1look4.com Open in urlscan Pro
208.91.199.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://1look4.com/
Submission Tags: tranco_l324
Submission: On November 14 via api (November 14th 2021, 3:24:09 am UTC) from DE — Scanned from DE

Summary HTTP 119 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 39 domains to perform 119 HTTP transactions. The main IP is 208.91.199.181, located in United States and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is 1look4.com.

This is the only time 1look4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	208.91.199.181 208.91.199.181	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12	176.9.106.58 176.9.106.58	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:310... 2606:4700:3108::ac42:2b15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	208.100.17.187 208.100.17.187	32748 (STEADFAST) (STEADFAST)
2 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
4 4	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.77.182.98 54.77.182.98	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	3.122.145.244 3.122.145.244	16509 (AMAZON-02) (AMAZON-02)
2 2	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
2 3	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1	150.136.222.2 150.136.222.2	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	2600:9000:20e... 2600:9000:20eb:6400:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
7	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
119	32

9 208.91.199.181 (United States)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: klreseller.com

1look4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 176.9.106.58 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb2.pagepeeker.com

free.pagepeeker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b15 (United States)

ASN13335 (CLOUDFLARENET, US)

via.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

rt3043.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.100.17.187 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip187.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.79 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.100 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.182.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.145.244 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-244.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.27.122.158 (Chestertown, United States) 2 redirects

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.122.14.34 (United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.222.2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:6400:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	infolinks.com resources.infolinks.com router.infolinks.com rt3043.infolinks.com	202 KB
16	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	288 KB
12	pagepeeker.com free.pagepeeker.com	86 KB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	78 KB
10	ad-score.com js.ad-score.com data.ad-score.com	117 KB
9	1look4.com 1look4.com	336 KB
7	pubmatic.com 7 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	2 KB
7	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
5	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	4 KB
4	gstatic.com www.gstatic.com	24 KB
3	simpli.fi 2 redirects um.simpli.fi	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	google.com 1 redirects adservice.google.com www.google.com	763 B
2	tapad.com 1 redirects pixel.tapad.com	890 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	bnmla.com 2 redirects match.bnmla.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	676 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	openx.net 2 redirects u.openx.net	601 B
2	tynt.com 1 redirects de.tynt.com	710 B
2	googletagservices.com www.googletagservices.com	73 KB
2	google.de adservice.google.de	589 B
2	google-analytics.com www.google-analytics.com	20 KB
1	mathtag.com 1 redirects sync.mathtag.com	682 B
1	33across.com ssc-cms.33across.com	72 B
1	technoratimedia.com sync.technoratimedia.com	298 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	474 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	onetag-sys.com onetag-sys.com	823 B
1	googleadservices.com partner.googleadservices.com	510 B
1	placeholder.com via.placeholder.com	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
119	39

	Domain	Requested by
15	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
12	free.pagepeeker.com	1look4.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net
9	1look4.com	1look4.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com 1look4.com googleads.g.doubleclick.net www.googletagservices.com
7	data.ad-score.com	js.ad-score.com
7	rt3043.infolinks.com	resources.infolinks.com
6	resources.infolinks.com	1look4.com resources.infolinks.com
6	pagead2.googlesyndication.com	1look4.com pagead2.googlesyndication.com www.googletagservices.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	ib.adnxs.com	4 redirects
4	image8.pubmatic.com	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
3	js.ad-score.com	resources.infolinks.com js.ad-score.com
3	um.simpli.fi	2 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	pixel.tapad.com	1 redirects resources.infolinks.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	p.rfihub.com	2 redirects
2	ap.lijit.com	2 redirects
2	match.bnmla.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	u.openx.net	2 redirects
2	image4.pubmatic.com	2 redirects
2	de.tynt.com	1 redirects router.infolinks.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	1 redirects
1	sync.mathtag.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	ssc-cms.33across.com	router.infolinks.com
1	sync.technoratimedia.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	via.placeholder.com	1look4.com
1	www.googletagmanager.com	1look4.com
119	49

