urlscan.io logo urlscan.io
SecurityTrails logo

1stcapbank.com Open in urlscan Pro
198.54.120.180  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.1stcapbank.com/
Effective URL: https://1stcapbank.com/
Submission: On June 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 5 countries across 21 domains to perform 122 HTTP transactions. The main IP is 198.54.120.180, located in United States and belongs to NAMECHEAP-NET, US. The main domain is 1stcapbank.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 5th 2021. Valid for: a year.
This is the only time 1stcapbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 198.54.120.180 22612 (NAMECHEAP...)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
14 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2600:9000:206... 16509 (AMAZON-02)
2 178.250.2.148 44788 (ASN-CRITE...)
17 178.250.2.135 44788 (ASN-CRITE...)
3 178.250.2.150 44788 (ASN-CRITE...)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 69.192.160.219 16625 (AKAMAI-AS)
4 142.250.185.194 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
1 198.47.127.19 3257 (GTT-BACKB...)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 2 23.35.236.247 16625 (AKAMAI-AS)
122 29
5    198.54.120.180 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium57-5.web-hosting.com
www.1stcapbank.com
1stcapbank.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
14    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2600:9000:206f:1200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
17    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
Apex Domain
Subdomains		 Transfer
34 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
pix.eu.criteo.net — Cisco Umbrella Rank: 6881
csm.eu.criteo.net — Cisco Umbrella Rank: 7033
75 KB
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
330 KB
19 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2184
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
94 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
76 KB
6 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10664
ads.eu.criteo.com — Cisco Umbrella Rank: 7052
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8884
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13468
112 KB
5 1stcapbank.com
www.1stcapbank.com
1stcapbank.com
26 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
127 KB
3 gstatic.com
www.gstatic.com
14 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
www.google.de — Cisco Umbrella Rank: 5448
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
2 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1872
1 KB
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1303
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
460 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 629
166 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1589
350 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1107
463 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
647 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
39 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
122 21
Domain Requested by
17 pix.eu.criteo.net ads.eu.criteo.com
14 static.criteo.net ads.eu.criteo.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
1stcapbank.com
14 pagead2.googlesyndication.com 1stcapbank.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
1stcapbank.com
googleads.g.doubleclick.net
4 cm.g.doubleclick.net googleads.g.doubleclick.net
4 1stcapbank.com 1stcapbank.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 www.google.com 1stcapbank.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
2 ssum-sec.casalemedia.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 pixel.rubiconproject.com 1 redirects
1 image6.pubmatic.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com 1stcapbank.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google.de 1stcapbank.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com 1stcapbank.com
1 www.1stcapbank.com 1 redirects
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
122 33

This site contains no links.

Subject Issuer Validity Valid
1stcapbank.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-05 -
2022-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-22 -
2022-08-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-18 -
2022-08-13		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh

This page contains 14 frames:

Primary Page: https://1stcapbank.com/
Frame ID: 47FBCFD9A97D6D717BDE6622DDF8CED8
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/zrt_lookup.html
Frame ID: 504EDD5B82D5A0F585005493D608CAC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&adk=1812271804&adf=3025194257&lmt=1655998769&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1stcapbank.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998769394&bpp=3&bdt=379&idt=76&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1179878748340&frm=20&pv=2&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: EDA5F821B8E350B15C90B95A0EF79839
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&slotname=7685807385&adk=3828133531&adf=3805204237&pi=t.ma~as.7685807385&w=860&fwrn=4&fwrnh=100&lmt=1655998769&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998769394&bpp=2&bdt=378&idt=120&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=370&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z7l0mT02mV&p=https%3A//1stcapbank.com&dtd=226
Frame ID: 3D289ADA118FD991E1B22EABA3917EAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Frame ID: 2E99A14189102ECABCED21E9E414A8A8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5B07377C1B6B526082EAD4BC50F1E3E8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Frame ID: 08E746267E2BC131F4D43774098A288F
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Frame ID: A66888AD0A642A42877881FAD6DA27C4
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 8A486611E472172DADC5A36687D868BA
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
Frame ID: D7F73DC26E6E6F4BB4D2C2AC5BC4AD50
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Frame ID: C6A428109B87BC3E37CB667D9ED4E4FD
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DFB045BDC3EA73BB461504E488BA3A75
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A141A5D20B692A8CEB1E98E2B52382D7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 870C67B6FEBDB9019750A1BF72A3A1C7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online-Banking

Page URL History Show full URLs

  1. https://www.1stcapbank.com/ HTTP 301
    https://1stcapbank.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

122
Requests

97 %
HTTPS

65 %
IPv6

21
Domains

33
Subdomains

29
IPs

5
Countries

919 kB
Transfer

2560 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.1stcapbank.com/ HTTP 301
    https://1stcapbank.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GD7R0csD66XZAIseMtPKlaG3emCmXnR8V5I3K40r_nLNDO4sDps9FXiOBeLLBhuS7Nr_6wGHU_3gKzusWKwVhUqnUgBwwk&google_gid=CAESEBZoPDdXoM0eCQIudydAtIM&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GD7R0csD66XZAIseMtPKlaG3emCmXnR8V5I3K40r_nLNDO4sDps9FXiOBeLLBhuS7Nr_6wGHU_3gKzusWKwVhUqnUgBwwk&google_gid=CAESEBZoPDdXoM0eCQIudydAtIM&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMxNTM5MzEwMDAxMzMxOTMyNTgwOA%3D%3D&google_push=ARnp8GD7R0csD66XZAIseMtPKlaG3emCmXnR8V5I3K40r_nLNDO4sDps9FXiOBeLLBhuS7Nr_6wGHU_3gKzusWKwVhUqnUgBwwk
Request Chain 91
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKrrNZu3og6WDcPvZyLaXFA&google_cver=1&google_push=ARnp8GAD7w-uo8Vi2MpuaGJkygB4bCwACzmwXM7laKcOiWx9u5nypVeM_coBayFNcjVXG406NdXHfpG5EPXoZQaseUnveusvgsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRSNldURDItMVUtMU9WOQ==&google_push=ARnp8GAD7w-uo8Vi2MpuaGJkygB4bCwACzmwXM7laKcOiWx9u5nypVeM_coBayFNcjVXG406NdXHfpG5EPXoZQaseUnveusvgsA
Request Chain 92
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECEf1keEdsHkZrYiSr_i7wo&google_cver=1&google_push=ARnp8GBPLPJpQk6IGy6t0z0ECH9VyxURupbSIjmLSa8mic0nd4PcxF9YifS2hg8cEgadMTVND4Vmz0fzg0ZV_yeDc-_9016-8oU HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECEf1keEdsHkZrYiSr_i7wo&google_push=ARnp8GBPLPJpQk6IGy6t0z0ECH9VyxURupbSIjmLSa8mic0nd4PcxF9YifS2hg8cEgadMTVND4Vmz0fzg0ZV_yeDc-_9016-8oU&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrSJMlBbnsEvAdKqAx_tEgAABHwAAAAB&google_cver=1&google_gid=CAESECEf1keEdsHkZrYiSr_i7wo&google_push=ARnp8GBPLPJpQk6IGy6t0z0ECH9VyxURupbSIjmLSa8mic0nd4PcxF9YifS2hg8cEgadMTVND4Vmz0fzg0ZV_yeDc-_9016-8oU

