1914/pb
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.34.96.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-96-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.officepools.com
date: Sun, 26 Nov 2023 11:38:55 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
386 B 156ms
74ms Fetch
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.officepools.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 26 Nov 2023 11:38:55 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
174 B 127ms
37ms Fetch 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

x-nbr: 1
date: Sun, 26 Nov 2023 11:38:54 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.officepools.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
552 B 112ms
56ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=337396
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19ec710002c4bda34c21870623051ced5105e2edf31912ecc6077915801f5f03

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pQRY%2FbXeSYnq%2Bmfk6jeqhMeIdHr1qwhDHU3Vf6sQ7k8C6Ru2u1xB3IWsFJ7%2BNPwyajwEKy2nnyStLDRpvbxBIhi5EyZiacIWJzB1%2FGpBrH3RCIaAKxRTZAoSszbEbFMB54uA2T%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82c1d9100af11c3a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 361 B
478 B 525ms
409ms Fetch
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 90819e725df06568e1e39768d0e0878f36eaf6227b0987caab23a22f79bcd8f7

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Sun, 26 Nov 2023 11:38:54 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.officepools.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 164

POST
H2 200 / Show response
shb.richaudience.com/hb/ 5 B
255 B 117ms
55ms Fetch
text/html 157.90.0.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.0.90.157.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.officepools.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 5 B
256 B 112ms
49ms Fetch
text/html 157.90.0.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.0.90.157.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.officepools.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 5 B
255 B 115ms
53ms Fetch
text/html 157.90.0.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.0.90.157.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.officepools.com
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 238ms
177ms Fetch
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

60fd53e675aa6d9fa8f14b65569ee67c61ed2ba890a751a8ff2ef05f93fdaafc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
an-x-request-uuid: ab4a953b-1fdc-455e-924c-0d8dfe3b0a39
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.officepools.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 452 B
979 B 124ms
37ms Fetch
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=222566&zone_id=2829260&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s102,1,,,&eid_pubcid.org=36caa49c-eeef-4238-96fb-e0d7da8d7d2e%5E1&rf=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&kw=hockeypool%2Chockeypools%2Cofficepool%2Chockeydraft%2Cpooldehockey%2Chockeyplayoffs%2Conlinepool%2Cpoolonline%2Cnhlhockeyplayoffpools%2Cfantasyhockey%2Cfantasyhockeypool%2Chockeypoolmanager%2Cpoolhockey%2Chockeynews%2Chockeypoolguide%2Chockeypooldraft%2Cfantasysports%2Cfantasynhl%2Chockey%2Cpool%2Cpools%2Cnhl%2Ccanada&tg_i.domain=officepools.com&tg_i.page=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&tg_i.pbadslot=%2F22181265%2FOP_728v_2&tg_i.gpid=%2F22181265%2FOP_728v_2&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=46d7e1d11330881&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2FOP_728v_2&slots=1&rand=0.6280177612943336
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8b250a1d22fb721410722966d54a5e5eaa88ba47c14dafc197f633a4e579b98f

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 452
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 438 B
785 B 158ms
71ms Fetch
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=222566&zone_id=2829260&size_id=9&p_pos=atf&rp_schain=1.0,1!adapex.io,s102,1,,,&eid_pubcid.org=36caa49c-eeef-4238-96fb-e0d7da8d7d2e%5E1&rf=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&kw=hockeypool%2Chockeypools%2Cofficepool%2Chockeydraft%2Cpooldehockey%2Chockeyplayoffs%2Conlinepool%2Cpoolonline%2Cnhlhockeyplayoffpools%2Cfantasyhockey%2Cfantasyhockeypool%2Chockeypoolmanager%2Cpoolhockey%2Chockeynews%2Chockeypoolguide%2Chockeypooldraft%2Cfantasysports%2Cfantasynhl%2Chockey%2Cpool%2Cpools%2Cnhl%2Ccanada&tg_i.domain=officepools.com&tg_i.page=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&tg_i.pbadslot=%2F22181265%2Fop_left_rail&tg_i.gpid=%2F22181265%2Fop_left_rail&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=474307284055386&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fop_left_rail&slots=1&rand=0.31705658258242675
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9680c6c5ba02952e8463de89f821127653016e4ddcd0be21acc13fc269c9f596

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 438
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 440 B
787 B 171ms
83ms Fetch
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=222566&zone_id=2829260&size_id=9&p_pos=atf&rp_schain=1.0,1!adapex.io,s102,1,,,&eid_pubcid.org=36caa49c-eeef-4238-96fb-e0d7da8d7d2e%5E1&rf=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&kw=hockeypool%2Chockeypools%2Cofficepool%2Chockeydraft%2Cpooldehockey%2Chockeyplayoffs%2Conlinepool%2Cpoolonline%2Cnhlhockeyplayoffpools%2Cfantasyhockey%2Cfantasyhockeypool%2Chockeypoolmanager%2Cpoolhockey%2Chockeynews%2Chockeypoolguide%2Chockeypooldraft%2Cfantasysports%2Cfantasynhl%2Chockey%2Cpool%2Cpools%2Cnhl%2Ccanada&tg_i.domain=officepools.com&tg_i.page=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&tg_i.pbadslot=%2F22181265%2Fop_right_rail&tg_i.gpid=%2F22181265%2Fop_right_rail&tk_flint=pbjs_lite_v8.21.0&l_pb_bid_id=488980c23acce21&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fop_right_rail&slots=1&rand=0.2867896223982096
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fe9907a110f479d61c62d14fbe7a423f4cd57e66f4ae6fa7f4956338c8c3c313

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 440
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 2 KB
2 KB 185ms
109ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 4057ac28ca6244d49628f944056aa3bd54a14e5bc3abbf1da2ab693f90ea987e

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:54 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.officepools.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 77
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Nov 2023 11:38:55 GMT

POST
H/1.1 204
No Content hb Show response
rt.marphezis.com/ 0
231 B 542ms
312ms Fetch 178.128.135.204
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.marphezis.com/hb
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.officepools.com
pragma: no-cache
date: Sun, 26 Nov 2023 11:38:54 GMT
cache-control: no-store
access-control-allow-credentials: true
vary: Origin
expires: 0

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 84 B
434 B 189ms
52ms Fetch
application/json 18.202.39.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.202.39.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-39-252.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 36a6835ef9ed369cbe5336e770d6ad235c245d04e7aeaff436d90424f1e3f2e5

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.officepools.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
167 B 119ms
41ms Fetch 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.officepools.com
pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
162 B 211ms
134ms Fetch 18.194.217.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.217.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-217-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.officepools.com
date: Sun, 26 Nov 2023 11:38:55 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
892 B 240ms
29ms Fetch
application/json 188.42.34.65
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK pbjs Show response
smartssp-us-east.iqzone.com/ 2 B
246 B 358ms
137ms Fetch
application/json 8.2.111.102
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://smartssp-us-east.iqzone.com/pbjs
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.2.111.102 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.officepools.com
Date: Sun, 26 Nov 2023 11:38:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 29ms
29ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Sun, 26 Nov 2023 11:53:55 GMT

OPTIONS
H2 204 health
aegis.anonymised.io/ Frame 0
0 139ms
39ms Preflight
text/html 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.anonymised.io/health
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.officepools.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://www.officepools.com
allow: OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 26 Nov 2023 11:38:55 GMT
server: Google Frontend
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 6e629e2fc927cf4ea441ce54bcc27441
x-request-id: oootvOrqIwarSDOxIvhDXqySkWeqSdGN

GET
H2 200 health Show response
aegis.anonymised.io/ 2 B
146 B 36ms
35ms Fetch
text/plain 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegis.anonymised.io/health
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.officepools.com
x-cloud-trace-context: ffee61cd991d7d634ff76fe5b304dbfe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-request-id: YnCRGiOILSHliODlzzoixkYxuonHxpBM

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
814 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adb5521f6daa28bf7a2f73decfaa78d1bd4efc45ab6e17eca144c3fcc4ccadba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 10:11:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Nov 2023 11:38:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VNV0NXC7N8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNKZGF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5da2a9406b028ad111e70c2ccf7935d27bb13ff5f5f55583ebccf01c11c6a51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Nov 2023 11:38:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 75ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNKZGF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Nov 2023 11:19:54 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1141
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 26 Nov 2023 13:19:54 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014131444/ 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014131444/?random=1700998735364&cv=11&fst=1700998735364&bg=ffffff&guid=ON&async=1&gtm=45He3b81v6735932&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&hn=www.googleadservices.com&frm=0&tiba=Subscription%20Settings&auid=1992655723.1700998735&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNKZGF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab489420500d25ccafc9071fdda82dc8eef7e1011cc8673fd1639b75f961c66a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 81ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 26 Nov 2023 11:38:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cRYi4cix7NGc48Mu4cVu1j4EqFqL/xZ7a3TmW4KDuJNvrU0uHgBTCToDY/LXw4teSbv08gHkYzyknvbnY7Y+dg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 user-sessions-0a43cc9.js Show response
cdn.pbstck.com/ 17 KB
6 KB 91ms
33ms XHR
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/user-sessions-0a43cc9.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/user-sessions/2d986e62-d764-42fe-aa79-9ec1562c635a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f2b509a60a211ffc9307657f4e631470f7400aa8f1cfb2cf7ab14fe586f3fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 81JGZAH2EV24N9EF
age: 336976
alt-svc: h3=":443"; ma=86400
x-amz-id-2: lpRZ12FAjKoZR4af9fMGXbB3Lfy98arCJ+rdYTk0qllTzAEOrJqhvFTf+d4CVB/ey8WKtwpiYek=
last-modified: Mon, 20 Nov 2023 15:44:08 GMT
server: cloudflare
etag: W/"69ab94b3c0f37be443e5ae5598855649"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=604800, immutable
cf-ray: 82c1d9108f929c10-FRA

GET
H2 200 collector-d8cb7f0.js Show response
cdn.pbstck.com/ 61 KB
17 KB 90ms
31ms XHR
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/collector-d8cb7f0.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/2d986e62-d764-42fe-aa79-9ec1562c635a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TFXC082SXYHSFGP6
age: 1169760
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Kb7oqb72YsXnGOrTMQWjthTflkxM6uzajuZd0OXs41t+aOPqgfmHB3xW08QDVA9U9TZ/7qDBUxQ=
last-modified: Mon, 09 Oct 2023 08:15:49 GMT
server: cloudflare
etag: W/"73f689884b644651fd0ea2ef750b8713"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=604800, immutable
cf-ray: 82c1d9108f919c10-FRA

GET
H2 200 modules.28e3191d8757c557b4b7.js Show response
script.hotjar.com/ 227 KB
57 KB 73ms
26ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2922416.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 250669
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57395
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "1ab24a53e715dcb189ab626bacc0e88b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4jnbl5BIocO6MPgfFJvVFI1ODIbk0EOhPqMviUUxquDDFIJvd_kw4A==

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
467 B 165ms
38ms XHR
application/json 2a02:fa8:8806:21::1780
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.officepools.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Sun, 26 Nov 2023 12:08:55 GMT

GET
H2 200 sync Show response
p2.gcprivacy.com/v2/ 451 B
823 B 123ms
123ms XHR
application/json 3.217.130.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=36caa49c-eeef-4238-96fb-e0d7da8d7d2e&u=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&h=www.officepools.com&ref=&ids=sharedid%2C36caa49c-eeef-4238-96fb-e0d7da8d7d2e%7C&v=3
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.130.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-130-42.compute-1.amazonaws.com
Software: /
Resource Hash: a46bd44325bc32e47063e2d41cf497f2b8620f84ff7188ebfc8bd8158b5b9fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.officepools.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length: 451

GET
H2 200 /
www.google.com/pagead/1p-user-list/1014131444/ 42 B
456 B 92ms
37ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1014131444/?random=1700998735364&cv=11&fst=1700996400000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v6735932&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&frm=0&tiba=Subscription%20Settings&fmt=3&is_vtc=1&cid=CAQSKQDICaaNyn44buF6EvhBDtC9GKHRqpddhrWeLS7soIdgh6aBzn0qXXDR&random=194141314&rmt_tld=0&ipr=y

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1014131444/ 42 B
456 B 91ms
36ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014131444/?random=1700998735364&cv=11&fst=1700996400000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v6735932&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&frm=0&tiba=Subscription%20Settings&fmt=3&is_vtc=1&cid=CAQSKQDICaaNyn44buF6EvhBDtC9GKHRqpddhrWeLS7soIdgh6aBzn0qXXDR&random=194141314&rmt_tld=1&ipr=y

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 26ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,900italic,700italic,700,500italic,500,400italic,300italic,300,100italic,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 154774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 16:39:21 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 84ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VNV0NXC7N8&gtm=45je3b81v9101604724z86735932&_p=1700998735197&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1081192769.1700998735&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700998735&sct=1&seg=0&dl=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&dt=Subscription%20Settings&en=page_view&_fv=1&_ss=1&tfd=1661
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VNV0NXC7N8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 89ms
30ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VNV0NXC7N8&cid=1081192769.1700998735&gtm=45je3b81v9101604724z86735932&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VNV0NXC7N8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 60ms
60ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VNV0NXC7N8&cid=1081192769.1700998735&gtm=45je3b81v9101604724z86735932&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1438174604