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh

This page contains 16 frames:

Primary Page: http://1look4.com/
Frame ID: 167BB7829D244C1E142B65F9EC398C98
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 07211EAADF183B8E01AFF788438DC2A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3276032096694854&output=html&adk=1812271804&adf=3025194257&lmt=1636860242&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1look4.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1636860242656&bpp=2&bdt=765&idt=89&shv=r20211109&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=746319318684&frm=20&pv=2&ga_vid=386599458.1636860243&ga_sid=1636860243&ga_hid=273010660&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754332%2C21066428%2C31063702%2C31062947&oid=2&pvsid=1167195385313007&pem=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=106
Frame ID: 4A10A49D3E3F82B9B7894262969BF192
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Frame ID: 48F76C3F124B1E4D9C2483CD31ECB38B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5B2CD31B9D318D5E97867F301A377A88
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4C9486287B87007AA9F2510F3245A7F7
Requests: 14 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: 57290025F9271D05F3B148368173BCA9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: DEF7E902B93FDB503253C6987BAA2E92
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: AF08F1E48D8BAADA2E81A8F4F3D0D432
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 173EFC6818EA6B08DF0B897D22C8884A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: CD3EDE397AEF8792D7ED010B64C95EA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 872943C1D3075B36E31A11831D619230
Requests: 2 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container.html
Frame ID: 119A8FD7090F96A24F039F3E559ED460
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: 2A05988E4B90A2716B597BB78BB7DA7B
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000102
Frame ID: 5E4FFBE89457026641E84E2F41643174
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: EE5A03673D50F30A8806266FEF37D8F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Stories

Page Statistics

119
Requests

55 %
HTTPS

29 %
IPv6

39
Domains

49
Subdomains

32
IPs

5
Countries

1275 kB
Transfer

3379 kB
Size

62
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1

Request Chain 57

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 59

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlBRkVGREItMURBMi00QjlBLTg0QTQtNjJBOEZDMjRBMkZG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DB9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF

Request Chain 60

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=1189869411783334987

Request Chain 61

https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
https://router.infolinks.com/dyn/ox-usync?uid=757a480c-b5df-4238-ad81-3a40750f0d10

Request Chain 62

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-pMMhempE2uFnTyLUR7Y82pzY7s4D1vm7tfM5Fv8-~A

Request Chain 63

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5282075499 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5282075499 HTTP 302
https://sync.1rx.io/usersync/tradedesk/93be419e-d784-4f31-8872-51822c93da37 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-66431608-481f-4f49-9872-12e38340c91e-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-66431608-481f-4f49-9872-12e38340c91e-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-66431608-481f-4f49-9872-12e38340c91e-003

Request Chain 64

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 66

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252F1look4.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252F1look4.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=http%3A%2F%2F1look4.com%2F&pid=12306&adnxs_uid=1189869411783334987

Request Chain 68

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5160e574-44fa-11ec-9bc1-0612add8f72c HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-k3Zzps5E2uFIsHZzjG7SRUUIHmYLbLtp~A~UP5160e574-44fa-11ec-9bc1-0612add8f72c

Request Chain 69

https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
https://match.bnmla.com/usersync?dspid=6&uuid=2D039B0F2E904D87BE119B95AE7369F8 HTTP 302
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D

Request Chain 70

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=d8bfe3a87c0c3f3b48f1e041

Request Chain 71

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DB9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF

Request Chain 73

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=5107433821696928264

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZCBUznQevEiXw5udH9IbwAABFgAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJJjHn72v4VUbnLfRaijAL0&google_cver=1

Request Chain 86

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZCBUznQevEiXw5udH9IbwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHigyIEy2VM1EOGA7MO7hYU&google_cver=1&gdpr=1