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1stcapbank.com/
Redirect Chain
  • https://www.1stcapbank.com/
  • https://1stcapbank.com/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.120.180 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium57-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
31a4528f74a55f829e5318df188d94c48585da153a5463880aa5dfa4dc770d8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
3678
content-type
text/html
date
Thu, 23 Jun 2022 15:39:28 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

content-length
707
content-type
text/html
date
Thu, 23 Jun 2022 15:39:28 GMT
location
https://1stcapbank.com/
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
all.css
1stcapbank.com/assests/fontawesome/css/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1stcapbank.com/assests/fontawesome/css/all.css
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.120.180 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium57-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
br
last-modified
Thu, 27 Jun 2019 05:47:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
12135
expires
Thu, 30 Jun 2022 15:39:29 GMT
styles.css
1stcapbank.com/assets/ 		4 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1stcapbank.com/assets/styles.css
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.120.180 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium57-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
27cbacdd1ad6af761bd78fd1e4fb0db4809dbfc39f28498db3d6f8eb5dfbbf39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
br
last-modified
Mon, 06 Apr 2020 12:33:17 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
764
expires
Thu, 30 Jun 2022 15:39:29 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-142783276-1
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c10023675c5439cee59bad4386996658778d00a8ce746ac1cd22f60774869260
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39807
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 15:04:16 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Jun 2022 15:39:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04fcd73ca4fbc0c362fd9f3596873da779a98aa00a89a2bd28e5df43bc211d1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56387
x-xss-protection
0
server
cafe
etag
36403083517544604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 15:39:29 GMT
xonline-banking-logo.png.pagespeed.ic.6UqVEw0QIw.png
1stcapbank.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1stcapbank.com/images/xonline-banking-logo.png.pagespeed.ic.6UqVEw0QIw.png
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.120.180 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium57-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
852b5d6f170cfee339763f6166c2dc79501672f8556c667f02d5f859cd19ef04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
last-modified
Thu, 27 Jun 2019 11:19:56 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
8912
expires
Thu, 30 Jun 2022 15:39:29 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-142783276-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3022
date
Thu, 23 Jun 2022 14:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Jun 2022 16:49:07 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a34ff9db744b044f4dda44d101a3328b7aecca5432870058afdf74e403a7b00c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122782
x-xss-protection
0
server
cafe
etag
18140783781267399579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 15:39:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/ Frame 504E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 18:45:03 GMT
etag
8616628553774171045
expires
Wed, 06 Jul 2022 18:45:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=630121151&t=pageview&_s=1&dl=https%3A%2F%2F1stcapbank.com%2F&ul=en-us&de=UTF-8&dt=Online-Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=863372191&gjid=714701688&cid=790762531.1655998769&tid=UA-142783276-1&_gid=1430227251.1655998769&_r=1&gtm=2ou6f0&z=1214749083
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1stcapbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-3509331315373891
fundingchoicesmessages.google.com/i/ 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3509331315373891?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afc919e50374ea6cc4f7cfcb32e6cb5c73633c1b198144681a0b2d9cc7c95f9a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TCF9r53yu_MLyV7YFG01HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-TCF9r53yu_MLyV7YFG01HA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TCF9r53yu_MLyV7YFG01HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-TCF9r53yu_MLyV7YFG01HA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142783276-1&cid=790762531.1655998769&jid=863372191&gjid=714701688&_gid=1430227251.1655998769&_u=YEBAAUAAAAAAAC~&z=171469608
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Jun 2022 15:39:29 GMT
content-type
text/plain
access-control-allow-origin
https://1stcapbank.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=1stcapbank.com&callback=_gfp_s_&client=ca-pub-3509331315373891
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
12052fc69360740240e61ca2dd8816c9865883edc466b189d84bf4d5b414bc92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=1stcapbank.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1stcapbank.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 15:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EDA5 		211 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&adk=1812271804&adf=3025194257&lmt=1655998769&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1stcapbank.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998769394&bpp=3&bdt=379&idt=76&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1179878748340&frm=20&pv=2&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fb608c969813718cd7b08c9bba1f9aae1b5d53a1af8747260ad1b29883bc138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
50401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 15:39:30 GMT
expires
Thu, 23 Jun 2022 15:39:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3D28 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&slotname=7685807385&adk=3828133531&adf=3805204237&pi=t.ma~as.7685807385&w=860&fwrn=4&fwrnh=100&lmt=1655998769&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998769394&bpp=2&bdt=378&idt=120&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=370&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=z7l0mT02mV&p=https%3A//1stcapbank.com&dtd=226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d70b95ca455b1c0b7135f61dd4c1781a0f47a312d541d7abb7db2975bcebc7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 15:39:30 GMT
expires
Thu, 23 Jun 2022 15:39:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWSS7FF0N9YkIesI0XmGQVxX-YaOgr79P2cJVIcLECbM7jqGmTm8xDTA8EH46No-I19Ww6aiXEydDY_gUsOmw==
fundingchoicesmessages.google.com/f/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWSS7FF0N9YkIesI0XmGQVxX-YaOgr79P2cJVIcLECbM7jqGmTm8xDTA8EH46No-I19Ww6aiXEydDY_gUsOmw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU1OTk4NzY5LDYyOTAwMDAwMF0sIjQzNTE4Njc2LUI0QUYtNDJFQS1CN0I1LTZBM0Y4QTFFQjkxMCIsIjExMEU5NUJFLUIyQzctNDg0OC05QTI2LUU2QjkwMEU4NEIzRCIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHBzOi8vMXN0Y2FwYmFuay5jb20vIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Sn1wwjhZMoo.es5.O/d=1/rs=AJlcJMz-QM0dUer8qwAXFSzUdaMsNDF1og/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54708253e95176a14defe1d581e389b43bd0fd870d305837b773a652ec1b1fab
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-msYml93FLhu1NnAC-6QgIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-msYml93FLhu1NnAC-6QgIg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-msYml93FLhu1NnAC-6QgIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-msYml93FLhu1NnAC-6QgIg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 23 Jun 2022 15:39:29 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142783276-1&cid=790762531.1655998769&jid=863372191&_u=YEBAAUAAAAAAAC~&z=848576548