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 29ms
28ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=116507090&t=pageview&_s=1&dl=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&ul=en-us&de=UTF-8&dt=Subscription%20Settings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=1452888358&gjid=1060934767&cid=1081192769.1700998735&tid=UA-1739654-6&_gid=1408882659.1700998735&_slc=1&gtm=45He3b81n71NNKZGFv6735932&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=519798977

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 69ms
29ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1739654-6&cid=1081192769.1700998735&jid=1452888358&gjid=1060934767&_gid=1408882659.1700998735&_u=YCDAgAABAAAAAG~&z=178820806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 26 Nov 2023 11:38:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 web-vitals
intake.pbstck.com/v1/intake/ 0
33 B 74ms
57ms Ping
text/plain 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/web-vitals?fcp=971.900&tId=2d986e62-d764-42fe-aa79-9ec1562c635a&v=none&s=none&c=1
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Nov 2023 11:38:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82c1d910eeaf6933-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 anonymized_small_black.png
storage.googleapis.com/idw_static_assets/ 2 KB
2 KB 99ms
25ms Image
image/png 2a00:1450:4001:802::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/idw_static_assets/anonymized_small_black.png
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 05adb1a8ab31ced159adf8401bc91d0c28dc75777423ea84358b9565147b5925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:01:25 GMT
age: 2250
x-guploader-uploadid: ABPtcPoPfQ4RCQPeYer1sXtZxZygxkf1NQiUfYIpEiuEZL5RJZQ2jmUS3trlYV6gU4KvAKQ0YGo
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1661
last-modified: Thu, 02 Feb 2023 09:54:23 GMT
server: UploadServer
etag: "d0042077edcb1feff233a5a0e095b327"
x-goog-generation: 1675331663329867
x-goog-hash: crc32c=A2Z1Vg==, md5=0AQgd+3LH+/yM6Wg4JWzJw==
content-type: image/png
cache-control: public,max-age=7890000,no-transform
x-goog-stored-content-length: 1661
accept-ranges: bytes
expires: Sun, 25 Feb 2024 18:41:25 GMT

GET
H3 200 bidderchecker.js Show response
static.anonymised.io/light/ 961 B
418 B 26ms
26ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/bidderchecker.js?v=0.2.9
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 722a4121ccf998eefa71a33203ddd5e99a0ba3243c0549cdf7302268fe0ba979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:25 GMT
content-encoding: gzip
age: 30
x-guploader-uploadid: ABPtcPqgEO2GRfOncs8zUmYYOAoMkpW6t1QrIYX0hpwqUMk7s-BW1HRpYjrecenE1RrqCXTDz4bRjoXDIA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 387
last-modified: Thu, 23 Nov 2023 10:26:17 GMT
server: UploadServer
etag: "c823940225f29e44ae91bea87032c47e"
vary: Accept-Encoding
x-goog-generation: 1700735177845152
x-goog-hash: crc32c=OnUtBg==, md5=yCOUAiXynkSukb6ocDLEfg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=1200
x-goog-stored-content-length: 387
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Nov 2023 11:58:25 GMT

GET
H2 200 timeme.min.js Show response
cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/ 6 KB
2 KB 30ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/TimeMe.js/2.0.0/timeme.min.js

Requested by

Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2264989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1532
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-163a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIFzAJGnQ6bpWUPqsrwXHv32HPazUEnPgVCwniaIY8GAgPrEOK934H9G6Ut3JGWSxFcQl3uyXW%2FafpYQN22KMoz%2Frdu1mX2VwsxcucsnFX5vxNo897YPCFdPYdeevUrA3de7OfjspYZ8eza0ks6%2BCKno"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82c1d910ff583738-FRA
expires: Fri, 15 Nov 2024 11:38:55 GMT

GET
H2 200 927932533984779 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 149ms
148ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/927932533984779?v=2.9.138&r=stable&domain=www.officepools.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a52a0b6b58f624fa6dafe6cc5800ede53b33e528fed7feabbb4b65568ab984d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 26 Nov 2023 11:38:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ZSqnbOGsFgZx1ov1Cnp2uQXIFPCHY9A3efVgB4YqGfH2RsXHazgp/sno9wYIML8+1H4KFTknNmctt8iak+Zd9Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
aggle.net/ 210 B
670 B 474ms
165ms Script
text/html 15.197.179.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=www.officepools.com&pih1=&pih2=&pih3=
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 69f25c75da3fef0af80ad0e56f9e427f442f05ffa5e1f22cd2108f0786fed4b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sun, 26 Nov 2023 11:38:56 GMT
date: Sun, 26 Nov 2023 11:38:55 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 210
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

200

xandr
p2.gcprivacy.com/v3/id/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3D100fe09b-1386-4164-bf12-d18f9182257e
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fid%253D%2524UID%2526gcid%253D100fe09b-1386-4164-bf12-d18f9182257e
https://p2.gcprivacy.com/v3/id/xandr?id=7410819350441759191&gcid=100fe09b-1386-4164-bf12-d18f9182257e

0
38 B

122ms
122ms

Image
text/plain

3.217.130.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.gcprivacy.com/v3/id/xandr?id=7410819350441759191&gcid=100fe09b-1386-4164-bf12-d18f9182257e
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Server: 3.217.130.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-130-42.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
an-x-request-uuid: ce1b5011-9c2d-4b38-8de9-4b3b163fe1f3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://p2.gcprivacy.com/v3/id/xandr?id=7410819350441759191&gcid=100fe09b-1386-4164-bf12-d18f9182257e
x-proxy-origin: 217.114.218.26; 217.114.218.26; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 405 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 104ms
34ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb18b43a63af2caf5194429e31fba788ee44ab408d75cbe3cd1f9adf0da14a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 11:36:55 GMT
server: cloudflare
age: 120
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 82c1d9119a67366b-FRA

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 30ms
30ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Sun, 26 Nov 2023 11:53:55 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 61ms
60ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1739654-6&cid=1081192769.1700998735&jid=1452888358&_u=YCDAgAABAAAAAG~&z=1690719394

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 64ms
63ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1739654-6&cid=1081192769.1700998735&jid=1452888358&_u=YCDAgAABAAAAAG~&z=1690719394

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 88ms
26ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=927932533984779&ev=PageView&dl=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&rl=&if=false&ts=1700998735683&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700998735683.110528505&ler=empty&it=1700998735517&coo=false&rqm=GET

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 26 Nov 2023 11:38:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 rules-p-WFJsXCa9VD158.js Show response
rules.quantcount.com/ 160 B
633 B 103ms
27ms Script
application/javascript 2600:9000:20ab:9200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:9200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 10:55:13 GMT
via: 1.1 a752e456797165fcc0a1e5de08b5353c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 2623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Tue, 11 Apr 2023 19:39:28 GMT
server: AmazonS3
etag: "8451e96214684fb5c6ec4f91dde0548e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: nxXUgVay8QAZJodmVBJXtgYcA_h5uxIhIOHe202g9avCnkEoPneA6A==

GET
H3 200 collect.min.js Show response
static.anonymised.io/light/ 5 KB
2 KB 25ms
24ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/collect.min.js?v=0.2.9
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4421d90bbf983478021bbc14981742e33af47dcfbbbbd2df44b975257fde30cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:22:49 GMT
content-encoding: gzip
age: 966
x-guploader-uploadid: ABPtcPq2OfjHaU28QXZEhfjnKAyKKhMCpxz2MVNl7Yh3zkVDuW61CYF6FXzf3oWwjJr1goaVjV4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1975
last-modified: Thu, 23 Nov 2023 10:26:21 GMT
server: UploadServer
etag: "81cccd3b6fb0900a54795428e0046323"
vary: Accept-Encoding
x-goog-generation: 1700735181247079
x-goog-hash: crc32c=ChCSZQ==, md5=gczNO2+wkApUeVQo4ARjIw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=1200
x-goog-stored-content-length: 1975
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Nov 2023 11:42:49 GMT

GET
H2 200 pixel;r=481183941;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8;uht=2;fpan=1;fpa=P0-1990856813-1700998735687;...
pixel.quantserve.com/ 35 B
372 B 57ms
43ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=481183941;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8;uht=2;fpan=1;fpa=P0-1990856813-1700998735687;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=officepools.com;dst=1;et=1700998735792;tzo=-60;ogl=type.product%2Ctitle.Create%20your%20pools%20now%20with%20Officepools%252Ecom%2Cdescription.Start%20your%20sports%20pool%20with%20OfficePools%20-%20featuring%20hockey%252C%20football%252C%20and%20golf%252E%20%2Cimage.http%3A%2Fstatic%2Fimages%2Ffacebook_img%252Ejpg;ses=8aadec97-f84d-4766-bc39-a1815365dc5d;mdl=

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 interestscores.js Show response
static.anonymised.io/light/ 3 KB
2 KB 24ms
24ms Script
application/javascript 34.107.217.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.anonymised.io/light/interestscores.js?v=0.2.9
Requested by: Host: static.anonymised.io
URL: https://static.anonymised.io/light/bundle.js?v=0.2.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.217.107 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 107.217.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0409134df4107fe3d86b26248e3e8253287e929e94b690173bbab16e35686cd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:24:45 GMT
content-encoding: gzip
age: 850
x-guploader-uploadid: ABPtcPoJFAf9MFHRCIjqmHGDwNZE9xhI4jgPNAmIpNuC59_uz_IUTlhD8-XLlZ-cud6ZFdo5kf8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1601
last-modified: Thu, 23 Nov 2023 10:26:23 GMT
server: UploadServer
etag: "bbe7bbf9f934282283577ce6457f7f33"
vary: Accept-Encoding
x-goog-generation: 1700735182971710
x-goog-hash: crc32c=rzbcSQ==, md5=u+e7+fk0KCKDV3zmRX9/Mw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=1200
x-goog-stored-content-length: 1601
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 26 Nov 2023 11:44:45 GMT

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
272 B 173ms
27ms Fetch
application/json 131.153.158.209
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8&tl=https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8&nf=0&rt=true&v=8.21.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: /
Resource Hash: bfbbe0ab55ab6da1afe48a95f51ef4fbc5db79f49f9abdb407ab313745f64a1c

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.officepools.com
date: Sun, 26 Nov 2023 11:38:55 GMT
access-control-allow-credentials: true
content-length: 66
content-type: application/json

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
210 B 33ms
33ms Fetch
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d9c8262e7af473748bc3fe8ff2b3240feea44368aea2073a8b86347c975b36

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 82c1d9131a609036-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 204 any Show response
idx.liadm.com/idex/prebid/ 0
376 B 395ms
128ms Fetch 54.84.191.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?resolve=nonId

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.191.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-191-206.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 4
access-control-allow-origin: https://www.officepools.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: ba1410d0907735fd
expires: Sun, 26 Nov 2023 12:38:56 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
321 B 57ms
47ms Fetch
application/json 52.208.5.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17228
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.5.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-5-106.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache
x-server: 10.45.25.175
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 119ms
24ms Script
application/javascript 2600:9000:223c:1a00:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:1a00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:30:08 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 529
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: p30cu9-aht5fL5910wlqaeZS3fampc3Va5aw_eXGpGKYWpwJzzA_cw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 90ms
23ms Script
text/javascript 2600:9000:2250:4800:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4800:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sun, 26 Nov 2023 10:03:28 GMT
Via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 5728
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: oz52EdtDA878TuF3iUmxMShUtDCYrtZwxAkFsKpH6-WYPElflUJGPw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 156 KB
34 KB 37ms
37ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 08:19:05 GMT
server: cloudflare
x-amz-request-id: 07BJQWB9195172HN
age: 301
etag: W/"6d1031a5affe091aafc4dbcf111418ee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82c1d9137a202c6d-FRA
x-amz-id-2: S3yxUZWKnY20mFwJCF1xptQa5WDIOXl44+dnD+Z+x2RxOPfs4WBqnV/DU2cvl9kDpuBhjJqzsMU=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 151ms
75ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Nov 2023 11:38:56 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 88ms
23ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:29:33 GMT
content-encoding: gzip
age: 248962
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 22 Nov 2024 14:29:33 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 110ms
40ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: b24270a71b036ddffb372acc7af69d96
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 29ms
28ms Script
text/javascript 18.239.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-33.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 14436
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: iBpFTab03NydCfGo3cYdiG5GIsnB_t5C09e8dKF9FwNfgghzbirWcw==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 56ms
30ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40287
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLDTHwN3pYE4JL9v92S53aSQeHEe5cyXEFoEJtQ3tKabWqYkP%2BjFZJ%2BW7rAWq0YRyPt%2Fvy7aVdGPT9oqfmS2GpfCfK7ooVTDqnMzc5ZxKGp3oG0mS9z2Nt2GCnX26DvOhABXnt%2FHvZuvpJ8WLUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82c1d9139a871e68-FRA