Request Chain 87

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZCBUznQevEiXw5udH9IbwAABFgAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZCBUznQevEiXw5udH9IbwAABFgAAAAB&dcc=t

Request Chain 89

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 90

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821696928264

Request Chain 91

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=67f76190-8153-4100-b31e-5fcc1390abe1&gdpr=1&gdpr_consent=

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=1daf2e01-6114-4617-9195-56af59b87a60=&partner_id=3337 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=1daf2e01-6114-4617-9195-56af59b87a60=&partner_id=3337

119 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
1look4.com/ 33 KB
13 KB 820ms
811ms Document
text/html 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash: b47e23319e2d2db38c24bc6924c16cc236a02b31adc8e4a6d6881eea09579c43

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 14 Nov 2021 03:24:01 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12636
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bootstrap.css
1look4.com/assets/ae8f2e/css/ 195 KB
40 KB 144ms
144ms Stylesheet
text/css 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/assets/ae8f2e/css/bootstrap.css
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash: 7935e6d0f7278c760cd580d4904437bd87d9c45d417dfa58196cf6945aa60ab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 20:30:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74

GET
H/1.1 200
OK all.min.css
1look4.com/assets/a4909c74/css/ 58 KB
13 KB 276ms
273ms Stylesheet
text/css 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/assets/a4909c74/css/all.min.css
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash: d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 20:28:38 GMT
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=75
Content-Length: 12862

GET
H/1.1 404
Not Found style.css
1look4.com/assets/efe21797/ 0
0 573ms
570ms Stylesheet
text/html 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/assets/efe21797/style.css
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=75
Content-Length: 2096
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 63ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11564248-5

Requested by

Host: 1look4.com
URL: http://1look4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe5858bc0ab0bbdcb70fe012b04ac1e3ca5393c34bf22ff6d9904e110b1ea739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 36151
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Nov 2021 03:24:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 67ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3276032096694854

Requested by

Host: 1look4.com
URL: http://1look4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72021bc249a742dfcd71bd637e1f635e4ca4c946d956d31531edf72b6ed10fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1look4.com/
Origin: http://1look4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51268
x-xss-protection: 0
server: cafe
etag: 12073961724092412406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 03:24:02 GMT

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 8 KB
9 KB 28ms
11ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://www.theiconic.com.au/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.9.2 /
Resource Hash: 6f56856a9632fa766f619a4a6f8a21508d9eb9d2efbbf5c2f9784df0bf3b0202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.9.2
X-PP-Hash: 66dbb0bd06ff236744250f14be085d55
X-PP-Final-URL: https://www.theiconic.com.au/
X-PP-Capture-Method: webkit
X-PP-Server: 1004
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 6.15
X-Robots-Tag: noindex, nofollow
Content-Length: 8434

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 6 KB
6 KB 27ms
11ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://www.hireprogrammer.co.uk/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.9.2 /
Resource Hash: 9c882830dd05d3191c8e2745908de7235e6687978d0f76d3b856853acc948681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.9.2
X-PP-Hash: a4efbfa61b11a0753189d93466147997
X-PP-Final-URL: https://www.hireprogrammer.co.uk/
X-PP-Capture-Method: webkit
X-PP-Server: 1004
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 4.16
X-Robots-Tag: noindex, nofollow
Content-Length: 6188

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 6 KB
7 KB 28ms
12ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://www.infozzle.com/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.4.6 /
Resource Hash: ca1c2e8f8e2c7e6a6b59f88642334c19180a334ddd51aab45906a72fd64799fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.4.6
X-PP-Hash: 2e05223612b5857d5bec3dcdd1938dc7
X-PP-Final-URL: https://www.infozzle.com/
X-PP-Capture-Method: webkit
X-PP-Server: 1003
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 5.15
X-Robots-Tag: noindex, nofollow
Content-Length: 6603