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142783276-1&cid=790762531.1655998769&jid=863372191&_u=YEBAAUAAAAAAAC~&z=848576548
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUbQIPuO3HqCMyQO_cn1Q0kXqV5XPyjugvd1x7G055CZEGdZL_LI0lFUNdN8-8Ofecy7yG4mhacRqTxhxbYwavtb8FIhDtFEExisfSsw-7ed1h4BqtkcJAElYmKowbUYgI5O8vadyqY9BS-4M4z0_GY3pbNDntaFrQzldu5hwiXk1P4fXrK2qayFSw=
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUbQIPuO3HqCMyQO_cn1Q0kXqV5XPyjugvd1x7G055CZEGdZL_LI0lFUNdN8-8Ofecy7yG4mhacRqTxhxbYwavtb8FIhDtFEExisfSsw-7ed1h4BqtkcJAElYmKowbUYgI5O8vadyqY9BS-4M4z0_GY3pbNDntaFrQzldu5hwiXk1P4fXrK2qayFSw=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.2mNdio60OYo.es5.O/d=1/rs=AJlcJMwUHZNcARJPFTRw_WUJ8fK_6r5dOA/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wEqQe21lXofAzxpf8pJGFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wEqQe21lXofAzxpf8pJGFw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://1stcapbank.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wEqQe21lXofAzxpf8pJGFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wEqQe21lXofAzxpf8pJGFw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWwNpAlSVo4WiDw6BiI1PfqDE_8WYv1tsV2ZGQ0GMN5gK093eEc8uGEyMTTLHfAlv3FCmCCZZg2VP2Ot31Br8-URwAsvoVzQYG1IPlAS9gE_hAhZwXxfif74E47Ol0qAOgbKT8rk_KzdQ9tqGHloWYgZibe0EKZ4wz_rmZPiDFwb2G6Ib25ike_9B8=
fundingchoicesmessages.google.com/f/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWwNpAlSVo4WiDw6BiI1PfqDE_8WYv1tsV2ZGQ0GMN5gK093eEc8uGEyMTTLHfAlv3FCmCCZZg2VP2Ot31Br8-URwAsvoVzQYG1IPlAS9gE_hAhZwXxfif74E47Ol0qAOgbKT8rk_KzdQ9tqGHloWYgZibe0EKZ4wz_rmZPiDFwb2G6Ib25ike_9B8=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU1OTk4NzY5LDY5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwczovLzFzdGNhcGJhbmsuY29tLyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.2mNdio60OYo.es5.O/d=1/rs=AJlcJMwUHZNcARJPFTRw_WUJ8fK_6r5dOA/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
973d3b3cace7d6f0521dbd314c5de59c28af57c428284578ad139cc5b67710a1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zc6qeiIjzn28tnjlGM3fdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Zc6qeiIjzn28tnjlGM3fdg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-Zc6qeiIjzn28tnjlGM3fdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Zc6qeiIjzn28tnjlGM3fdg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Thu, 23 Jun 2022 15:39:29 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.465641550734561
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6ZOdL2e_QjBDbMzQztuWrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-6ZOdL2e_QjBDbMzQztuWrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-6ZOdL2e_QjBDbMzQztuWrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-6ZOdL2e_QjBDbMzQztuWrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.7725923359518476
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-Ui_u6wo-mI2-ufmzAi53jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-Ui_u6wo-mI2-ufmzAi53jw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-Ui_u6wo-mI2-ufmzAi53jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-Ui_u6wo-mI2-ufmzAi53jw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 23 Jun 2022 15:39:29 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.1dXtAeQQiPY.es5.O/d=1/rs=AJlcJMx-mlEDg0voZAsANEsrqJd6oRyISg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mctPCR_wBUAti5XSIUS5nQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mctPCR_wBUAti5XSIUS5nQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://1stcapbank.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-mctPCR_wBUAti5XSIUS5nQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mctPCR_wBUAti5XSIUS5nQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/ 		148 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/reactive_library_fy2021.js?bust=31068166
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4b44f1079328c8d94d0ae18c9b05b41fff67189a5b43fbd3de1c873c0efbed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54091
x-xss-protection
0
server
cafe
etag
8260224790141629302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 15:39:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-3509331315373891&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-3509331315373891&warn=12%2C13&w=1600&h=1200&pp=4&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220620_103543&sat=1655859375839&afm=2%2C0&as_count=1&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.027&alldns=0.054&allp=22&fd=(0%2C9%2C1)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=10308&abl=false&rr=n&su=1stcapbank.com&pvc=2686703078917632&r=0.1&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=1stcapbank.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1stcapbank.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2E99 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56168353f0b8cbe6cb135c1eb249e8e4b4abdca54e642918e309bf124990f1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11650
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 15:39:30 GMT
expires
Thu, 23 Jun 2022 15:39:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-3509331315373891&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/ Frame 5B07 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
42315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 03:54:15 GMT
etag
8616628553774171045
expires
Thu, 07 Jul 2022 03:54:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/ Frame 08E7 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
42315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 03:54:15 GMT
etag
8616628553774171045
expires
Thu, 07 Jul 2022 03:54:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 5B07 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 14:24:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Jun 2022 15:39:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Jun 2022 15:39:30 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5B07 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:30:04 GMT
x-content-type-options
nosniff
age
566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 23 Jun 2023 15:30:04 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5B07 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 11:52:44 GMT
x-content-type-options
nosniff
age
13606
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 23 Jun 2023 11:52:44 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/ Frame 5B07 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:36:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 08E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CCGRAMYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBM8BT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjsgyZT_y2kJqW6nRw3_kXcQLpMDCZ6U9ccv30gfSmMTHVSRFiWrjgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNTA5MzMxMzE1MzczODkxGAA&sigh=DcZSAdufn30&uach_m=[UACH]&cid=CAQSGwCNIrLMip0D8ZOcYv5CvZ9NvMK4HFpVbmdAnxgB
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Jun 2022 15:39:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 23 Jun 2022 15:39:30 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 08E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=keb8EMz6RO0HfJ2DYgICAAAAx3uaB4kZgLfF82juEDGJtGKwVtfzSoosJT73LAASAAA&wp=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
server
Kestrel
server-processing-duration-in-ticks
286415
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame A668 		176 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8ee41c5561cb3d074afd375f527ccb8d8ebd093409f4c8ce09a877cf93d1653b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 15:39:30 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=omKj0huqesNotY3Wf1tBLKfFfAmmvxXt93D-Cb5MMzK9Uf38xXQII_AW6nSi4CGGRBujnJnhA-Xcpygtp_Hgn1e_z8CdV4TsP_4NLjQ9Kh-yNrXdZzVSifb3Upg7ih5Bp7JobTpc8wo27GsKjlevxmoFpYE8QuqpNzLUybL4E3-64plxpvui-mH2Di9eEDdWhWgBfC0zZRXNLt-kvl2t6MTj_ukwfc7HBwa1lsJLjrzmJGRNNFJzKQ9_W8ZqQIlZEvWCMA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