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 90ms
30ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 538476
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 82c1d913d9c49b9e-FRA
expires: Wed, 29 Nov 2023 11:38:55 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 195 KB
29 KB 524ms
524ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1559222028465625&correlator=2178327552240617&eid=31079660%2C31079666%2C31079668%2C31079673%2C31079311%2C31079694%2C31079527&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=22181265%3A1052143%2COP_728v_2%2Cop_left_rail%2Cop_right_rail&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%7C728x90%2C160x600%2C160x600&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700998735892&lmt=1700998735&adxs=315%2C112%2C1328&adys=0%2C274%2C274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&vis=1&psz=1600x100%7C1600x708%7C1600x708&msz=970x90%7C160x615%7C160x615&fws=0%2C512%2C512&ohw=0%2C0%2C0&ga_vid=1081192769.1700998735&ga_sid=1700998735&ga_hid=116507090&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRiS0LPbwDFIAFICCGQSGAoJeWFob28uY29tGJHQs9vAMUgAUgIIZBIZCgp1aWRhcGkuY29tGJLQs9vAMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YktCz28AxSABSAghkEhwKDWNyd2RjbnRybC5uZXQYktCz28AxSABSAghkEhkKCnB1YmNpZC5vcmcYktCz28AxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJHQs9vAMUgAUgIIZBIXCghydGJob3VzZRiS0LPbwDFIAFICCGQSFAoFb3BlbngYktCz28AxSABSAghkEhsKDGxpdmVyYW1wLmNvbRiS0LPbwDFIAFICCGQSHQoObGl2ZWludGVudC5jb20YktCz28AxSABSAghk&dlt=1700998734353&idt=922&ppid=36caa49ceeef423896fbe0d7da8d7d2e&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.03%26hb_adid%3D84f645278d193af%26hb_bidder%3Dappnexus%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.02%26hb_adid%3D856ebdd2eb59b01%26hb_bidder%3Dappnexus%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.02%26hb_adid%3D86baa64644bdfe8%26hb_bidder%3Dappnexus%26anh%3Dtrue&cust_params=pspTest%3Dfalse%26gcRTDTest%3Dtrue%26pbstck_ab_test%3Dtrue%26wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dfr%26gpt_l%3D300%26wrap_l%3D1200%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D200%26padpr%3D12%26amxId%3Dfalse%26hadronId%3Dfalse%26identityLink%3Dfalse%26liveIntentId%3Dfalse%26lotamePanoramaId%3Dfalse%26quantcastId%3Dfalse%26sharedId%3Dtrue%26uid2%3Dfalse%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26gc_bucket%3DJ%26waae%3D600%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s%26wabtr%3Drichaudience&adks=3358776064%2C3808761347%2C4078463433&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a41a5cfeaa620e0c3c53690e5f24f8d0bbcf3218c149139fb09bb7515b91e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29466
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.officepools.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
695cd04a68f148eb8b80717ef15f00e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3BDC 6 KB
3 KB 146ms
56ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://695cd04a68f148eb8b80717ef15f00e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 11:38:56 GMT
expires: Mon, 25 Nov 2024 11:38:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
337 B 46ms
46ms XHR
application/json 52.208.5.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.5.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-5-106.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4e78a9239212f375df3526b9c1336d485f5c6715aa7e839aa0a23917e90a4db4

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache
x-server: 10.45.14.40
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 jsync Show response
aggle.net/ 325 B
976 B 177ms
176ms Script
text/html 15.197.179.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/jsync?pid=NEQ7KDHP5&domain=www.officepools.com&pih1=&pih2=&pih3=
Requested by: Host: aggle.net
URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=www.officepools.com&pih1=&pih2=&pih3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: e8727a72cb304f13b2c0c46c23a71272e98631e4276187ab4ed79233bb162d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sun, 26 Nov 2023 11:38:57 GMT
date: Sun, 26 Nov 2023 11:38:56 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 325
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&rid=esp&cc=1

85 B
203 B

134ms
134ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&rid=esp&cc=1
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 00b368c4c1da47181feed4a7c95aabb63daeafeda535c516cadfe3d0a1c0a6ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-T/Fkaco3NRkuLpgOizSuIvuUNqs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.officepools.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 26 Nov 2023 11:38:56 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.officepools.com
location: /esp?url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
254 B 187ms
124ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&src=esp&ver=1.2.0
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 26 Nov 2023 11:38:55 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.officepools.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 265 B
540 B 96ms
42ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b4c3d8d7a0a89addbabdca597bddd1b4a3388600008cae225f6bfe3c28d5ac57

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 0cf184c7ac597aed19d6034bf29f076b
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
207 B 199ms
26ms XHR
application/json 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.officepools.com
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EC56 15 KB
6 KB 116ms
41ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.officepools.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 11:38:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 372168
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET cs
a.usbrowserspeed.com/ 0
0

GET
H2

200

sid Show response
mug.criteo.com/ Frame EC56
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=officepools.com&sn=ChromeSyncframe&so=0&topUrl=www.officepools.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=05AVNXxNQnpIMjgwQmxlMktwMEJUdFpVcnNnRC9SVm95OEFtb0V4UHRxbFZpUkFMTjh5cEoyZldNMGE1RENSMW9Fc2dUZGFqYmpCTzhjcU5OaVFVaENZcEZUelVnM1NDN1REYUl5akJDblFKcUo3dDM4L2hsaHMxckM2K2...

431 B
650 B

39ms
39ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=05AVNXxNQnpIMjgwQmxlMktwMEJUdFpVcnNnRC9SVm95OEFtb0V4UHRxbFZpUkFMTjh5cEoyZldNMGE1RENSMW9Fc2dUZGFqYmpCTzhjcU5OaVFVaENZcEZUelVnM1NDN1REYUl5akJDblFKcUo3dDM4L2hsaHMxckM2K2xoY09INEdYZnpZTHY1V2hQandESVQ3UXU2KzRPcnROMCtZMzZCck54ZGErRXQxcHhVdS85eWMwVU01OEtueWR5TnJyRW9WL214MXJoUVVzSVFQZk1kYmRvM2NObmc4ckJtWWJ6ZEhsK1B1Y1BoQ3UrL0ZvT1lqanFINmQxV2hsYjh2d0dvQ0xPMkpUT0VROUI5TmRRY2s0NGNHd0dCUT09fA&cppv=2

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c7b2a70948e5b7c046db0ecc31cb16e892be9b13ce3086b2610b21a0ae5372b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1725059
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=05AVNXxNQnpIMjgwQmxlMktwMEJUdFpVcnNnRC9SVm95OEFtb0V4UHRxbFZpUkFMTjh5cEoyZldNMGE1RENSMW9Fc2dUZGFqYmpCTzhjcU5OaVFVaENZcEZUelVnM1NDN1REYUl5akJDblFKcUo3dDM4L2hsaHMxckM2K2xoY09INEdYZnpZTHY1V2hQandESVQ3UXU2KzRPcnROMCtZMzZCck54ZGErRXQxcHhVdS85eWMwVU01OEtueWR5TnJyRW9WL214MXJoUVVzSVFQZk1kYmRvM2NObmc4ckJtWWJ6ZEhsK1B1Y1BoQ3UrL0ZvT1lqanFINmQxV2hsYjh2d0dvQ0xPMkpUT0VROUI5TmRRY2s0NGNHd0dCUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 323018
content-length: 0
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2BDA 281 B
555 B 85ms
23ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Nov 2023 11:38:56 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 4968 0
0 36ms
36ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Sun, 26 Nov 2023 11:38:55 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 17CD 16 KB
6 KB 85ms
23ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=148803
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=165744
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 26 Nov 2023 11:38:56 GMT
expires: Tue, 28 Nov 2023 09:41:20 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 5FBD 0
0 33ms
33ms Document
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13408118
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Sun, 26 Nov 2023 11:38:56 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap7ams1

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6FE7 3 KB
2 KB 96ms
41ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 312
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 82c1d915bc9e2bc1-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 11:38:56 GMT
expires: Sun, 26 Nov 2023 15:38:56 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame F5EC 24 KB
9 KB 156ms
75ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQWX43D&prvid=2034%2C2111%2C2033%2C2075%2C2030%2C2073%2C112%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C523%2C9%2C208%2C407%2C2090%2C2055%2C2099%2C2098%2C173%2C294%2C251%2C175%2C450%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C459%2C70%2C77%2C2067%2C2022%2C141%2C262%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e441c67461b5940d4fe6fa754f2c7c1d459dbfb40c5bac1bc354077c58466712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8610
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 11:38:56 GMT
expires: Tue, 28 Nov 2023 11:38:56 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET iframe
cs.smartssp.iqzone.com/ Frame 1566 0
0

GET
H2 400 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 200D 61 B
220 B 135ms
31ms Document
text/html 157.90.211.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7477921613
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.211.90.157.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 11:38:46 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5135 52 KB
17 KB 103ms
26ms Document
text/html 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 26 Nov 2023 11:38:56 GMT
ETag: "623de86a-cf34"
Expires: Mon, 27 Nov 2023 11:38:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 31CD 800 B
970 B 27ms
27ms Document
text/html 188.42.34.65
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.op-2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 13eeb8a3ac7201852772e2a843ced974f95719c6ab0b431e2324adb4f033e1a5

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 800
content-type: text/html

GET
H2 200 sync
x.bidswitch.net/ 43 B
147 B 115ms
23ms Image
image/gif 18.157.205.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.205.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-205-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
279 B 82ms
25ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

b36c1a5158beed89ccf634498ded12f46717109f53c5924b7f091620a7dc726a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.officepools.com
date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 sync
x.bidswitch.net/ Frame 31CD 43 B
146 B 86ms
24ms Image
image/gif 18.157.205.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=between
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.205.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-205-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

match
ads.betweendigital.com/ Frame 31CD
Redirect Chain

https://ads.adlook.me/csync?pid=btw&uid=775e9b33-d2de-524a-88c5-ee1deda6c052&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=49630f77e60143e58872dd6df327e40a

68 B
598 B

29ms
29ms

Image
image/png

188.42.34.65
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=128&external_user_id=49630f77e60143e58872dd6df327e40a
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://ads.betweendigital.com/match?bidder_id=128&external_user_id=49630f77e60143e58872dd6df327e40a
date: Sun, 26 Nov 2023 11:38:56 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
ads.betweendigital.com/ Frame 31CD
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6nKg3McSDDw.AikABlGMC2zrEA

68 B
598 B

27ms
27ms

Image
image/png

188.42.34.65
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6nKg3McSDDw.AikABlGMC2zrEA
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:56 GMT
server: nginx
x-backend-id: f27-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=6nKg3McSDDw.AikABlGMC2zrEA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 2030 49 KB
18 KB 205ms
22ms Document
text/html 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Sun, 26 Nov 2023 11:38:56 GMT
etag: W/"64abbb76-c2af"
last-modified: Mon, 10 Jul 2023 08:04:06 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-age: 617386
x-77-cache: HIT
x-77-nzt: EQwBnJIhiAH3qmsJAA
x-77-nzt-ray: f6587a1d5c77f09b502e6365784cfe19
x-77-pop: frankfurtDE
x-accel-date: 1700381350
x-accel-expires: @1701418150
x-age-lb: 617386
x-cache-lb: HIT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 17AD 4 KB
1 KB 170ms
21ms Document
text/html 151.236.118.210
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=775e9b33-d2de-524a-88c5-ee1deda6c052&CACHEBUSTER=608537
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 26 Nov 2023 11:38:56 GMT
etag: W/"638623e5-e7e"
last-modified: Tue, 29 Nov 2022 15:23:17 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 311
x-cdn-request-id: 4038a02e9eb3dec92289377ef9879ef1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2BDA 46 KB
13 KB 24ms
24ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8d930c2f5a8400c78ce415e91fd9a884d1fdfbe17e511cfdd00537a9550d4a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 11:38:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Nov 2023 11:37:55 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=86343
Connection: keep-alive
Content-Length: 13230
Expires: Mon, 27 Nov 2023 11:37:59 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 17CD 0
43 B 166ms
47ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14510301&p=148803&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=148803
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
content-length: 0

POST
H2 200 v3 Show response
id5-sync.com/gm/ 361 B
646 B 77ms
23ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

8426438983f234f291d2717bf2f3a071d8545018fb7d0bfd924a108c962f3a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.officepools.com
date: Sun, 26 Nov 2023 11:38:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame BDAC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
862 B

40ms
40ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbbdec171deb372c361174525116fbf9d7ebae769fe950f113f4ef2eb19b65d7