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 9 KB
9 KB 8ms
8ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://learnow.live/course/certified-scrummaster-csm-training
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.9.2 /
Resource Hash: b04bedb4456618d85779de8585b8f906d8e363dacae0688845b5b64764b8a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.9.2
X-PP-Hash: 8f5aebcfc8e2548a47804078546afe90
X-PP-Final-URL: https://learnow.live/course/certified-scrummaster-csm-training
X-PP-Capture-Method: webkit
X-PP-Server: 1003
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 6.38
X-Robots-Tag: noindex, nofollow
Content-Length: 8888

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 8 KB
9 KB 9ms
8ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://starprocombat.co.uk
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.4.6 /
Resource Hash: 382f696e29144b587f80ebc1ddece499dc5ae31f794329d45cbf495174849178

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.4.6
X-PP-Hash: 6ead9e7e5851ecf3cf5bc09d7a9aaa6d
X-PP-Final-URL: https://starprocombat.co.uk
X-PP-Capture-Method: webkit
X-PP-Server: 1003
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 9.42
X-Robots-Tag: noindex, nofollow
Content-Length: 8347

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 8 KB
8 KB 8ms
8ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://www.nbpinteriors.in/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.9.2 /
Resource Hash: 9b13cd2a8205bc8ca415457689ab6545ecbd2e0587e37ba8106fdb8d79d540b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.9.2
X-PP-Hash: 3987012f15bc1d4aaad7bdb787c526a4
X-PP-Final-URL: https://www.nbpinteriors.in/
X-PP-Capture-Method: webkit
X-PP-Server: 1003
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 9.10
X-Robots-Tag: noindex, nofollow
Content-Length: 8029

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 7 KB
7 KB 14ms
11ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://www.chennaiwomensclinic.in/%e0%ae%95%e0%ae%b0%e0%af%81%e0%ae%9a%e0%af%8d%e0%ae%9a%e0%ae%bf%e0%ae%a4%e0%af%88%e0%ae%b5%e0%af%81%e0%ae%95%e0%af%8d%e0%ae%95%e0%af%81-%e0%ae%aa%e0%ae%bf%e0%ae%b1%e0%ae%95%e0%af%81-%e0%ae%95/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.4.6 /
Resource Hash: 624b887c603ecda34951afe9a2e395123946d03bb9583240deb291c512f785a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.4.6
X-PP-Hash: ef2db4124f819661ab0ad17cf1907b63
X-PP-Final-URL: https://www.chennaiwomensclinic.in/à®à®°à¯à®à¯à®à®¿à®¤à¯à®µà¯à®à¯à®à¯-à®ªà®¿à®±à®à¯-à®/
X-PP-Capture-Method: webkit
X-PP-Server: 1004
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 6.50
X-Robots-Tag: noindex, nofollow
Content-Length: 6798

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 4 KB
4 KB 9ms
9ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://junglesafarisafrica.com/zanzibar/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.4.6 /
Resource Hash: d25b093ff275c3e96365f7a319e532d615542df62a008ab71ba75e9abf475302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.4.6
X-PP-Hash: bb95505f9c3904c4eb957f92c05085fd
X-PP-Final-URL: https://junglesafarisafrica.com/zanzibar/
X-PP-Capture-Method: webkit
X-PP-Server: 1004
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 7.46
X-Robots-Tag: noindex, nofollow
Content-Length: 3620

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 7 KB
8 KB 8ms
8ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://timothylimclinic.com/gynaecological-oncology/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.9.2 /
Resource Hash: 2e32ce50aaf34d573d38ac8020d40103e991ec3185bf5e6061ca5fad829ce945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.9.2
X-PP-Hash: 187869fe47ad0ea4df7e4ed14994fac0
X-PP-Final-URL: https://timothylimclinic.com/gynaecological-oncology/
X-PP-Capture-Method: webkit
X-PP-Server: 1004
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 6.95
X-Robots-Tag: noindex, nofollow
Content-Length: 7384