104349809
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 08E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:34:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 08E7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:35:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:35:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 08E7 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43180
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655912982481896"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 15:39:30 GMT
truncated
/ Frame 08E7 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30e39ceb6334f20536d5f94eecd86100586079d0c78cc9379aceaa23bbc9bb2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 8A48 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:35:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:35:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame 8A48 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:34:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 8A48 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:35:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 8A48 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:37:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A48 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43180
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655912982481896"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 15:39:30 GMT
10f77a9ed5e9dbc13462adf17b625271.js
www.gstatic.com/mysidia/ Frame 8A48 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 13:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12964
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 13:56:14 GMT
bannerad.
fundingchoicesmessages.google.com/f/AGSKWxVpWXjZhFmYCK4UGFDXL_hmP_FNbdIR_KR3PMBnjg5joYG_WJKrKMQk0ro4tTTJozZFlnouBt2p65YVCme_KPdZNVRGg6-t1X4gBPE4DxLu3ralxRVefrDjtP-dcqLptAGeSFmb6YuCSgfFK9iteGaOnjZ6P... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVpWXjZhFmYCK4UGFDXL_hmP_FNbdIR_KR3PMBnjg5joYG_WJKrKMQk0ro4tTTJozZFlnouBt2p65YVCme_KPdZNVRGg6-t1X4gBPE4DxLu3ralxRVefrDjtP-dcqLptAGeSFmb6YuCSgfFK9iteGaOnjZ6PfJMm8quAUt8-EM_r20wZMDukkjMMhzHpGIHHkgcm7hRQtbHJWvtdb6XdYxW7UX5dh_hEOc-CdT8yNtBYw==/_/delay-ad./revboostprocdnadsprod./728x90banner./phpads./bannerad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.1dXtAeQQiPY.es5.O/d=1/rs=AJlcJMx-mlEDg0voZAsANEsrqJd6oRyISg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f38ab679f1bba14b100b592a7fd9cfd13ad90dbad5e0b28ada7ad5911c15035c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2EgL2H8qBSfrDzUj6sNyNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2EgL2H8qBSfrDzUj6sNyNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-2EgL2H8qBSfrDzUj6sNyNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2EgL2H8qBSfrDzUj6sNyNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 23 Jun 2022 15:39:30 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.1dXtAeQQiPY.es5.O/d=1/rs=AJlcJMx-mlEDg0voZAsANEsrqJd6oRyISg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a6e6e323df927765e866c051989781fd3c66b3276cc85d3ff77329cd516b7a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 14:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8247
x-xss-protection
0
server
cafe
etag
9022599643932383378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 15:43:41 GMT
AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.1dXtAeQQiPY.es5.O/d=1/rs=AJlcJMx-mlEDg0voZAsANEsrqJd6oRyISg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VR4WuTwIgxesRV4fXkduEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VR4WuTwIgxesRV4fXkduEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://1stcapbank.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VR4WuTwIgxesRV4fXkduEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VR4WuTwIgxesRV4fXkduEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.1dXtAeQQiPY.es5.O/d=1/rs=AJlcJMx-mlEDg0voZAsANEsrqJd6oRyISg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dWc2L0BaVzB_gcFbkPaxwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dWc2L0BaVzB_gcFbkPaxwg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://1stcapbank.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-dWc2L0BaVzB_gcFbkPaxwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dWc2L0BaVzB_gcFbkPaxwg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.1dXtAeQQiPY.es5.O/d=1/rs=AJlcJMx-mlEDg0voZAsANEsrqJd6oRyISg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MjM3mkUnWBoxoPHjme9v3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-MjM3mkUnWBoxoPHjme9v3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://1stcapbank.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MjM3mkUnWBoxoPHjme9v3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-MjM3mkUnWBoxoPHjme9v3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX8FOD7DL5A3woJ62X5AHFikhnfxjA-KVfOHvanipmNpnux1y6Lmg6df05JYkMLIGE9iBcu4hposn52CvdnWD3Gi058YAEKQiFOCNkYrKKciBhgvbJzDXNbRIhe1imq_l17Be_kR6_X_45D1SrOKW_e3AqiJSaOgY0wUcr7gkBROV2nO3Bf6mCWsoM=
fundingchoicesmessages.google.com/f/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX8FOD7DL5A3woJ62X5AHFikhnfxjA-KVfOHvanipmNpnux1y6Lmg6df05JYkMLIGE9iBcu4hposn52CvdnWD3Gi058YAEKQiFOCNkYrKKciBhgvbJzDXNbRIhe1imq_l17Be_kR6_X_45D1SrOKW_e3AqiJSaOgY0wUcr7gkBROV2nO3Bf6mCWsoM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU1OTk4NzcwLDQ2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vMXN0Y2FwYmFuay5jb20vIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.1dXtAeQQiPY.es5.O/d=1/rs=AJlcJMx-mlEDg0voZAsANEsrqJd6oRyISg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6889f40c818606c041915918ed0af992a7ca82a757dfb834fbf7068b384de48b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WprZKZZaRR19NPqxnEWAEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WprZKZZaRR19NPqxnEWAEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-WprZKZZaRR19NPqxnEWAEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WprZKZZaRR19NPqxnEWAEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 23 Jun 2022 15:39:30 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVCetiXkpJRFsdFYtq4xkrS1k88Z2JNZUSFRetUg1LtWYS8ckXUm1Gzpxco1VO9MtytzzHJn8QTf9lwbR3953FnXgS6rx6k__ESPuTs1TxnC5nuwpmEH3stWUtwFe6Zc56y1HnpiCAd6VzR_tOl7R4YJMWnJKbUEFCJPASKpJXha1DryMXrEZyVTfE=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.1dXtAeQQiPY.es5.O/d=1/rs=AJlcJMx-mlEDg0voZAsANEsrqJd6oRyISg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-57aKmwLlXTU3nJlvI61Lbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-57aKmwLlXTU3nJlvI61Lbg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://1stcapbank.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-57aKmwLlXTU3nJlvI61Lbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-57aKmwLlXTU3nJlvI61Lbg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
pagead2.googlesyndication.com/bg/ Frame D7F7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
Requested by
Host: 1stcapbank.com
URL: https://1stcapbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
972198b02b9e13cc91f17a0e0cea3af056c3ad7fc8eb79d4881c9dc427ca8aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 14:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13789
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Jun 2023 14:19:27 GMT
AGSKWxX1Gqo74bin9-UZIe7ZZLdVJKGkzXm7AvwLSiNmJ-s3WKXZeOXziiS79E9JaPsXe3T7bCeVvYcnBtrWQdpDRtzBiUqFUL2-KuUmabO3guT0O71zacNI2xYpgJOhU2EfBRH3SruqZbwidvyN7svi_kMwvPe4F5oaTm_nzBIO7p3avQIYUrnEtX-XfNs=