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82c1d91649201c3a-FRA
content-encoding: br
content-type: text/html
date: Sun, 26 Nov 2023 11:38:56 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I7wn2qXDlX%2BgiDNuxxyObqipWCdKtjrUqlA%2F99QGV1n8DVOxYK7iEUdwxV1XXAwzibaI4S1m8N2eU3F4XlH%2FkmQrfBlTIINZCPgt7PZQG5UYhv6r9cxqJ3l8%2B6TJhAYqWWRjDFk69zZ2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82c1d91618ef1c3a-FRA
content-length: 0
date: Sun, 26 Nov 2023 11:38:56 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRoioSOYFpGWoYNy6RpMiha9Tvw82VBzw6ThJkop2tA4GfYICSBZ%2FUF5LAWK8iT0X%2BUKhm97%2BCu1jLDgIXRiCkDyIAXqGxDj5rAY1%2FbIORk%2BWvWkmqUNjtVoUrYZOJkt2glZRhNYa1JJrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5135 0
596 B 29ms
29ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:56 GMT
an-x-request-uuid: 07c82c3f-db00-4220-97b8-1c299c192983
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.26; 217.114.218.26; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 4BA9 0
177 B 99ms
33ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 26 Nov 2023 11:38:56 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 2BDA 7 B
380 B 101ms
25ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires: 0

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame BDAC
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWMuUBFBv-bJTrJ25iVzJAAA%262231&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=86d13409-5906-404a-9b64-27a488f9d22d
https://p.rfihub.com/cm?pub=39342&in=1&userid=d4acc69b-832d-490a-977e-a8c5f48d582b%3A1700998737.1244383&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd4acc69b-832d-490a-977e-a8c5f48...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529029069467&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd4acc69b-832d-490a-97...
https://idsync.rlcdn.com/501709.gif?partner_uid=d4acc69b-832d-490a-977e-a8c5f48d582b%3A1700998737.1244383&_=1700998737.1273482

0
99 B

89ms
32ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=d4acc69b-832d-490a-977e-a8c5f48d582b%3A1700998737.1244383&_=1700998737.1273482
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sun, 26 Nov 2023 11:38:57 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: FRA56-C2
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=d4acc69b-832d-490a-977e-a8c5f48d582b%3A1700998737.1244383&_=1700998737.1273482
content-length: 447
x-amz-cf-id: nWUUletX6oKjF2nRHJbe6JttGPkXcIrv0v_vn8pp5PFaSfsMPIFpRg==

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame BDAC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWMuUBFBv_bJTrJ25iVzJAAACLcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIBWRGZTWeQpsXCmZFZhwRo&google_cver=1

43 B
771 B

59ms
59ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIBWRGZTWeQpsXCmZFZhwRo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6KupwrtQqjBekvLIFd7cZ5zALGOH5VvTwwFi3CkqpnzBkI8cUZnswzp69V7%2FlsUyPqVhzD2vbpYMsbbahRP%2BW8LCTxaWoZbkcKdlugKmegiPRIRWiOZSDzvmdGh%2BKZsWE4oA93OKJI4cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82c1d9176f00368a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIBWRGZTWeQpsXCmZFZhwRo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame BDAC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWMuUBFBv_bJTrJ25iVzJAAACLcAAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWMuUBFBv_bJTrJ25iVzJAAACLcAAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

136ms
136ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWMuUBFBv_bJTrJ25iVzJAAACLcAAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Nov 2023 11:38:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MWP62NA6ZNJVPQWED554
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 26 Nov 2023 11:38:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P4PEAD550KBA7K0Z3WME
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWMuUBFBv_bJTrJ25iVzJAAACLcAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame BDAC 70 B
150 B 145ms
45ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame BDAC 43 B
433 B 192ms
45ms Image
image/gif 52.30.179.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.179.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-179-44.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 26 Nov 2023 11:38:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame BDAC
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E570E137A73B46549232650C53FD3E72

43 B
340 B

55ms
49ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E570E137A73B46549232650C53FD3E72
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKX4YIQo0Ot2kJXyLnqtP0liUy4AM8MJq3pLaVo3AF1tZPVGqGEYPKpe%2BIk9CQhxzxGLzSnbqDfZz6JzFVOOgl9gI%2FsgOwQXVvf6yhjwPlDyQ6Hwq5yqC%2FFh0o%2Ba0T1hztwNpymIXZRxgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82c1d9178a941c3a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sun, 26 Nov 2023 11:38:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E570E137A73B46549232650C53FD3E72
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 25 Nov 2023 11:38:56 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BDAC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZWMuUAACf9-EDABH
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWMuUAACf9-EDABH&_test=ZWMuUAACf9-EDABH

43 B
738 B

47ms
47ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWMuUAACf9-EDABH&_test=ZWMuUAACf9-EDABH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ1hCPaTRs%2BZ4mOmCxYEKrZPzb4I7kZtl1%2FBMsJOTUD8ERhzl2rThhUdom8xM%2F%2B6gAvy0kBSWdSDHsKNhKe7bAN0I8jAMB10FFPInZVLfatKsF3DyRvx9O32j7ZXBXFy%2FQNAz8ueIX27lg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82c1d9189869368a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-cph2320029-CPH
pragma: no-cache
date: Sun, 26 Nov 2023 11:38:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1700998737.700879,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWMuUAACf9-EDABH&_test=ZWMuUAACf9-EDABH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sync
x.bidswitch.net/ Frame BDAC 43 B
146 B 24ms
23ms Image
image/gif 18.157.205.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.205.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-205-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame BDAC 43 B
229 B 35ms
29ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZWMuUBFBv-bJTrJ25iVzJAAA%262231
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.officepools.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 35583
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82c1d916cdba2bc1-FRA
content-length: 43
expires: Mon, 27 Nov 2023 11:38:56 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 17AD 43 B
146 B 24ms
24ms Image
image/gif 18.157.205.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=between
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=775e9b33-d2de-524a-88c5-ee1deda6c052&CACHEBUSTER=608537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.205.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-205-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame FDAD 196 KB
56 KB 113ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 04:19:00 GMT
age: 112796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 04:19:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FDAD 15 KB
5 KB 184ms
92ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 21:48:00 GMT
age: 222656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 21:48:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FDAD 95 KB
29 KB 185ms
93ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 01:47:30 GMT
age: 121886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FDAD 5 KB
2 KB 181ms
89ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 22:04:26 GMT
age: 135270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Nov 2024 22:04:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FDAD 40 KB
13 KB 182ms
90ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 23:09:32 GMT
age: 217764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 23:09:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FDAD 4 KB
655 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 11:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 10:11:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Nov 2023 11:38:56 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FDAD 2 KB
3 KB 100ms
48ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 66060
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 26 Nov 2023 17:17:56 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FDAD 295 B
665 B 75ms
24ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 50538
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 26 Nov 2023 21:36:38 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 38FC 196 KB
55 KB 154ms
69ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 04:19:00 GMT
age: 112796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 04:19:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 38FC 15 KB
5 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 21:48:00 GMT
age: 222656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 21:48:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 38FC 95 KB
28 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 01:47:30 GMT
age: 121886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 38FC 5 KB
2 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 22:04:26 GMT
age: 135270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Nov 2024 22:04:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 38FC 40 KB
13 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 23:09:32 GMT
age: 217764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 23:09:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 38FC 6 KB
706 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 11:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 11:07:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Nov 2023 11:38:56 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 38FC 2 KB
3 KB 94ms
50ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 66060
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 26 Nov 2023 17:17:56 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 38FC 295 B
353 B 69ms
25ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 50538
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 26 Nov 2023 21:36:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 38FC 0
0 30ms
30ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSagh6pw27G3m_iaI3XjL2HdUZgI8CLXUuo8-pfFvUy3zpsenEcxUyHaHjk-l8rNoZZNqgeKCPLcrFsRmSuGpNY4TSbA
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 9050 196 KB
55 KB 130ms
58ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 04:19:00 GMT
age: 112796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 04:19:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 9050 15 KB
5 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 21:48:00 GMT
age: 222656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 21:48:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 9050 95 KB
28 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 01:47:30 GMT
age: 121886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 9050 5 KB
2 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 22:04:26 GMT
age: 135270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Nov 2024 22:04:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 9050 40 KB
13 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 23:09:32 GMT
age: 217764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 23:09:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9050 14 KB
1 KB 34ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 11:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 10:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Nov 2023 11:38:56 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9050 2 KB
3 KB 81ms
50ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 66060
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 26 Nov 2023 17:17:56 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9050 295 B
353 B 43ms
25ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 50538
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 26 Nov 2023 21:36:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9050 0
0 31ms
30ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcRslkqVZi1YI-1AcU2m0SJxDWoGSmS0XxYyLCqjzfAwJ_y-_xsezKgXyGIOUe8F7a30KD1BXFP8fvVXmY9sYavvlS0w
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/12326072016402302042/ Frame FDAD 25 KB
25 KB 49ms
26ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12326072016402302042/6592766407814317453

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e07f4113b4672813d729eb578e31a332067417360f06c5e774d75017a395a725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 10:35:19 GMT
x-content-type-options: nosniff
age: 522217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25347
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 13:25:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Nov 2024 10:35:19 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5634454142536851594/ Frame FDAD 2 KB
2 KB 69ms
47ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5634454142536851594/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c56f30b3a9f7ede4eab84d1234b22c8406ae479e9ce744b061e90e47703ea997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:00:50 GMT
x-content-type-options: nosniff
age: 131886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2231
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 07:16:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Nov 2024 23:00:50 GMT

GET
DATA 200
OK truncated
/ Frame FDAD 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc6cc4f19848077e48a8f0895ea6ab37927093baa05adc19cefd65bca8e0ac61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/1749023525228097400/ Frame 38FC 68 KB
68 KB 71ms
51ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1749023525228097400/2076313506083323656

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee9194bac0c7d519c94b384faabb1499588d1a9f36644792cc23dbdcca13b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 11:11:48 GMT
x-content-type-options: nosniff
age: 174428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69853
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 17:35:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Nov 2024 11:11:48 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15171015996519545528/ Frame 38FC 2 KB
2 KB 84ms
64ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15171015996519545528/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce92550fe0818ea4eed26af4c214845537a8d15db9c3972784f58cbd83472552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 07:32:58 GMT
x-content-type-options: nosniff
age: 101158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2412
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 20:48:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 07:32:58 GMT

GET
DATA 200
OK truncated
/ Frame 38FC 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 38FC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cb3cc8ea5afa8ee84d6167da47c4fe65510d6ea02c82699cb97b12b1acd9446

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9050 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9050 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 340898148fb46dd451b21580b1c6d56e47e32d6ec5414ea815893f8a040a9b20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

62169f84-8c50-11ee-bbb1-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 17AD
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjQ3IyrBqIBEGIWn4SMUBHuu7EAJZDIJDc*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=62169f84-8c50-11ee-bbb1-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=62169f84-8c50-11ee-bbb1-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=MdqiF5hEK6FPeNOH0GUh4Q&
https://an.yandex.ru/mapuid/adsniperis/62169f84-8c50-11ee-bbb1-002590c82437
https://an.yandex.ru/mapuid/adsniperis/62169f84-8c50-11ee-bbb1-002590c82437?redir-setuniq=1

43 B
108 B

66ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/62169f84-8c50-11ee-bbb1-002590c82437?redir-setuniq=1

Requested by

Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 26 Nov 2023 11:38:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 26 Nov 2023 11:38:57 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 26 Nov 2023 11:38:57 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/adsniperis/62169f84-8c50-11ee-bbb1-002590c82437?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 26 Nov 2023 11:38:57 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FDAD 15 KB
16 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 154775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 16:39:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FDAD 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 79307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 13:37:09 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 38FC 15 KB
16 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 154775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 16:39:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 38FC 15 KB
15 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 159361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 15:22:55 GMT

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 2030 1 KB
861 B 94ms
22ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 26 Nov 2023 11:38:56 GMT
content-encoding: gzip
x-age-lb: 617625
x-77-cache: HIT
x-accel-date: 1700381111
x-77-nzt: EQwBw7WvJwH3mWwJAA
x-accel-expires: @1701417911
x-77-age: 617625
x-cache-lb: HIT
last-modified: Mon, 10 Jul 2023 08:02:46 GMT
server: CDN77-Turbo
etag: W/"64abbb26-479"
x-77-nzt-ray: 25b02131c0e701ed502e636597d06724
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9050 33 KB
33 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.officepools.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 311825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 21:01:51 GMT

GET
H2

200

cm-notify Show response
creativecdn.com/ Frame C02C
Redirect Chain

https://creativecdn.com/cm-notify?pi=vidoomy
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1

42 B
243 B

28ms
28ms

Document
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
content-type: image/gif
date: Sun, 26 Nov 2023 11:38:56 GMT Sun, 26 Nov 2023 11:38:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache