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 7 KB
8 KB 8ms
8ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://www.learnbay.co/data-science-course/data-science-course-in-bangalore/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.4.6 /
Resource Hash: 04f23594376a72e58735f6fafbee0860c5346278c094861e32a4a861c2cad54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.4.6
X-PP-Hash: 034b18091f86ad7df244eac694a78352
X-PP-Final-URL: https://www.learnbay.co/data-science-course/data-science-course-in-bangalore/
X-PP-Capture-Method: webkit
X-PP-Server: 1004
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 11.31
X-Robots-Tag: noindex, nofollow
Content-Length: 7213

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 7 KB
8 KB 9ms
8ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://cmacbuild.com/custom-staircase
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.9.2 /
Resource Hash: 77224dca64e54d2c16bd311714c86734973a85e2fd4aa0a4e2218b329f69896c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.9.2
X-PP-Hash: e1a4013fce6b165850ea63cc219d2c81
X-PP-Final-URL: https://cmacbuild.com/custom-staircase
X-PP-Capture-Method: webkit
X-PP-Server: 1003
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 4.91
X-Robots-Tag: noindex, nofollow
Content-Length: 7234

GET
H/1.1 200
OK thumbs.php
free.pagepeeker.com/v2/ 4 KB
4 KB 9ms
8ms Image
image/jpeg 176.9.106.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://free.pagepeeker.com/v2/thumbs.php?size=m&url=https://www.crossfitmarkham.com/programs-services/personal-training/
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 176.9.106.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb2.pagepeeker.com
Software: nginx/1.4.6 /
Resource Hash: b3de79e2d0a2c96bffc6008f121ceab0102c72bf9af54a358038080fe8939445

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Type: image/jpeg
Server: nginx/1.4.6
X-PP-Hash: eff8fd3b7aea0bf256b63ceecd5f1388
X-PP-Final-URL: https://www.crossfitmarkham.com/programs-services/personal-training/
X-PP-Capture-Method: webkit
X-PP-Server: 1003
Cache-Control: no-cache, no-store, must-revalidate
X-PP-Capture-Time: 5.45
X-Robots-Tag: noindex, nofollow
Content-Length: 4000

GET
H2 200 300x250
via.placeholder.com/ 621 B
1 KB 168ms
149ms Image
image/png 2606:4700:3108::ac42:2b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/300x250?text=300x250+Your%20ad%20here
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d34e3a26e41e6ee6cecefd0cc840933c368cfa7cb335823b9ed9fe01b724c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: L2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 621
last-modified: Sun, 14 Nov 2021 03:24:03 GMT
server: cloudflare
etag: "61908153-26d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wprA9aOKeFFycODDFLBUr9U3kM9XpI%2F0j%2BC13txTjaFGka1LYicrNbVl8kpkGXNIebFqxYQYAF25QklyxJW1wDEPlqg00vB7SBpy4pQRXTyKqI6p%2Fku6p9QRXJP4vQI8ZBvgZe03JhUExpUx7dOlo7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6add1fe6dc6b702d-FRA
expires: Mon, 15 Nov 2021 03:23:53 GMT

GET
H/1.1 200
OK jquery.js Show response
1look4.com/assets/6de964ee/ 281 KB
110 KB 150ms
150ms Script
application/javascript 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/assets/6de964ee/jquery.js
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash: 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 03:24:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 20:27:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74

GET
H/1.1 200
OK bootstrap.bundle.js Show response
1look4.com/assets/ae8f2e/js/ 231 KB
75 KB 148ms
147ms Script
application/javascript 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/assets/ae8f2e/js/bootstrap.bundle.js
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash: 41eb27d1f2327c903455f1adce6d0a81ae51a3d782ce891d36830f91eedb4b11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 03:24:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 20:30:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74

GET
H/1.1 200
OK yii.js Show response
1look4.com/assets/d9f78426/ 20 KB
7 KB 146ms
142ms Script
application/javascript 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/assets/d9f78426/yii.js
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash: 67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 03:24:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 20:27:56 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 6777