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1Gqo74bin9-UZIe7ZZLdVJKGkzXm7AvwLSiNmJ-s3WKXZeOXziiS79E9JaPsXe3T7bCeVvYcnBtrWQdpDRtzBiUqFUL2-KuUmabO3guT0O71zacNI2xYpgJOhU2EfBRH3SruqZbwidvyN7svi_kMwvPe4F5oaTm_nzBIO7p3avQIYUrnEtX-XfNs=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.E1yKWnF4wV8.es5.O/d=1/rs=AJlcJMzWzD8YgAsGH1nOUj2eqn8kYFaKzg/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sApazalEuWDernQF1VJ_2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-sApazalEuWDernQF1VJ_2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://1stcapbank.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-sApazalEuWDernQF1VJ_2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-sApazalEuWDernQF1VJ_2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame A668 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A668 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A668 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Jun 2023 15:39:30 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A668 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 18 Jun 2023 15:39:30 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame A668 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1655998770
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
9pmFN3Wy2xDgb2v9MF1vVdWLegf3LavJ_lkDa3P1VWKhyqoDRx8IVQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame A668 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SosWBvEQXosB4o_DSZQa_qdMyZ6N2otGGmIYHMAeXGiYbNXYoO4lxg_mm7CcEOXaTGVSunGXJ17-TFUC_TDd5NNq8UAFemhSkMu0sANP3VEYDDRdOdxNLdri9dBrmz7YecRVjwiUEO1jfdpwcjUDHGZbToiEJP1miXTSRMw2x7bdhTHK0KZiKpBCmVMnpaFs491B8q2xBABqIDQOw1CGfnPVs-4jZl4NF7_mNjVH-biVD0Zje_ltLpPB6R9vjsD11lFHK5WV_F4n7jrbPdfBIfl6WrLR3_utUhKWMVFqTSVpqSJtAH_zEm13h_UAxTNGsfuVpsm3WtbSVFXUZkbviY7t8GW8fi9C6GDipU0Ha4u6IYwdh-ioIOsZFkmBjDku5qHpq8g9FqZC3oJoEZ8XovxG8X8kxBa9z07vlGumHx_ifxkyExmHJ6NTUrwIhj1gBdgivA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:29 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1809848
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame A668 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
img
pix.eu.criteo.net/img/ Frame A668 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=OSVWZlqsAEjHj4o1uxJfPYMJ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29179153
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Sat, 27 May 2023 08:58:43 GMT
img
pix.eu.criteo.net/img/ Frame A668 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoDr-Heimeier-Partner-3816DE-2103101358.gif%3Feb%3D1&v=3&w=400&s=nP7EkhX8e0b7AFgKygH6pay-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5d760aad03bc4ac8a4fd9068883549af9c1dc154081f62b98f0e493748ba91f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=403623
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4816
expires
Tue, 28 Jun 2022 07:46:33 GMT
img
pix.eu.criteo.net/img/ Frame A668 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoMETRO-Deutschland-GmbH-9511DE-2201271201.gif%3Feb%3D1&v=3&w=400&s=3OOo8AYHqi_kArfrM3j60PNj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fddfa575589816ec61a0db7adeff0301fff1edde22109669584256c00c35f90f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=276166
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2798
expires
Sun, 26 Jun 2022 20:22:17 GMT
img
pix.eu.criteo.net/img/ Frame A668 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Meindl-u-Partner-Verrechnungsstelle-GmbH-139545DE.gif%3Feb%3D1&v=3&w=400&s=OEC11Z9rjyZetjUjA1x1yYe1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1732
expires
Sun, 18 Jun 2023 15:39:30 GMT
img
pix.eu.criteo.net/img/ Frame A668 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoConcentrix-Germany-169413DE.gif%3Feb%3D1&v=3&w=400&s=MLCPOuNtUjk_FrjlqcdavKOt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1786342
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3064
expires
Thu, 14 Jul 2022 07:51:53 GMT
img
pix.eu.criteo.net/img/ Frame A668 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
server
Finatra
vary
Origin
content-type
image/gif
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
43
expires
-1
img
pix.eu.criteo.net/img/ Frame A668 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2449244
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Fri, 22 Jul 2022 00:00:15 GMT
img
pix.eu.criteo.net/img/ Frame A668 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoAmazon-Workforce-Staffing-245849DE-2005201401.gif%3Feb%3D1&v=3&w=400&s=S8H46qf3EvuvyZds2gfujwsz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1398006
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1902
expires
Sat, 09 Jul 2022 19:59:37 GMT
img
pix.eu.criteo.net/img/ Frame A668 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoIU-Internationale-Hochschule-97654DE-2103221157.gif%3Feb%3D1&v=3&w=400&s=O4bDopa3QDV55yfisL13DqEX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a98ec1a2127ccc8939a1152fd7c503ddfa506de8cd7a52a79fe66f3102199912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1898
expires
Sun, 18 Jun 2023 15:39:30 GMT
img
pix.eu.criteo.net/img/ Frame A668 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoHEG-Hamburger-Entsorgungsges-mbH-211382DE-2109241217.gif%3Feb%3D1&v=3&w=400&s=GAGgayIVI71Wcj5WouOesu0V&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9a47286ed41ee7f0ec640ebb5a4d76a71cf2c64ae2ff50cb4ad102b5143438a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1562980
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2212
expires
Mon, 11 Jul 2022 17:49:11 GMT
all
csm.eu.criteo.net/ Frame A668 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=omKj0huqesNotY3Wf1tBLKfFfAmmvxXt93D-Cb5MMzK9Uf38xXQII_AW6nSi4CGGRBujnJnhA-Xcpygtp_Hgn1e_z8CdV4TsP_4NLjQ9Kh-yNrXdZzVSifb3Upg7ih5Bp7JobTpc8wo27GsKjlevxmoFpYE8QuqpNzLUybL4E3-64plxpvui-mH2Di9eEDdWhWgBfC0zZRXNLt-kvl2t6MTj_ukwfc7HBwa1lsJLjrzmJGRNNFJzKQ9_W8ZqQIlZEvWCMA&sds=2&rev=81817&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 15:39:29 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A668 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A668 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 2E99 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:35:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E99 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43180
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655912982481896"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 15:39:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 2E99 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 15:37:33 GMT
l
www.google.com/ads/measurement/ Frame 2E99 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTx849kPUZn27YNMLA2Xw70RUEISqgqkZMG59PrPePx-ZzLlDFRDMolFR3hmPBU5m7_ky4tQKVT0uHoTQOgD9C31TF9nw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 2E99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CaKXtMom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE1QFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WHqD0b6IPXOu1J8-ARcDNjmNtirG9B4F6bPf9CEDGYcLCefLiGrWqABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM1MDkzMzEzMTUzNzM4OTEYAA&sigh=BMQRUR4wBP0&uach_m=[UACH]&cid=CAQSPACNIrLM7rIi5tISkjUGMASOrGkoUzHOq_do-Zt8f6hvmGpR7DYlfSECHO_WjLv7YKnrZ756FZN_xrW4MhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Jun 2022 15:39:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2E99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=keb8EMz6RNEGmAKdg2ICAgAAAMd7mgeJGYC3xfNo7hAyibRivIoxANcBb47XtKgAEgAA&wp=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:29 GMT
server
Kestrel
server-processing-duration-in-ticks
228355
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame C6A4 		194 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08a4c6ec97c574af3e730f5e4d9b5b6770d627d49f5d9e2e2d1bec382779e20a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 15:39:30 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gVLT2RuqesNotY3WSGa9d77G1kFuxmbN9j9V_ruOiUr_JPCKu8Z4hUEwI_1m3YlNUe8i1VGaEPLgyCdxDt8QbawSrYFRei8tD445vCUyfzbRw8nby_TjSgGe_ymIYo5pWLsiOl0AZqe3hyLRtJnrrpDAjIWM--QlAmY39xomt0vshRGuT_WsMbE1HVnTHTiMKiPPh8-fTyiko_Ffif0CEE5tu4LiXw5zglrMcmuWOBKLS25wLNkzMDY_uOKsbKGoK0lGbw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
84456390
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DFB0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35146