Redirect headers

content-length: 0
date: Sun, 26 Nov 2023 11:38:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2030 0
239 B 111ms
24ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cookie
cm.adform.net/ Frame 2030 43 B
107 B 135ms
33ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dadf
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:56 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9050
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H3
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Sun, 26 Nov 2023 11:38:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FDAD 0
0 68ms
68ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLjF2Ty5jZcHqOrC21PIP2MerYJfS17R09-bI-t8R3_q1otsCEAEghveGJmCV-vCBjAegAe2MpYYqyAEJqQIHxDQrk1qyPuACAKgDAcgDCqoE-QJP0Jn-u47uN5BXLuKb4BqTivuuuDWvxe2Oag9Ls06lRU5Hbap9cBijCImufYMn_OjcU3Pj583OwOoxWusQ4rgrf14fXgX4Xn8JcZj300ztlAwsDmQa0mDoiULRk7Y042vLsj5XRwWuaQDLzaVIDhgtWeOVXpfBDu0rLg2UE3NJ9kD0mlAhaeeWm6qQu_kt0QWYQdGB8R5wZBrk0g5dje5xJNqXxEzf4hPffn-3zxP6l511KQyCmDF0YcCfW1GZVEeAoAV7WfQj8MF16PveY9E-gRSB6N4hZ9jd7RT97DdjTxotF5JNNQMowlKZRGxgV6iA7eOGytFfJkWcagu8_LYXkr9iYKWkuitwyYThsW4OY8hmWxLSr7Bge4OPfV--rJHgrBjMaJ_TT5Vp_qcBYxCY3DhIZozdJrK0hivs-C8M6rHm-9ljqel46HjihxhHZ9ffr00c37fblbpBkRsdGpRlt80fdRHzcxcIAQVp2vkQS-swtYkQvyOkEMAE_LfYvr8E4AQBiAXUus3KTKAGLoAH7cT15QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD9_AfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0xODM4OTEwNzg3OTIwMzUymgkRaHR0cHM6Ly9ub2Jpby5ldS-ACgPICwGiDBAqDgoM5LSxAu61sQK1uLEC4g0TCO_0rIvK4YIDFTAbVQgd2OMKDLgT5APYEwOIFALQFQGAFwGyFx4KHAgAEhRwdWItODU4NjI2NTAxMTYyNDEwNxiB1Bw&sigh=xzu9jvo-KL0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNurNKonk8WeJrEWU0_9m3AaqWAjECtL_2Ouxfhh9gYyI74xtB3JDjJHK9_G1moruwCirYgQPz9exwVgNcjQ-T4DvUYvuWcQRdBxgB&template_id=484&cbvp=2
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 38FC 0
0 67ms
67ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ0ZPTy5jZcLqOrC21PIP2MerYNC3x6J0g_-i0pcSzv2Hn60JEAEghveGJmCV-vCBjAegAeSj2pIqyAEJ4AIAqAMByAMKqgTyAk_QjZsYBiKLKD0GHBktXeHlvUsJbg1JlSQ8hybRotibwgm4KMsprbuUMDmmijxiIcqHPhCDEawMFyLTtpHNEjeGLE3F8XvQ8t681rbeWe__lMAQHsXQp9VpDWnr4XnD6trYz945t3gOA3jdrHuyOIhjrviJ-fvYmV5VEtWNlYvD_nlzhqYIbJwkJKqVEQQuf_OXMyO3nyBVZM7DvaDRvZLi3wdAgM1rqnyAM4SV_uO4zqOFZ6VNTuOKyQb2wbEjIOG22RslmdRqiokQ8xARZTo3bEZdPmKR8RmuHQ4hjqeV3xwYWCe1bb828H4pB9opHrXpYYodBmkJF5MN61Cty-KU0OCXtzFJfWhPO4NKTXNZYY14ain2dXQ4mrmrFqst99EUDpay6MQBSlv8j0HfmcU1KWPxcWbKkCPjbgm4itAAm10ZvY6jD1XTZc0ry_syrofUUnthGNcMgN1LsOZGf7_thz-69MyihcmhqOgg7y134vXABNbG7KXMBOAEAYgF4bD32EySBQQIBBgBkgUECAUYBKAGLoAH5Nuq8gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDMlAfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0xODM4OTEwNzg3OTIwMzUymgn4A2h0dHBzOi8vbGlmZXN0eWxldHJlbmRzaHEuY29tL2NvbnRhaW5lci1ob21lcy1kZS0yLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fY2FtcGFpZ249MjA1ODc1OTk5NjkmdXRtX2NvbnRlbnQ9MTU3OTE5NDIxMjcwJnV0bV9tZWRpdW09d3d3Lm9mZmljZXBvb2xzLmNvbSZ1dG1fdGVybT0mc3ViaWQ9MjA1ODc1OTk5NjlfMTU3OTE5NDIxMjcwJnNlZ21lbnQ9YzJzbGlmZXN0eWxldHJlbmRzaHEwMDAxJmdhbWlkPUFXLTExMzEzNTE3MDI4JmdjbGNpZD1BVy0xMTMxMzUxNzAyOC9iZjZhQ0pEODVlRVlFT1NqMnBJcSZmb3JjZUtleUE9SCVDMyVBNHVzZXIraW4rU2NoaWZmc2NvbnRhaW5lcm4renUrdmVya2F1ZmVuJmZvcmNlS2V5Qj1Db250YWluZXJoJUMzJUE0dXNlciZmb3JjZUtleUM9SGF1cyt2ZXJrYXVmZW4mZm9yY2VLZXlEPUthdWZlbitTaWUrZWluK3NjaGwlQzMlQkNzc2VsZmVydGlnZXMrQ29udGFpbmVyaGF1cyZmb3JjZUtleUU9Q29udGFpbmVyaGF1cy1CdW5nYWxvdyZjY29kZT1kZYAKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI8PSsi8rhggMVMBtVCB3Y4woMuBPkA9gTDNAVAYAXAbIXHgocCAASFHB1Yi04NTg2MjY1MDExNjI0MTA3GIHUHA&sigh=yUycJRUzG9o&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNurNKonk8WeJrEWU0_9m3AaqWAjECtL_2Ouxfhh9gYyI74xtB3JDjJHK9_G1moruwCirYgQPz9exwVgNcjQ-T4DvUYvuWcQRdBxgB&template_id=484&cbvp=2
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9050 0
0 67ms
67ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CT0uZTy5jZcPqOrC21PIP2MerYJfS17R09-bI-t8R3_q1otsCEAEghveGJmCV-vCBjAegAe2MpYYqyAEBqQIHxDQrk1qyPuACAKgDAcgDCqoEgQNP0KPkL_ugGk0kDQyEXPcVN4kmOOGAmjCapi_rwKZYw1w5qaPwTz3Xg-_xAsSnzLioCjlQKTPHD6WqLjiCEeW69w-hzjZ27veQmkj7U0F87J2SUxf1cd0SxHU411ArNA_XWxOa52kN8UOS7jXfT7YUcrc9Uq6KDJkWCHSwVSVVwh9zWfKPeGmVVoZ97Eqf3IsOXFdEFfPne72ZhafjBB9guQhVBC4HDGcYd1n1qHITD-5jKzAIKjokwG02H53JZgE_eFQLTrZ7XkJc8NnDOKhcgLL1fuSoZeJHml7oDOmAriFerPhR_Y9SL3btemk058DfyHzCdmuNFnTOP6gRy0dwPFFBCzUF-KDaXXpdFZaPYvgDu9LdmgvXJMIPC3Fa3TeBjbeOoCaZibA_Nz2GMZMoILI7XTyk27vgED2OLQONFp7DIU-oWE3dJwsPATjgTibvD8o2UNKYPoGkcJ-soVyv3M4jPwCqCY2aPX7JMrp_gYa0BHThW8HN3Z46VQlP9uRIwAT8t9i-vwTgBAGIBdS6zcpMgAftxPXlBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPnfCNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTE4Mzg5MTA3ODc5MjAzNTKaCRFodHRwczovL25vYmlvLmV1L4AKA8gLAaIMECoOCgzktLEC7rWxArW4sQLiDRMI8fSsi8rhggMVMBtVCB3Y4woM2BMDiBQC0BUBgBcBshceChwIABIUcHViLTg1ODYyNjUwMTE2MjQxMDcYgdQc&sigh=B4_4OcupTfk&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNurNKonk8WeJrEWU0_9m3AaqWAjECtL_2Ouxfhh9gYyI74xtB3JDjJHK9_G1moruwCirYgQPz9exwVgNcjQ-T4DvUYvuWcQRdBxgB&template_id=5020&cbvp=2
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H3 204 auction Show response
intake.pbstck.com/v1/intake/ 0
139 B 87ms
61ms XHR
text/plain 2606:4700:10::6816:5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?tId=2d986e62-d764-42fe-aa79-9ec1562c635a&c=3
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 26 Nov 2023 11:38:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82c1d91a8a799b74-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A925
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
555 B

23ms
23ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=775e9b33-d2de-524a-88c5-ee1deda6c052&CACHEBUSTER=608537
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Nov 2023 11:38:57 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 26 Nov 2023 11:38:57 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A925 46 KB
13 KB 27ms
27ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8d930c2f5a8400c78ce415e91fd9a884d1fdfbe17e511cfdd00537a9550d4a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 11:38:57 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Nov 2023 11:37:55 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=86342
Connection: keep-alive
Content-Length: 13230
Expires: Mon, 27 Nov 2023 11:37:59 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5135 0
596 B 28ms
28ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:57 GMT
an-x-request-uuid: f61abbe3-daa9-4e51-9cfa-65b3a84cecc1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.26; 217.114.218.26; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A925 7 B
380 B 25ms
25ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires: 0

GET
H2

200

608537
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 17AD
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/608537
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/608537

43 B
297 B

57ms
57ms

Image
image/gif

2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/608537
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.0.4/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:57 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:57 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/608537
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 121ms
72ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37e41a6bc795ad946e789baaa04b520638f82a450a6c314dc662b8a62468edff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12324
x-xss-protection: 0