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Fri, 24 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame DFB0 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIOUUEh70Y7ZZ3HAUvUJbcM&google_cver=1&google_push=ARnp8GD8JY1ojRX55vU6UmSaCcJdmkfv5MuOBKzT6erTqycTCb17DTxOV1AigDuWwuxGxfn4YH_ObZmbo0NLnh8VUq0pf1_5s5o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DFB0
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GD7R0cs...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GD7R0cs...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMxNTM5MzEwMDAxMzMxOTMyNTgwOA%3D%3D&google_push=ARnp8GD7R0csD66XZAIseMtPKlaG3emCmXnR8V5I3K40r_nLNDO4sDps9FXiOBeLLBhuS7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMxNTM5MzEwMDAxMzMxOTMyNTgwOA%3D%3D&google_push=ARnp8GD7R0csD66XZAIseMtPKlaG3emCmXnR8V5I3K40r_nLNDO4sDps9FXiOBeLLBhuS7Nr_6wGHU_3gKzusWKwVhUqnUgBwwk
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMxNTM5MzEwMDAxMzMxOTMyNTgwOA%3D%3D&google_push=ARnp8GD7R0csD66XZAIseMtPKlaG3emCmXnR8V5I3K40r_nLNDO4sDps9FXiOBeLLBhuS7Nr_6wGHU_3gKzusWKwVhUqnUgBwwk
pragma
no-cache
date
Thu, 23 Jun 2022 15:39:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 23 Jun 2022 15:39:31 GMT
dds
rtb.openx.net/sync/ Frame DFB0 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFXXC4jRgbyXxZkEiZ9bTKA&google_cver=1&google_push=ARnp8GDfwhZPMutMVSI9ACt-Ewho4g5o_ZwoHHsrml6gcsgXZCHCRZhm0ML8ubGCMzE1gm-301yoUBeoZ0Y7KEs09Zk9AjIy_eg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
b620ikm51fl8f12s95s1cec1295bj68s
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame DFB0 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKXb5Tq-yCVczaGqCKe8u0A&google_cver=1&google_push=ARnp8GCVRViboWLkDoN-Ve8NrkCYv4awE7AjSMYvwU8BUQQuM7kVrD-MozvIbi6YdcUMmIwrhjx--lO9V_tp6rDDmB70AUx0rw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame DFB0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKrrNZu3og6WDcPvZyLaXFA&google_cver=1&google_push=ARnp8GAD7w-uo8Vi2MpuaGJkygB4bCwACzmwXM7laKcOiWx9u5nypVeM_coBayFNcjVXG406NdX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRSNldURDItMVUtMU9WOQ==&google_push=ARnp8GAD7w-uo8Vi2MpuaGJkygB4bCwACzmwXM7laKcOiWx9u5nypVeM_coBayFNcjVXG406NdXHfpG5EPXoZQaseUnveusvgsA
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRSNldURDItMVUtMU9WOQ==&google_push=ARnp8GAD7w-uo8Vi2MpuaGJkygB4bCwACzmwXM7laKcOiWx9u5nypVeM_coBayFNcjVXG406NdXHfpG5EPXoZQaseUnveusvgsA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRSNldURDItMVUtMU9WOQ==&google_push=ARnp8GAD7w-uo8Vi2MpuaGJkygB4bCwACzmwXM7laKcOiWx9u5nypVeM_coBayFNcjVXG406NdXHfpG5EPXoZQaseUnveusvgsA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame DFB0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECEf1keEdsHkZrYiSr_i7wo&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECEf1keEdsHkZrYiSr_i7wo&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrSJMlBbnsEvAdKqAx_tEgAABHwAAAAB&google_cver=1&google_gid=CAESECEf1keEdsHkZrYiSr_i7wo&google_push=ARnp8GBPLPJpQk6IGy6t0z0ECH9VyxURupbSI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrSJMlBbnsEvAdKqAx_tEgAABHwAAAAB&google_cver=1&google_gid=CAESECEf1keEdsHkZrYiSr_i7wo&google_push=ARnp8GBPLPJpQk6IGy6t0z0ECH9VyxURupbSIjmLSa8mic0nd4PcxF9YifS2hg8cEgadMTVND4Vmz0fzg0ZV_yeDc-_9016-8oU
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 15:39:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrSJMlBbnsEvAdKqAx_tEgAABHwAAAAB&google_cver=1&google_gid=CAESECEf1keEdsHkZrYiSr_i7wo&google_push=ARnp8GBPLPJpQk6IGy6t0z0ECH9VyxURupbSIjmLSa8mic0nd4PcxF9YifS2hg8cEgadMTVND4Vmz0fzg0ZV_yeDc-_9016-8oU
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Thu, 23 Jun 2022 15:39:31 GMT
googleredir
googlecm.hit.gemius.pl/ Frame DFB0 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame DFB0 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUtuLjkONpiGVpm4powOES6_eveTShXRyKczzEHaW1lgxxpexxnPvKACIysABoqWoAyEuAWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-3509331315373891&output=html&h=280&adk=3655541349&adf=2564340799&pi=t.aa~a.3783770110~rp.2&w=849&fwrn=4&fwrnh=100&lmt=1655998770&rafmt=1&to=qs&pwprc=4275677667&psa=1&format=849x280&url=https%3A%2F%2F1stcapbank.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655998770262&bpp=2&bdt=1246&idt=2&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddce529535681a218-2278785cb9cd0099%3AT%3D1655998769%3ART%3D1655998769%3AS%3DALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ&prev_fmts=0x0%2C860x280&nras=2&correlator=1179878748340&frm=20&pv=1&ga_vid=790762531.1655998769&ga_sid=1655998770&ga_hid=630121151&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C31065545%2C31068166&oid=2&pvsid=2686703078917632&tmod=885972399&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=liUVGL3oUw&p=https%3A//1stcapbank.com&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2E99 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16b219c5fcdf10f7879a46344a8303d748679287676f3438cf9a3c3520d4e56e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame C6A4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C6A4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C6A4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Jun 2023 15:39:30 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C6A4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 18 Jun 2023 15:39:30 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame C6A4 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1655998770
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
FMfcsUWxGCaKce96ruRLWFf1Dju8YEEy0roM8wgTltS80qbUBD-C4Q==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame C6A4 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ODMsEqIgar3PdS5R9BM-mVDRxQVW98frJNvAmekmXcm0lc_u3p6sY5ATOK0oP5p8Dgpd5k1_Bge4Eu_JOV4LFp4TdrjiMOnqgnoigRJIjxvm6rcskFXxScWvTU4ltfZ39VDR6eOa9ubj2PTmLxiezdwFpqkKod4Ixdlt7xEA3OcZnW7Qw1Dv8KtzGrdjdQBzWByey1LSzi_pnj-ja218Oz51r1oSoHbtZ1v1uDIu7li9B0P0nltutov3xSMN4y8I--2f4NpBevRGdJNNNcY3MmPUN4TgF3ydiJ3RB_S4A2mIQbljWJwk8xMaAE3pzoJqPEgUVFY_AJGsc3Zs7Vs-HgQuuWEomMowgKaSeazMqRa0b1fml8vqINzB0mW8i8KJQxBc-b4uHk1nnTEnHVRxd4Voe0s3nAPle8CiiEwkUKPVnNGle8eLBFjeHyIg4bo7QUQ0cQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:30 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2960742
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame C6A4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
img
pix.eu.criteo.net/img/ Frame C6A4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=WVunQn1urfIF5n-zpdjitqDp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28559509
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5106
expires
Sat, 20 May 2023 04:51:20 GMT
img
pix.eu.criteo.net/img/ Frame C6A4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoDr-Heimeier-Partner-3816DE-2103101358.gif%3Feb%3D1&v=3&w=800&s=KYd4J4aTLVx7KTiw7jS73HDA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5d760aad03bc4ac8a4fd9068883549af9c1dc154081f62b98f0e493748ba91f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=403622
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4816
expires
Tue, 28 Jun 2022 07:46:33 GMT
img
pix.eu.criteo.net/img/ Frame C6A4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Meindl-u-Partner-Verrechnungsstelle-GmbH-139545DE.gif%3Feb%3D1&v=3&w=800&s=YXBCFE_KtriTAH1bLSFU1EZt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1732
expires
Sun, 18 Jun 2023 15:39:30 GMT
img
pix.eu.criteo.net/img/ Frame C6A4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2Flogodispo-Tf-School-of-Social-Work-GmbH-289551DE-2202041044.gif%3Feb%3D1&v=3&w=800&s=3cmXad9AzcviU9B-AGQvp7sX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b4f8cd9aaaa0d106297e6bc345e6fc339a92421eeece5408b32b07ed3ba94417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1553699
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4314
expires
Mon, 11 Jul 2022 15:14:30 GMT
img
pix.eu.criteo.net/img/ Frame C6A4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoRail-Power-Systems-GmbH-35628DE.gif%3Feb%3D1&v=3&w=800&s=xvDq6XP7Oe-Y94aRkkfVd1g5&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4f25dd76533ffac548798f8092bf5cec116f3a85eb3cb751f8ae1e01c1de43a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1795184
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2094