POST
H2 204 web-vitals
intake.pbstck.com/v1/intake/ 0
57 B 57ms
56ms Ping
text/plain 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/web-vitals?ttfb=550.000&tId=2d986e62-d764-42fe-aa79-9ec1562c635a&v=none&s=none&c=1
Requested by: Host: www.officepools.com
URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Nov 2023 11:38:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82c1d91e3d596933-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sync
x.bidswitch.net/ Frame 17AD 43 B
146 B 23ms
23ms Image
image/gif 18.157.205.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=429&user_id=775e9b33-d2de-524a-88c5-ee1deda6c052&expires=60
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.205.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-205-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FDAD 42 B
64 B 66ms
66ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstD-K4vo2WZBESe8pqEDzQyI2jLXta0aV3Ap84a31xhqPrV1buYwwgu6nX5pFMewNzAljmncnDUaNf8f7-5e9_FQFD1_hW_ndlhRSFiL_iSsA-qpLnfB94vELVwO13argVKB_jgGGB_CFTBamT2mKetAy8xvvqH6F0U9NUHXj-iBWTZ3THU3CiXpHKW7HaRvzO0DBFOPYJ7q0qhv_WNkUoOX6mnRA9MzU2pSCCejIS6DNdTVHdPANaZyq8_LqWdw_XMzKHob7nFRteIsIkH6qnqXpfH0q94DeZI3etloNmJjsCbjWO-mqBuDBxr7c3E-WqjNJzKQgwJovghFdBN8-9yXK2YZ3gpBwcTwXnV4G6riWKOSagPtXF4UAmpxdpCQK_sa28BpJle9bivQRJPNsTseooF5EkWxUZbOSEGGH7SZq-JKp4Htx96dwf4cD5K3tuR8KoqxVl9pHZcJFxlPqhBtGQ4ijx8fxxL17zIZmxKtUGWHxBlVHm4YjORTmiifa6KC76G_0kNhZFZGthvqYgIH82XlEmw3wMjObjoM784VI4_8PYEeRIeq45M9iiwRHU0pb4buddGF2m-Co-QwfSdykiEfQcqJvZob6zScGK-gvDAY7SuEU5HmH114yO3xx2a7XizfCCxG2AiBOypFXF7rmnsAq8jr7q_l1qP7JPWXW1jaL5HI6yK7V0xJzcuoBBbuQpyDnf6WkJJvHtC9F8A_gD2MDid2gNOfHZJ4pI0bRrYCGDZCO12r2J1oD8g021oqMyg5BXFtBcF1qf2w86z9KLHlJN5j4YNrJ7kvrsvuYsfNPZmuB70pLkSHUOdvAvNae9bU8VHDKHHs6Rct-qASPf9bOJhn2heUD_UDHZ8ErqIUHitMbZExH9luvDvHKDcVsJi8nA6Jh-WFdGwCT79wMGBBTB6nJXrAsHlE9KEZo1RDplkiDha36Lu1ETxoRBVL9aRdhlBJYPYVtWWAeNMitTIX9llAfxjkWLswjJU7taMoGav1EdXXb3OjQ_J_dLoHhdBJvay_rvUum7q_g2Wu2lzzLbQuac2hBxuZznFS9452ewVUT1v2KuDXPs4xPy1L3f91t01EsVKfQXRYjqxeetbYgajzfaTc1IedcIZ5YknwUK5cdZgS2IPrZXa6inbsp2MVsvHT4P_lHcaMxBhLsnz1UjYRDSbO-5rfDwZTRj1KFIDpK8qt1ptKT7XbbRhnX1_tS2owZb03S3t8I0TWvb4T2pmLQlPkr0v_ygqvTX6BrwzbAWBqRqGcZaZlZuGFvKqWIWVUMHvgVK7Mr9zR1cqmhxt-j0AE9tIyTLvtN8g3G4ltgAKi_tohp1bmCG9SdI7sHA_opx_tRu18U_WGpQw8U6_tixpNKoz-jq4fLQPsAjDmvQCMfoOkHCq2F6NH81g3hE7vr_P5u3YunTHP11dSqy_N3PdNkA9d4_vek7CVujenqasptmiHlo2oc5wqfOvofs5Ef1YGWXUkGmnVg1TWc&sai=AMfl-YRnBprA12jS4cU9-CsfNXCYc1B1QDqeqe_c1-P05c12oOHWg1tZsnun9s_xork-jVyePUX4nHlRK1SN67ZbJtjtZazTRX5GjHTbxl846t1k6Xq4FyYcH2vfvnerdZcvEh2ot__Wp57aDdjxtE6tIqTZMBPgROhAc3xgFw&sig=Cg0ArKJSzA1XLSeqjqdjEAE&cid=CAQSTgDICaaNurNKonk8WeJrEWU0_9m3AaqWAjECtL_2Ouxfhh9gYyI74xtB3JDjJHK9_G1moruwCirYgQPz9exwVgNcjQ-T4DvUYvuWcQRdBxgB&id=ampim&o=315,0&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=237&tls=1237&g=100&h=100&tt=1237&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 38FC 42 B
64 B 65ms
65ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoyitoIMG78kjvOvv9zg3p93ywK6bDCyJQe4vCgBHTQp935XX6g6LWYJbJV9qXvR-asbpftmx5-IUVwBDoJzZ-OOAwqqJLpNvNdNksu4wElemnY-VHSeqk8CJDWJNyhaaisgyL0eqnbwIL&sai=AMfl-YTFED5DOZ36QsgD8HNysZkL_-8uzfGD9-KtN1ypvDj7fOc0ruxiuq2QA0UbprHEKUO3LejQ1PDorG1JZfeNGJn0iihimNlR1moRKWG-fhNbcWTSMr76VM8Qdkaz3gA41Mrf3zu9LeJ8WLPFdgkr&sig=Cg0ArKJSzHjgv9arVKuuEAE&cid=CAQSTgDICaaNurNKonk8WeJrEWU0_9m3AaqWAjECtL_2Ouxfhh9gYyI74xtB3JDjJHK9_G1moruwCirYgQPz9exwVgNcjQ-T4DvUYvuWcQRdBxgB&id=ampim&o=112,259&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=231&tls=1231&g=100&h=100&tt=1231&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 27F3 0
0 79ms
24ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=775e9b33-d2de-524a-88c5-ee1deda6c052&CACHEBUSTER=608537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9050 42 B
64 B 66ms
66ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubatTjiF6atbnaWJR2rrDrZSojWbluyAi2eEGqYSO96nAMdMpT5-tgTHGvkKgnIVAXclkvZv46HsMrLCqlZqh_0_1wpkfY-ZmmDjQO2VDL8izBgmIQhOScUfDYIeOKspDQkFaMsE1zQ4C9PVEMCkY5JgCoQ-MHCpeBgH8UhxGg-b1R71r0dOCfIXGrJ_XVdSG2nYCV4m1yPgcJV-yjO9iAEaAhovCKZrye03FSNGzPBBgrnvuK6P6jIWrBCslQe7NVUxr4AgNPw0V2K9Ld6cPIo3mhr8kn-EUo8sSWa7h73jzhjWVZ8zZ2AegBMOAd3FcXZP_BL6WYpKzKMN1sXbf5RypFEsspgWu-j4HmqUCoda4k7t8BqW9HZU0VJBRfRiIvSq9kFzCTvqg79wtY4n1c21ZmBIpL3pPQ1F42MFtwUgsePTQS6nPAb1Br8zDc9eG7uhaYeIY-I7D2IxkeLi8-Uwk3bWAxpPkFwgmO1Ul1T6ZrX3ak_G3aT9_w0ySgzu7HWWxDVuV6PsDl12R6KaleVujoYYBc6L8tdIi66lk3XlNunYRQnDuV1EZs0EPP6Af2ieGMtgtzlApOfaogaGvUK0euguxSpudNE99eIaG9y0ngvqvGuaYsTsU6KxgzTCXtvdcweBFX5QewXoWGcE9H74B1XFkgdck_H160eSqNo0abUqZiq2tHpvC4VtcwtThtIG-gdIOQJbP-orFfTH2VWVfu9Nly-BDaHz6begTVUajdrYLMMXOLPo7OQMl5bY4UKm3RV8Xrhqom4IscgxT9moGF2dXFvsQCRNMW5J8-PsY-j-abTmrr_ymWBvj1MWkGEa20q4Y86rI7H6AqKueWhrEvNT9uxRf9_80s2H3wc73O9HT3yl4PmIgEg2YgDAZn9NFdG9eA5tG7tX4nhiazwZ5tDpWHV1bKKchSpAdun6_BsW0Q8YBtI2LMbX-dTF-czTdPKiuUxBSsuv7PcHq25fTNlsmsFQaoQBJRQIQwBePA20qJAy8RHZA7S2UBQ6L8F5k2fF68d1K9pBK8ngG7NRgOZjYMdSDzgSUvUv4xaeoYknUrzX2VB1UrxP-Sw4Y2bkNhvljOz-CEL_vU0OZTzSFORArSE9cHI4NNat-cJ-rHz7JeVGV1s6NYRjhWIGpS2FvaWQHpONEMjDol5F-0I-ZC-hFSZFdF_qRhjAhotntx4G1TbHeA4_jPfn9PeOaBY1aWhGMCgHt9a7vVU3FBXaYuPuTkc6Yj9ZM9wFaSfpubfp4SwX_5kNPvVjOEq3iQAQ0b6HkDNThg6BjazVb7G9GE-A_LbobO8HQldy9zmBcz3ejEIy1nFcZUvx0sbNSjdiJqfu-P6tU4qW5vteXpul3z___80dxRt2XAXm_4cySsbIgJEZsWCChw30VxCqtqciSG_Ech-Hr5dmleYmuyI-OaSjfcq5LDHnSmsLSPf0oIX_I9ctufHp1pakvOoGLiKe2ST0s8CFiwhbRvR7SQyLCA6ySn&sai=AMfl-YSGcAA7Fpv1ZCyEC0BNd4EnN8Lt_7zapMmmGpM89y9dc42npTfT9ggFgVa6Vn6-C_h5dkrmThr5SLsKLUPY9h_ibdkNVwIwkr1kSet4XkLJTKxew5fN7tGHWC2u0ISqPuD9p7NA6IYEOjjMM6Vof_ywD0iq1nLMjX_1Rg&sig=Cg0ArKJSzNyF5zoufC1hEAE&cid=CAQSTgDICaaNurNKonk8WeJrEWU0_9m3AaqWAjECtL_2Ouxfhh9gYyI74xtB3JDjJHK9_G1moruwCirYgQPz9exwVgNcjQ-T4DvUYvuWcQRdBxgB&id=ampim&o=1328,259&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=223&tls=1223&g=100&h=100&tt=1223&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:38:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 11:38:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F7A 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 10:16:45 GMT
expires: Mon, 25 Nov 2024 10:16:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 12AA 829 B
560 B 35ms
35ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ee0e331117ab41b0b63fbac146c9fa510edf2c201753c5ef054cc3a2b2d1891

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IQeqD7mbD4vYfqoVVPIbZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.officepools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IQeqD7mbD4vYfqoVVPIbZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 11:38:57 GMT
expires: Sun, 26 Nov 2023 11:38:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F7A 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 16:18:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 12AA 0
0 57ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1559222028465625&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0F7A 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LRPa_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:38:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1559222028465625&bg=!q6ilqOfNAAZxrfrxUa07ADQBe5WfOH6nfkKZ-Es675O55zy0Nrwj8F6-05S0n5yUWA8zGDy6YzmnIb9jTfNvBUn1RklbAgAAADlSAAAAAmgBBwoA1WXN95xKo_2r2RF6L8NCpyyKlZvqApnGF6Nzq_PGXSGUuxlOnDhJIkJV7Vob0lw3KG7YcsAA0ADCaU1BVJFOyR-UN5bZzovZSdAWDLsD2Btdd2wx_b5Dep0otniJ_WGogtUY2ceq5Xsohu1dQNb8tt3SM7amMLMAdnDhRJ_-uXQ8zahzCFbigq2tL0BF2svaJfvulkIxxdQ445YHj3rRxpLytnjd9pnIwwe5QIqgZR8YsYM3wMBz5LoGQ-lnqYWceYpqiVF2gS8T0IaHmLe6o21vMH_6h5kCtxRPxZXYczkjib8MXmIi3cnQRWQKvFX7Ehmi7JOA6CSevAxhnyd6Nj7M7yJBYKFgQ3Wku2fXsaIhYAo6JWMN9gqyB6GLljR7mngTfwTQBbjp6HWjM1xYW7xxnLfvA-nykP0gXa2vh8OjSuTbVzdrQqoCK4nF-XSZ19YTp6D-PW0vjAYnQw1S-g8tUFD8T6m6g3QfnU4SyqFF4OxFJQTflYIHe6rPm1jlwGSihfaaZqJUb4IJZ8oAR43nddl-oD2FlY1-m98gG03JV0i1AseZnfB1K012-R8X_il87efQK7MKfSD-eWO5i0_OiDLSYlR-aa8aKIoT6zDYt-Mg7ZFULy4EyaoYQ6nGDD0YFhDn0bNMVmZcUtr35type4QzG_lM2gH11HUkj50HD99f1vwXCeNhaAes0zTrtOlCGCtry-_InuGZsJH9LvypVrMb3Gec_en4Fx8N3MCkAJYxkRf49eZhGlz6G3acWkKMHAuUrZBfybt0VF0aQv-u-mr5Ct8o4U9bb7x3Dmow8-oq6CDm3X1j7swZv2iFYWUiXO3eWTH7UcG8MHZA38UvFeyuS67zVZRcwT2AEy_bj59w0gMbKTu6Brk3_kOtn9sIR3gIjrznfqDhET3Gjm55MqJ6XWJoZP1ixU1dvaFosN40VLSttWQbv5eKwBquJx9JV2M9O0LFzft8vwJOwvlqPvX7rqJQ4O2bIHKeEq192BwvJAx-o_o4EbRFMLvYWC6XDvnphzEliIF5Y99fMQtYKUilBQx534KcefV7QiaQWGpNX3PW1-dVE3j_tetmQroHWhOYl3Bl4zbiO-ZR3gauoQJPxZBqcYcbUKzW9vgn99Q6RpEW8EnApa2LogX1QcM69OH5Q3i0xn4r3Z0LBlXhIx4tB1qu898aItCLZZwwUZY8W_2tv99TE-KoJvuv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officepools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 match Show response
ads.betweendigital.com/ Frame 2030 68 B
598 B 28ms
28ms Document
image/png 188.42.34.65
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/match?bidder_id=261&external_user_id=3ced02bbfa54884d803382ed9c503c87
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 32ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VNV0NXC7N8&gtm=45je3b81v9101604724&_p=1700998735197&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1081192769.1700998735&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700998735&sct=1&seg=0&dl=https%3A%2F%2Fwww.officepools.com%2Femail%2Fsubscription%2F51bcd61d-16f8-46d8-9ad9-2419882845a8&dt=Subscription%20Settings&_s=2&tfd=7659
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VNV0NXC7N8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officepools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 11:39:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officepools.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: a.usbrowserspeed.com
URL: https://a.usbrowserspeed.com/cs?pid=c7e3ce26eaec570ef329be40aeaf9cabc7b01d37dd37b285d3b98cf19a2e21bb&puid=b276c960-75c0-4423-a9c1-e67451821940&r=https%3A%2F%2Faggle.net%2Fjs%3Fpid%3DOS45X5SNC%0A

Domain: cs.smartssp.iqzone.com
URL: https://cs.smartssp.iqzone.com/iframe?pbjs=1&coppa=0

Verdicts & Comments Add Verdict or Comment

402 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 17:13:10	Name: _li_ss Value: CggKBgiiARDLFg
www.officepools.com/	1970-01-21 01:14:08	Name: csrftoken Value: jwghZmtgh86UFZIu5YIjdqt3fGow5NXsfU4c5LU1l62HX2ewaHY3ac052fHVKRD5
www.officepools.com/	1970-01-20 20:20:22	Name: autologin Value: MPSFa5Dz9WxuUQfF2ART8KyGcMFSsxP2
www.officepools.com/	1970-01-20 16:50:08	Name: sessionid Value: ffecilqucsu3d02qu9wnesrv9qsnby6i
.officepools.com/	1970-01-20 18:39:34	Name: _rdt_uuid Value: 1700998734831.e2052a55-f9ba-4296-86cf-a6c6dc398e6a
www.officepools.com/	1970-01-21 01:15:34	Name: _uc_referrer Value: direct
.officepools.com/	1970-01-20 16:29:58	Name: lotame_domain_check Value: officepools.com
.officepools.com/	1970-01-20 18:39:34	Name: _gcl_au Value: 1.1.1992655723.1700998735
.doubleclick.net/	1970-01-21 01:51:34	Name: IDE Value: AHWqTUnmUt45HHQEYHxCsUDZa4KATKur_craGeDEQGqqOVzq8mMkltbT9R-FSprhcH0
.rubiconproject.com/	1970-01-21 01:15:34	Name: khaos Value: LPFEQ89G-6-O47
.rubiconproject.com/	1970-01-21 01:15:34	Name: audit Value: 1\|yQuirGeEF6ADdeBBy9DJsLU1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+8Vg2Gm3eMYVXJRjoLsdv8NVa17s/ItmCaOStvzY0m3aGQP1iLI3TC1ed0KbPRfgvL7FQD2yB//hsqlSNZOaaDQ=
.officepools.com/	1970-01-21 02:05:58	Name: _ga Value: GA1.2.1081192769.1700998735
.officepools.com/	1970-01-20 16:31:25	Name: _gid Value: GA1.2.1408882659.1700998735
.officepools.com/	1970-01-20 16:29:58	Name: _dc_gtm_UA-1739654-6 Value: 1
.officepools.com/	1970-01-21 01:15:34	Name: _hjSessionUser_2922416 Value: eyJpZCI6IjM2ODM4ZjNhLWM0MTItNWU1NS05YTAyLTVjNTFlM2M3MzFlMiIsImNyZWF0ZWQiOjE3MDA5OTg3MzU1MDUsImV4aXN0aW5nIjpmYWxzZX0=
.officepools.com/	1970-01-20 16:30:00	Name: _hjFirstSeen Value: 1
.officepools.com/	1970-01-20 16:30:00	Name: _hjIncludedInSessionSample_2922416 Value: 0
.officepools.com/	1970-01-20 16:30:00	Name: _hjSession_2922416 Value: eyJpZCI6IjJhZGNlYTJhLTM4NGQtNGY4YS04ZWUzLTZkOTBmYTI2YTYxMCIsImNyZWF0ZWQiOjE3MDA5OTg3MzU1MDUsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.officepools.com/	1970-01-20 16:30:00	Name: _hjAbsoluteSessionInProgress Value: 0
p2.gcprivacy.com/	1970-01-20 18:39:34	Name: gcid Value: 100fe09b-1386-4164-bf12-d18f9182257e
www.officepools.com/	1970-01-20 18:39:34	Name: gcid_first Value: 100fe09b-1386-4164-bf12-d18f9182257e
.betweendigital.com/	1970-01-21 01:15:34	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 01:15:34	Name: tuuid Value: 775e9b33-d2de-524a-88c5-ee1deda6c052
.betweendigital.com/	1970-01-21 01:15:34	Name: ss Value: 1
.betweendigital.com/	1970-01-21 01:15:34	Name: unm Value: 1
.officepools.com/	1970-01-20 18:39:34	Name: _fbp Value: fb.1.1700998735683.110528505
.adnxs.com/	1970-01-20 18:39:34	Name: icu Value: ChgI3uM8EAoYASABKAEwz9yMqwY4AUABSAEQz9yMqwYYAA..
.adnxs.com/	1970-01-20 18:39:34	Name: uuid2 Value: 900736731589920492
.quantserve.com/	1970-01-21 02:00:13	Name: mc Value: 65632e4f-c7507-911c1-2a222
www.officepools.com/	1970-01-20 16:30:02	Name: _lr_retry_request Value: true
www.officepools.com/	1970-01-20 17:13:10	Name: _lr_env_src_ats Value: false
.officepools.com/	1970-01-21 01:54:27	Name: __qca Value: P0-1990856813-1700998735687
.aggle.net/	1970-01-20 18:39:34	Name: aggcid Value: b276c960-75c0-4423-a9c1-e67451821940
.aggle.net/	1970-01-20 18:39:34	Name: aggsubsid Value: gAAAAABlYy5QO0u6jesdEW2udXbcNPDVw9i2SxfLj1EthZ5UfHhmjy_TRbIS3o0QnC1glSoHTMZuDVxyadLUwWPnOsnbw5cpj7jweuUZsC0rV8Ljib1STXUt32x2MuKDb-VMOidUqFr6
.aggle.net/	1970-01-20 18:39:34	Name: aggsid Value: gAAAAABlYy5Qg-7-fEoRDogze2aNQ86YXq55nmUcu63bmU6GbQd4XO5--yo49N0YdxYr33E_qcbn2RspvfFoYzPdkGKT9vZooYo6sXjAw48uyC1Ge_2NPhk
.criteo.com/	1970-01-21 01:51:34	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 01:51:34	Name: uid Value: 5b0687ed-c774-4251-bbfb-90fe4526ec28
.openx.net/	1970-01-21 01:15:34	Name: i Value: 91edf9eb-31e0-44a3-9878-65a90c21ee6c\|1700998736
.officepools.com/	1970-01-21 01:15:34	Name: connectId Value: {"ttl":86400000,"lastUsed":1700998736226,"lastSynced":1700998736226}
prebid.a-mo.net/	1970-01-20 16:29:59	Name: _Amc_b Value: 0
.liadm.com/	1970-01-21 02:05:58	Name: lidid Value: 86d13409-5906-404a-9b64-27a488f9d22d
www.officepools.com/	1970-01-20 16:31:25	Name: pbjs_li_nonid Value: %7B%7D
www.officepools.com/	1970-01-20 16:31:25	Name: pbjs_li_nonid_cst Value: zix7LPQsHA%3D%3D
.officepools.com/	1970-01-21 01:51:34	Name: cto_bundle Value: Bx2CMV82T3loZGxkdEhnVHg3U2I0endUN3Q2JTJGSWZoa2NDSTJ6eFRKYTlrSCUyRk9vbVBtZkR3OG1RVCUyRlQ2cUxEaXdaaU5qWVYlMkZBd0lqbXNYZ2RzSVN4eDVIYTJkazdvcEZYUkJnalpxQ3IzaEthOU56VThpSDlnMjM0TWVEbGRCT0JJR2dQbmxrcmVvbkw3azExOHNXemlzRzNKdyUzRCUzRA
.casalemedia.com/	1970-01-21 01:15:34	Name: CMID Value: ZWMuUBFBv-bJTrJ25iVzJAAA
.casalemedia.com/	1970-01-20 18:39:34	Name: CMPS Value: 2231
.casalemedia.com/	1970-01-20 18:39:34	Name: CMPRO Value: 2231
.officepools.com/	1970-01-21 01:51:34	Name: __gads Value: ID=f3afed5a2b7658e6:T=1700998735:RT=1700998735:S=ALNI_MbVaCIUrmhm4Ag0yT419gUGsL7e2Q
.officepools.com/	1970-01-21 01:51:34	Name: __gpi Value: UID=00000cdc995ee0e0:T=1700998735:RT=1700998735:S=ALNI_Mag7fQ1zGcmV71d3JX1XxoQE3Qkww
.officepools.com/	1970-01-21 02:05:58	Name: _ga_VNV0NXC7N8 Value: GS1.1.1700998735.1.0.1700998736.59.0.0
ads.adlook.me/	1970-01-21 01:14:42	Name: adlm_userId Value: 49630f77e60143e58872dd6df327e40a
ads.adlook.me/	1970-01-21 02:05:58	Name: adlk_cmatch Value: btw%3A775e9b33-d2de-524a-88c5-ee1deda6c052
.simpli.fi/	1970-01-21 01:17:01	Name: suid Value: E570E137A73B46549232650C53FD3E72
.bumlam.com/	1970-01-21 02:05:58	Name: suuid3 Value: IiQ2MjE2OWY4NC04YzUwLTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
.everesttech.net/	1970-01-21 01:15:34	Name: everest_g_v2 Value: g_surferid~ZWMuUAACf9-EDABH
.doubleclick.net/	1970-01-20 16:30:02	Name: DSID Value: NO_DATA
.creativecdn.com/	1970-01-21 01:15:34	Name: u Value: vS0GBRCcmhL4iJoOBU1D
.creativecdn.com/	1970-01-21 01:15:34	Name: g Value: vS0GBRCcmhL4iJoOBU1D_1700998736709
.creativecdn.com/	1970-01-21 01:15:34	Name: ts Value: 1700998736
.adhigh.net/	1970-01-21 01:15:34	Name: gi_u Value: 6nKg3McSDDw.AikABlGMC2zrEA
.aidata.io/	1970-01-21 02:05:58	Name: __upin Value: MdqiF5hEK6FPeNOH0GUh4Q
.aidata.io/	1970-01-21 02:05:58	Name: __upints Value: 1700998736
.adhigh.net/	1970-01-21 01:15:34	Name: btw_sync Value: LLsQ
.amazon-adsystem.com/	1970-01-20 21:43:53	Name: ad-id Value: Awuw9ZguvkFFpyxmasF4Tk0
.amazon-adsystem.com/	1970-01-21 02:05:58	Name: ad-privacy Value: 0
.yandex.ru/	1970-01-21 02:05:58	Name: yuidss Value: 7626684571700998737
.yandex.ru/	1970-01-21 02:05:58	Name: yandexuid Value: 7626684571700998737
.rezync.com/	1970-01-20 20:49:10	Name: zync-uuid Value: d4acc69b-832d-490a-977e-a8c5f48d582b:1700998737.1244383
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4BAg3mE3JGghVu7ud6Cj9r5yCd1aIrUkgUeKe77BnrR1D6hmEo5zWITTf1F2kPc6AAAA
.rfihub.com/	1970-01-21 01:51:34	Name: eud Value: H4sIAAAAAAAA_13IsRGAMAgAwAmsMgc5EkgAtyGgA1laOqmld5b_V5Fkj5i2QKknsKGDiRzgGuNkzaF97U0QzVRIauvMpHSX7Uvi-fz8AhmzM5daAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjQAIjNLEzNzIT5D3cycMm-jitLCUK-KIABXR02JJQAAAA
.rfihub.com/	1970-01-21 01:51:34	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1sjQAIjNLEzNzIT5D3cycMm-jitLCUK-KIABXR02JJQAAAA
live.rezync.com/	1970-01-20 20:49:10	Name: sd-session-id Value: .eJwNyk0KwyAQQOG7zDoWdcaf8TLB6BSkTVpismnI3Su8zQfvgvkr-5o32Q5Ix37KBOXdhjqkC3r7rfKCBM4gomVnWY88kw9wT9Cl9_bZ5lbHUymX4nlREW1VxDorDkFUjsU9KVYX7ZJM0Jo5BgwPY4kwItx_wD4l5w.ZWMuUQ.En2qYFktzlDow2Trl5etR4Mt4vE
.tns-counter.ru/	1970-01-21 01:15:34	Name: guid Value: A011683C65632E51X1700998737
.betweendigital.com/	1970-01-21 01:15:34	Name: ut Value: ZWMuUgALgVDiyS2Qv0BBjQ5i4gvdiRmODpGNyg==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.officepools.com/static/email.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.officepools.com/email/subscription/51bcd61d-16f8-46d8-9ad9-2419882845a8 Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://www.officepools.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7477921613 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://a.usbrowserspeed.com/cs?pid=c7e3ce26eaec570ef329be40aeaf9cabc7b01d37dd37b285d3b98cf19a2e21bb&puid=b276c960-75c0-4423-a9c1-e67451821940&r=https%3A%2F%2Faggle.net%2Fjs%3Fpid%3DOS45X5SNC%0A Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=d4acc69b-832d-490a-977e-a8c5f48d582b%3A1700998737.1244383&_=1700998737.1273482 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