expires
Thu, 14 Jul 2022 10:19:15 GMT
img
pix.eu.criteo.net/img/ Frame C6A4 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=800&s=FY_Xq1rXG9nv3yEjzamNMYZX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
server
Finatra
vary
Origin
content-type
image/gif
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
43
expires
-1
img
pix.eu.criteo.net/img/ Frame C6A4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoHEG-Hamburger-Entsorgungsges-mbH-211382DE-2109241217.gif%3Feb%3D1&v=3&w=800&s=MpbTPuprln1N--78wNeBb9UV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9a47286ed41ee7f0ec640ebb5a4d76a71cf2c64ae2ff50cb4ad102b5143438a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1562980
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2212
expires
Mon, 11 Jul 2022 17:49:11 GMT
all
csm.eu.criteo.net/ Frame C6A4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gVLT2RuqesNotY3WSGa9d77G1kFuxmbN9j9V_ruOiUr_JPCKu8Z4hUEwI_1m3YlNUe8i1VGaEPLgyCdxDt8QbawSrYFRei8tD445vCUyfzbRw8nby_TjSgGe_ymIYo5pWLsiOl0AZqe3hyLRtJnrrpDAjIWM--QlAmY39xomt0vshRGuT_WsMbE1HVnTHTiMKiPPh8-fTyiko_Ffif0CEE5tu4LiXw5zglrMcmuWOBKLS25wLNkzMDY_uOKsbKGoK0lGbw&sds=2&rev=81817&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 15:39:30 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C6A4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C6A4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMgAE0owCHkg7AAt3N8CoW9HUi2lIP4Nm7g&u=%7C5ZkDgIYgyB1r7fSYVBUCJ9f%2BZn7iic8FvyjXjuWVVD4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANc7dLrL_cuYuVyXWGKHxGtGLArf_7MYfq5dyyyRijOwuYGwjc9cH1W98mJGQX6IyufdL2PEDTARlfxkX1RhXcvoJ1OPw35HAYCTxK2w8xnc3TqWcDLEynA-J65CMPd5YHMGNq0PJlQgpyWaF77am9Yaq8K-HOmWGro3jz315eoNzSnbBUwgpqXs25H4OYk5mYE_F-cXcfT5HANtPnVga3XxRqnFOwOAZDEk0sojo47-Y-KFJPXVZd2wE9-PoYvvQGXeEW5htlalxqaHULmYatTAawBkqPeRdDXHBkerCnVGCEzpzK4QegA5rxhaYriSGSM99VrBVSBIDHiOGnFIW7obLL8O6Myo6_1Ubq2LViLmwcnDdUmIUG6X0de0jk7BKQRocRtQ5hfov-885y_3B-ao&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvF54Mom0YoylE7uQ-cAPt-6twA_JntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM1MDkzMzEzMTUzNzM4OTGgAdW20uoDyAEJqQKaIH89z56xPqgDAaoE2AFP0B74Y0ig5vEqA3SiFsVN3hIQSLeFjTfcBLP-DeninAHqjWn653kxGomNVCFr-kNVRCVIT4H3iMqnHjv8AVAf0LUfwt5NO_F-rsBIpONvF_h5zga6bSmWyGw8xiXQ3BeXDD49crq7Jb0uMYaRFp0ZQSj482_2iXqjl23eG_XV-h213TR2FTqNz5CH-BJeP_xBQmEi7KVnO86la4lk2D_wB_TjVX4us5yu0Wiaa3WH6j86egRYpv72b_SyoA7FYNJ2ptlLzkYZiTd_tsMnbpyG-RICvtUnXQ6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1JozVVMW3B91TQFpdDaL4lY91d-w%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:30 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Jun 2023 15:39:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220616&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
044a09cd7e9811345bc687519ec3d2268d0c1ebc0e885be52a6a492df5d01d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 15:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10630
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3509331315373891&plah=1stcapbank.com&bust=31068166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 15:39:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A141 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stcapbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2130
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 15:04:01 GMT
expires
Fri, 23 Jun 2023 15:04:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 870C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ce14f5faaa5268d85e3898e2cbf944f99266fdef3287f5ca4d36458bc6a08616
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zWCcX2UkQIeoKvsP8qxL7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1stcapbank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-zWCcX2UkQIeoKvsP8qxL7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 15:39:31 GMT
expires
Thu, 23 Jun 2022 15:39:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
pagead2.googlesyndication.com/bg/ Frame A141 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
972198b02b9e13cc91f17a0e0cea3af056c3ad7fc8eb79d4881c9dc427ca8aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 14:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13789
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Jun 2023 14:19:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 870C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220616&jk=2686703078917632&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A141 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?y47PSw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 15:39:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 08E7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEOQDWKVu0dZlQtiX0uc2oGdqS6jOfIj41FB7pwOpT9TNC-qrxx0_3eI6lKJE1ZfrPJXmk5WR8Nx5Su60pJHFvdjoW&sig=Cg0ArKJSzKh-5WTCdBKDEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,716,1000,1054,1253&tos=83,633,284,54,199&v=20220622&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655998770312&rpt=130&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 15:39:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame A668 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=omKj0huqesNotY3Wf1tBLKfFfAmmvxXt93D-Cb5MMzK9Uf38xXQII_AW6nSi4CGGRBujnJnhA-Xcpygtp_Hgn1e_z8CdV4TsP_4NLjQ9Kh-yNrXdZzVSifb3Upg7ih5Bp7JobTpc8wo27GsKjlevxmoFpYE8QuqpNzLUybL4E3-64plxpvui-mH2Di9eEDdWhWgBfC0zZRXNLt-kvl2t6MTj_ukwfc7HBwa1lsJLjrzmJGRNNFJzKQ9_W8ZqQIlZEvWCMA&sds=2&rev=81817&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YrSJMQAJ6vcIEdzGAAEiDZkn9QGvd0TDQAVfag&u=%7CCGCjRpyI6KNZonYMEP4Bx%2F1Y23u1aM9qcsPadJiF98Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUKz-evawGE5kWxfu9AuJEpPREFJEQ7xGeys_9AVid4C5_lPqwKISeQz9_nlo2-oU6_dYvznXN7bWrR-qzzv4AyZ5owSOVRIhiEWufCXyL1yXkDQEYbOXsvrKiWnrrFTJiNed37OrOJuqJ2SoTrnZ_cwHzgwRnm1L3RJ7iGY6oXz5IyTXMwnOaZL-MRJiq3g5So0PEGdciipYWKNmmMtJ-GUh_LpbHpwZyvhpCHRd2TNdqlHLTnW7lV9S9L0S5RAmFqbNPlzE54i1Uk41L636wkk959N7PI4opx0FAZ61bAYjWhsfnkDw4-DVhObaNwT8qmqh6f9HPT83bp_O3m6wCcCGtRZvtPmTKw_L7HmgFM7Aia3wTYdIJurltBv7YwTGEG1GoyXJbb9Ow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCStj_MYm0YvfVJ8a5x_APjcSEsAbJntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNTA5MzMxMzE1MzczODkxoAHVttLqA8gBCakCmiB_Pc-esT6oAwGqBNIBT9BIVvgPcCEf-Ppa_CtdPS6rXVTrYQ1Uxzqy5eV55JdGCHYoH8Yjym2emFc5AkGAtI9M9eBnvBY5FP3zNHJgnkf4hm51Pkz4wVHv_0tXWvOPuP0QCqOodpxUvcvG_Wn6j_MQDLffO17sINuLjtuiWix2P-JDsgIoRKVd8uwfMMbV_iIVS1rbxmk34NmuLBa-13RWLfFoLeYAdAs-ZhAYnPFu0n2cn2jHjoowRK11Vd555DXFYK_Z-zwCsMp0bYsl838_76EgJ9rrTaHvDXlczB1MgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15x3ZX8oBXzLGO2iNWQ8qPx-VBfA%26client%3Dca-pub-3509331315373891%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 15:39:31 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220616&jk=2686703078917632&bg=!9fal9rLNAAZlcKWdRXA7ACkAdvg8Wo3TiYEq2MfrG9hadyyoYSQiZOz23V71CjHafCVEt3lLd4M3EQIAAABfUgAAAAFoAQeZAppKnEcdSrITLT6l_oL6G5tu3_5MWnnst0z_HToySn2_fgBmxMKZ69CnSpiaK8pPUTUtE7f7Uz5z40NjAmABQUk8Wb8dvebF8MwzoY-7LpuMeECsUU2W04z3Zb_u95Q2oJDV8x9ocj6kCuZDFk9W4cj9UQrqoHSMJq1jhHnctmOHZj7ZxmGAPVFf4Je5pr69tPh0scRj25iY9_rT3zDDATepCPICn4ubvNpx5UplvS3Ia8yU9BFOqsLH3nmDUsw91cs7wW5-c9LlziJL4WbAIpRlAtY-jRwk9-sRPpSTqasNfW6g_LSabR12AKCm62YTtjKWCIxiN_kD3q_xM5KTphlUz4Kaq5ePSupNAkr0oaTTwRuyLIKM4JVnfRbqMdXENVbvvSRSCtPloJrOdxXpUKkwlT9znIUpWR9L9kxjSoQV4tB7gNB5whGuZ7Mg3O_8a7hvC-0ecLTfi5D8EQinHb0y-UBsDLdZG3A8iOi0FpctBr9ep0wkv5BEAOj68Z8x9lVJ4DhleTIrxe-lTeNSSrfBqdDmNyEHQX9QT0zwBEcltzX3_cNQ-qCKkAZICQ85L0MAwkHW6wYWf6SItjsHmeq74o36t_nkFs0SI0KBc0gyUzA0ooCTjPUZuZLiFoNOhZ_9GtDTl9H6QqFI1idbTUgejZD4_X3jcC8qk0x24nLmu--do7zBeW182YToXLlifu3sDyBji_twMdrqY9xNajMvGkPidKVgiH7ayC62hTkjT_d2yCa9lZ0D6CN1GgIdd3qhWIGhBQmmW1z76-MrQzThn99h8vtqjgzHPaEEANceCSno9oS65rxbErn45aNkKH3_wBPXB1xND15yIrqmdkb3KQrXyYjNZIRRyPljHJkdHXoQMfuV-KIMz0M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1stcapbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPsUVLgyFFDieo6uIQt3lKA&google_cver=1&google_push=ARnp8GANcRwuw14K_92n9sG2Qu58b0aNjLROTd6mUP3WlR2EPdi6X8-6Czi84tBVCqQfYHWN4BeBI_fEZYSFw_bDlVmzIdmQiBJO