695cd04a68f148eb8b80717ef15f00e0.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
a.usbrowserspeed.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.adlook.me
ads.betweendigital.com
ads.pubmatic.com
aegis.anonymised.io
aggle.net
alb.reddit.com
an.yandex.ru
ap.lijit.com
api.rlcdn.com
bcp.crwdcntrl.net
boot.pbstck.com
btlr.sharethrough.com
c.amazon-adsystem.com
cache.betweendigital.com
cat.hbwrapper.com
cdn-ima.33across.com
cdn.adapex.io
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.pbstck.com
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cloudflare.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
connectid.analytics.yahoo.com
contextual.media.net
creativecdn.com
cs.smartssp.iqzone.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image6.pubmatic.com
intake.pbstck.com
invstatic101.creativecdn.com
js-sec.indexww.com
js.pusher.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.rezync.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.gcprivacy.com
p.rfihub.com
p2.gcprivacy.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
prebid.a-mo.net
prebid.media.net
proc.ad.cpe.dotomi.com
pubads.g.doubleclick.net
px.adhigh.net
region1.analytics.google.com
rt.marphezis.com
rules.quantcount.com
s.amazon-adsystem.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
smartssp-us-east.iqzone.com
ssum-sec.casalemedia.com
static.anonymised.io
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
sync.bumlam.com
sync.richaudience.com
tags.crwdcntrl.net
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
vid.vidoomy.com
vpaid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.officepools.com
www.redditstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
a.usbrowserspeed.com
api.rlcdn.com
cs.smartssp.iqzone.com
104.18.35.167
104.18.36.155
108.138.1.25
108.156.60.77
13.32.27.113
13.32.27.21
131.153.158.209
141.95.33.120
141.95.98.64
142.250.186.66
143.204.210.101
147.75.84.158
15.197.179.7
151.101.194.49
151.101.65.140
151.236.118.210
157.90.0.38
157.90.211.246
172.64.149.180
172.64.151.101
176.34.96.61
178.128.135.204
18.157.205.178
18.161.97.100
18.194.217.116
18.202.39.252
18.239.18.33
18.66.122.63
184.30.20.22
184.30.21.51
184.30.22.30
185.184.8.90
185.64.189.112
185.64.190.78
188.42.34.65
192.241.157.60
193.0.160.131
193.232.148.134
2001:4860:4802:34::36
2001:6d0:4001::226
209.54.182.161
216.52.2.39
23.212.211.47
23.213.164.238
23.32.184.180
23.67.137.210
2600:9000:20ab:9200:6:44e3:f8c0:93a1
2600:9000:223c:1a00:10:dd8:5e40:93a1
2600:9000:2250:4800:a:e047:753:a221
2602:803:c003:200::44
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:10::6816:5d
2606:4700:10::ac43:1997
2606:4700:20::ac43:4a9d
2606:4700:3038::6815:eab0
2606:4700::6810:5614
2606:4700::6810:85e5
2606:4700::6811:180e
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:802::2001
2a00:1450:4001:802::201b
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c09::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:6b8::90
2a02:6ea0:c700::11
2a02:6ea0:c700::17
2a02:fa8:8806:21::1780
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::396
2a0c:5c87:5239::2
3.121.101.248
3.217.130.42
3.75.62.37
31.172.81.172
34.102.146.192
34.107.217.107
34.120.107.143
34.120.63.153
34.96.70.87
34.98.64.218
35.190.39.111
35.204.74.118
35.244.174.68
35.244.193.51
37.157.5.133
37.252.171.53
44.206.140.57
46.228.174.115
5.200.43.131
51.89.9.252
52.208.5.106
52.222.253.136
52.223.40.198
52.30.179.44
54.84.191.206
69.173.144.138
8.2.111.102
89.108.120.68
00b368c4c1da47181feed4a7c95aabb63daeafeda535c516cadfe3d0a1c0a6ff
010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5
02d9c8262e7af473748bc3fe8ff2b3240feea44368aea2073a8b86347c975b36
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
0409134df4107fe3d86b26248e3e8253287e929e94b690173bbab16e35686cd6
041efad2022b2803a1769657754b6e1a7e2751f5829c91b1eb3e25deea576623
05adb1a8ab31ced159adf8401bc91d0c28dc75777423ea84358b9565147b5925
05bd10ae0644358449b6562eeaa7ec2430de71e71f7b11122969495c9efb0384
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0f02a9308ef501813d63c8135299e1527f0abd38c235d5b91e2be91914285a5c
0f2b509a60a211ffc9307657f4e631470f7400aa8f1cfb2cf7ab14fe586f3fe0
1325de1e056a194a002e3471eaff649d99a30cf61f8fdd4a382194e4704736c8
13eeb8a3ac7201852772e2a843ced974f95719c6ab0b431e2324adb4f033e1a5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1952d6146ab8504190f0628aff6f6cc635e7f33d4d76b5ee6602c56d2a1f2dc9
1984efdda0fbe207d7ac20feac2ba7c2768c92a90094b02a206c9d58cc30ff2e
19ec710002c4bda34c21870623051ced5105e2edf31912ecc6077915801f5f03
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ee9194bac0c7d519c94b384faabb1499588d1a9f36644792cc23dbdcca13b86
203239e5f58dd1d399957d49ef965510be8859efc003b1ee17eeed3364f049f1
22713b59df97115dbdc0e0bffc77cd68d2d8982064dae689a4c039fa4e4f9455
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
24135d778329677664a6cad9b0abac537f5a787aeb68bb0b7f9c50b65c750678
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be5ba0b34cd75f80764f4c06596f5c17f22f57c0434aa165cc2817d26f6632d
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
340898148fb46dd451b21580b1c6d56e47e32d6ec5414ea815893f8a040a9b20
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a6835ef9ed369cbe5336e770d6ad235c245d04e7aeaff436d90424f1e3f2e5
37e41a6bc795ad946e789baaa04b520638f82a450a6c314dc662b8a62468edff
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ce01c8b4dd905618d8b9920c8528070c5f138eb8d751e7355b586a72f546982
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ee0e331117ab41b0b63fbac146c9fa510edf2c201753c5ef054cc3a2b2d1891
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4057ac28ca6244d49628f944056aa3bd54a14e5bc3abbf1da2ab693f90ea987e
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4421d90bbf983478021bbc14981742e33af47dcfbbbbd2df44b975257fde30cb
4493da95b09dbe4b3b7c47dccc069a17fab201a386cbc658ae19ef269be7dba2
461bdb5cbc52eb92b85db5b4b85dd97acbc4e283a7d710a27e1ade0edced47a5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476a7b1085cc64de1c0eb74a6776fa8385d57eb18774f199df83fc4d7bbcc24e
47ff311d507d16d4c0783611315b4229158616017127e831fec676f12ac33afb
4c0f4b04caf15fc28fd428b8d48e3e8aff8ee365ff6f0cf150469d60de0d487c
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4e78a9239212f375df3526b9c1336d485f5c6715aa7e839aa0a23917e90a4db4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51c507bb06e70439aeb360d4ffc02ded1d414b8d959d1b48ed7a995286ea2b7d
53f4ed63dd494364dab9ba4c97b729a4fc391b774fce06dd9814a1243f4b8173
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bcfa32e7026932877bb4efbfad1e974a0195c00129673f1a4910d43029ce90
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5725f04fd1f8882b1d02561933d648bb1a91349b0f33031e78ce0668d3751db3
5845423fa671b1f437768658bc1424ba2f089f85a8645e102bee9608a73e7e7d
5a52a0b6b58f624fa6dafe6cc5800ede53b33e528fed7feabbb4b65568ab984d
5c7b2a70948e5b7c046db0ecc31cb16e892be9b13ce3086b2610b21a0ae5372b
5da2a9406b028ad111e70c2ccf7935d27bb13ff5f5f55583ebccf01c11c6a51f
5ed439d7b2e01b1f42cd714fe05ad4010ead0dcf44f1a9fec4112210b2db9e5c
60fd53e675aa6d9fa8f14b65569ee67c61ed2ba890a751a8ff2ef05f93fdaafc
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
653e2b6f2c678f8444dc865c3144db0db4df6ebaadbfccb088db8a567d16fca7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
685b4e34c73d5fdd68b48efebeac401849e8b5cbff73e072c838d7d71d245bb3
69964e96e2be09052b76b4e18e827aab2b08641e457ff708fc5b4dc9391dd617
69f25c75da3fef0af80ad0e56f9e427f442f05ffa5e1f22cd2108f0786fed4b7
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6cb3cc8ea5afa8ee84d6167da47c4fe65510d6ea02c82699cb97b12b1acd9446
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
707531dde8909f05d743fd90cbf2d7fd9dfd98bb02ca12127ca7e4cd161a9378
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
722a4121ccf998eefa71a33203ddd5e99a0ba3243c0549cdf7302268fe0ba979
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7abab15f8cf21035cf86fb84bc7f91656635f8b194cf4e4bed574106fd740913
7baeba2d7d7427d0701f72316196499b08ca27f80bddf47bfbc23f246e76fd87
7e17a062becfc9475de23e29371e69c8508c6ee57f172435f3155330e3366cc0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80a7954255c29d8d63a3fe0e6cea1979f0c38969495a68f85788e31180b8483a
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81ee1eb09bffbe97a51660e7a7b932459436f2f0db79414a5e1f76dbaeb5dcfd
8265f78106a4d71d9417e6f70f16e2e362404b0549be5e5b7350b800ab13b852
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8426438983f234f291d2717bf2f3a071d8545018fb7d0bfd924a108c962f3a9e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86abd3729f207645ed7f540f99a82c47321191cc4df2602e5287ba6540ce38c6
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
889bd0eff3962093fa4f4deca6b36bf30d2c801565398202078e3e69399f5b22
8a41a5cfeaa620e0c3c53690e5f24f8d0bbcf3218c149139fb09bb7515b91e11
8b250a1d22fb721410722966d54a5e5eaa88ba47c14dafc197f633a4e579b98f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d930c2f5a8400c78ce415e91fd9a884d1fdfbe17e511cfdd00537a9550d4a4e
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e875c6751d3c59cd8d298e8b0269e6a4ec5c61ae6e61f88d4e631636c236235
90676b05ea199049b9bfa1498f4042e8ae9a93ca8bb2a66761b9bd366b135a26
90819e725df06568e1e39768d0e0878f36eaf6227b0987caab23a22f79bcd8f7
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
939cd8638170f1fddfc372282ff7602db9cd55f5888709457c8e5cbdd18db9bd
94691def3f31e9ac5f1f68fb951c3cddf6ae933d06a616328febf457356d5121
9680c6c5ba02952e8463de89f821127653016e4ddcd0be21acc13fc269c9f596
97c57548ef54a1666575f1130be49a73c2106f0958c6e2f95b48f66141eaf6ea
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9bfe1bbdb54edf381f3b49b277e17504e1101e48f4ab612d78ab10f240544461
9f73cceeba3e0923f8c2e173f0c8cc7981d5310828790e7bb25d9aea549e153e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a36cb9bb1e84cfd81007b838bbe925b0ce48583fadc5c2214f667eb0251d2ebd
a46bd44325bc32e47063e2d41cf497f2b8620f84ff7188ebfc8bd8158b5b9fc5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9d1263fa61e3d5275fb3ad1abd37f072bd833142b68d3318d641b0f64a69f07
ab489420500d25ccafc9071fdda82dc8eef7e1011cc8673fd1639b75f961c66a
adb5521f6daa28bf7a2f73decfaa78d1bd4efc45ab6e17eca144c3fcc4ccadba
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b05cec6146ad9f8fc0d19ad623ee20d2fd23f581db737db13f524395298a8120
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36c1a5158beed89ccf634498ded12f46717109f53c5924b7f091620a7dc726a
b4c3d8d7a0a89addbabdca597bddd1b4a3388600008cae225f6bfe3c28d5ac57
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
bfbbe0ab55ab6da1afe48a95f51ef4fbc5db79f49f9abdb407ab313745f64a1c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c56f30b3a9f7ede4eab84d1234b22c8406ae479e9ce744b061e90e47703ea997
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c89a2cf8bf444df7e11af2befd8c1f20a96c34bee6d13270e7692441843395da
c9754c8a3aba59957988aecd33f45f64a5bf1554e8d956608657739ab2bda115
cc6cc4f19848077e48a8f0895ea6ab37927093baa05adc19cefd65bca8e0ac61
cdedb1729acac414ed01744a11da7badb86adf13108e7bd3fa161b9323f7fe54
ce92550fe0818ea4eed26af4c214845537a8d15db9c3972784f58cbd83472552
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
dae40ca7b35fe7501bda2e4140a6860b1db47330be5d3c8ab6971fd83a70e9a5
dbbdec171deb372c361174525116fbf9d7ebae769fe950f113f4ef2eb19b65d7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e07f4113b4672813d729eb578e31a332067417360f06c5e774d75017a395a725
e330f79a96ea77687afb01cd85f6859a8b866bd5295e21832c6c88b85dedb4ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c67461b5940d4fe6fa754f2c7c1d459dbfb40c5bac1bc354077c58466712
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e8727a72cb304f13b2c0c46c23a71272e98631e4276187ab4ed79233bb162d32
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb18b43a63af2caf5194429e31fba788ee44ab408d75cbe3cd1f9adf0da14a7b
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f069c0d462d904edb8429fca6e2cb45eef0fd58bf7019a6bf11c9656184c55f0
f2efd3392a522ac1ad2a480838f09e6a0c23ac50eed6697b4104f0b0617fda33
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fcff04f4bec2b3636f05ed894dc1f9a752c4cb587ee49857ec7a82abaf6ca016
fe9907a110f479d61c62d14fbe7a423f4cd57e66f4ae6fa7f4956338c8c3c313

www.officepools.com Open in urlscan Pro 2606:4700:20::ac43:4a9d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

257 Requests

94 %HTTPS

36 %IPv6

81 Domains

126 Subdomains

103 IPs

12 Countries

3767 kBTransfer

11002 kBSize

75 Cookies

7 Outgoing links

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.officepools.com Open in urlscan Pro
2606:4700:20::ac43:4a9d Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

94 %
HTTPS

36 %
IPv6

81
Domains

126
Subdomains

103
IPs

12
Countries

3767 kB
Transfer

11002 kB
Size

75
Cookies

257 HTTP transactions
6 data transactions