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googleToken object| googleIMState object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NDQ5YWMyNjc1ZDNiN2NkbG9hZGVyX2pz string| NDQ5YWMyNjc1ZDNiN2NkY2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| default_ContributorIabCcpaWebSignalJs function| __djmt020195__ object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| google_image_requests object| google_llp object| googletag function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 27374651-8355-44a4-82eb-bc396efcecb1 object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| GoogleGcLKhOms

21 Cookies

Domain/Path Name / Value
.1stcapbank.com/ Name: _ga
Value: GA1.2.790762531.1655998769
.1stcapbank.com/ Name: _gid
Value: GA1.2.1430227251.1655998769
.1stcapbank.com/ Name: _gat_gtag_UA_142783276_1
Value: 1
.1stcapbank.com/ Name: __gads
Value: ID=dce529535681a218-2278785cb9cd0099:T=1655998769:RT=1655998769:S=ALNI_Mb84hAlS5HZJ7CGgDfQsOT4mRJQfQ
.1stcapbank.com/ Name: FCNEC
Value: [["AKsRol95IZTUq3lMMIsWjdmrBmnpYWCfeS_E092gt3dhugcVRU07Up3GAysGCXWjXpgrJD0YK3NPbFS0gIz3LJxrwZz1hbWsO8SYvn6JHhWtxX_3_GtLqAEfLvfOYSx7Rksxx0zEc5gTOS-nXXzSVubT8K5qNrrEvA=="],null,[]]
.doubleclick.net/ Name: IDE
Value: AHWqTUmez3Lz75HOoNFfNjSUwycR66ByAiEdLDlhaK5fhLWiUwRqHQ79uI-aULR4hQk
.quantserve.com/ Name: d
Value: EAcBCQG5JoEA
.quantserve.com/ Name: mc
Value: 62b48932-caa92-4ea72-ba061
.casalemedia.com/ Name: CMID
Value: YrSJMlBbnsEvAdKqAx-tEgAA
.casalemedia.com/ Name: CMPS
Value: 3234
.casalemedia.com/ Name: CMPRO
Value: 1148
.casalemedia.com/ Name: CMST
Value: YrSJMmK0iTIA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022062315393100013319325808
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62b48933d4155e17
.addthis.com/ Name: ouid
Value: 62b489330001bbc93f79c592db36c7745e8e8cc6e778bcdc2b3f
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220623
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

4 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPsUVLgyFFDieo6uIQt3lKA&google_cver=1&google_push=ARnp8GANcRwuw14K_92n9sG2Qu58b0aNjLROTd6mUP3WlR2EPdi6X8-6Czi84tBVCqQfYHWN4BeBI_fEZYSFw_bDlVmzIdmQiBJO
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=800&s=FY_Xq1rXG9nv3yEjzamNMYZX&b=400
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1stcapbank.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
e.dlx.addthis.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.1stcapbank.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
142.250.181.226
142.250.185.194
178.250.2.135
178.250.2.148
178.250.2.150
198.47.127.19
198.54.120.180
23.35.236.247
2600:9000:206f:1200:1e:a43d:b640:93a1
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9c
2a00:1450:400e:801::200a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
35.186.253.211
69.173.144.139
69.192.160.219
044a09cd7e9811345bc687519ec3d2268d0c1ebc0e885be52a6a492df5d01d2d
04fcd73ca4fbc0c362fd9f3596873da779a98aa00a89a2bd28e5df43bc211d1f
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
08a4c6ec97c574af3e730f5e4d9b5b6770d627d49f5d9e2e2d1bec382779e20a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12052fc69360740240e61ca2dd8816c9865883edc466b189d84bf4d5b414bc92
16b219c5fcdf10f7879a46344a8303d748679287676f3438cf9a3c3520d4e56e
27cbacdd1ad6af761bd78fd1e4fb0db4809dbfc39f28498db3d6f8eb5dfbbf39
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30e39ceb6334f20536d5f94eecd86100586079d0c78cc9379aceaa23bbc9bb2f
31a4528f74a55f829e5318df188d94c48585da153a5463880aa5dfa4dc770d8d
3c5e8c6ad66d889f3f73d3bd1d0f2e4945ebfbe47d28162ee206cd1b9e75d561
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f25dd76533ffac548798f8092bf5cec116f3a85eb3cb751f8ae1e01c1de43a2
54708253e95176a14defe1d581e389b43bd0fd870d305837b773a652ec1b1fab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56168353f0b8cbe6cb135c1eb249e8e4b4abdca54e642918e309bf124990f1a1
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5a6e6e323df927765e866c051989781fd3c66b3276cc85d3ff77329cd516b7a4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d760aad03bc4ac8a4fd9068883549af9c1dc154081f62b98f0e493748ba91f8
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6889f40c818606c041915918ed0af992a7ca82a757dfb834fbf7068b384de48b
6d70b95ca455b1c0b7135f61dd4c1781a0f47a312d541d7abb7db2975bcebc7a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b5d6f170cfee339763f6166c2dc79501672f8556c667f02d5f859cd19ef04
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee41c5561cb3d074afd375f527ccb8d8ebd093409f4c8ce09a877cf93d1653b
972198b02b9e13cc91f17a0e0cea3af056c3ad7fc8eb79d4881c9dc427ca8aa9
973d3b3cace7d6f0521dbd314c5de59c28af57c428284578ad139cc5b67710a1
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a47286ed41ee7f0ec640ebb5a4d76a71cf2c64ae2ff50cb4ad102b5143438a8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fb608c969813718cd7b08c9bba1f9aae1b5d53a1af8747260ad1b29883bc138
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a34ff9db744b044f4dda44d101a3328b7aecca5432870058afdf74e403a7b00c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a98ec1a2127ccc8939a1152fd7c503ddfa506de8cd7a52a79fe66f3102199912
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
afc919e50374ea6cc4f7cfcb32e6cb5c73633c1b198144681a0b2d9cc7c95f9a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4f8cd9aaaa0d106297e6bc345e6fc339a92421eeece5408b32b07ed3ba94417
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c10023675c5439cee59bad4386996658778d00a8ce746ac1cd22f60774869260
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172
cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e
ce14f5faaa5268d85e3898e2cbf944f99266fdef3287f5ca4d36458bc6a08616
d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38ab679f1bba14b100b592a7fd9cfd13ad90dbad5e0b28ada7ad5911c15035c
f4b44f1079328c8d94d0ae18c9b05b41fff67189a5b43fbd3de1c873c0efbed5
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fddfa575589816ec61a0db7adeff0301fff1edde22109669584256c00c35f90f