GET
H/1.1 404
Not Found app.js
1look4.com/assets/efe21797/ 0
0 614ms
600ms Script
text/html 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/assets/efe21797/app.js
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Upgrade: h2,h2c
Cache-Control: no-store, no-cache, must-revalidate
Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=75
Content-Length: 2097
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
3 KB 36ms
22ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1024684a031f54a865ce6dfad1c1354298ae8e429ffeff9fb7b1bc781e2607

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

CF-RAY: 6add1fe68be02b35-FRA
Date: Sun, 14 Nov 2021 03:24:02 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Last-Modified: Sat, 13 Nov 2021 18:26:14 GMT
Server: cloudflare
Age: 3446
ETag: W/"dac-5d0afb5f4aea8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Sun, 14 Nov 2021 03:26:36 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
1look4.com/assets/a4909c74/webfonts/ 78 KB
79 KB 271ms
268ms Font
font/woff2 208.91.199.181
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://1look4.com/assets/a4909c74/webfonts/fa-solid-900.woff2
Requested by: Host: 1look4.com
URL: http://1look4.com/assets/a4909c74/css/all.min.css
Protocol: HTTP/1.1
Server: 208.91.199.181 , United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: klreseller.com
Software: Apache /
Resource Hash: 8dd5d5a0abcff8f298ca04608656cc44706aaea54b1752a213d60653ab8effc5

Request headers

Referer: http://1look4.com/assets/a4909c74/css/all.min.css
Origin: http://1look4.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 03:24:03 GMT
Last-Modified: Tue, 10 Aug 2021 20:28:54 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: font/woff2
Keep-Alive: timeout=5, max=75
Content-Length: 80276

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11564248-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4977
date: Sun, 14 Nov 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sun, 14 Nov 2021 04:01:06 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/ 268 KB
97 KB 52ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3276032096694854&plah=1look4.com&bust=31063702

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3276032096694854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4334b99cbddcdffe2aa1bd63622ea5c6601c2f6744f91832b4ffc989692debc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 98637
x-xss-protection: 0
server: cafe
etag: 1525510911014213541
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 0721 11 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3276032096694854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 08:20:20 GMT
expires: Sat, 27 Nov 2021 08:20:20 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 68623
cache-control: public, max-age=1209600
alt-svc: clear

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=273010660&t=pageview&_s=1&dl=http%3A%2F%2F1look4.com%2F&ul=en-us&de=UTF-8&dt=Stories&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=421136635&gjid=303456054&cid=386599458.1636860243&tid=UA-11564248-5&_gid=1989522548.1636860243&_r=1&gtm=2ouba1&z=224450777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://1look4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
510 B 59ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1look4.com&callback=_gfp_s_&client=ca-pub-3276032096694854

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3276032096694854&plah=1look4.com&bust=31063702

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f51c466e2f5f9cc1c5f6dc04547a8b7323b7c7babf0f16a3663d1dda8b912327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: clear
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
424 B 53ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1look4.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 46ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1look4.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A10 249 KB
62 KB 508ms
507ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3276032096694854&output=html&adk=1812271804&adf=3025194257&lmt=1636860242&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F1look4.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1636860242656&bpp=2&bdt=765&idt=89&shv=r20211109&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=746319318684&frm=20&pv=2&ga_vid=386599458.1636860243&ga_sid=1636860243&ga_hid=273010660&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754332%2C21066428%2C31063702%2C31062947&oid=2&pvsid=1167195385313007&pem=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=106

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dea6c744c4089bf1e102e2c28e1083cd29b8cd9125d813b3184a7c53ec7209d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 14 Nov 2021 03:24:03 GMT
server: cafe
content-length: 63397
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 03:24:03 GMT
cache-control: private

GET
H/1.1 200
OK ice.js Show response
resources.infolinks.com/js/1766.011-3.025/ 462 KB
141 KB 28ms
27ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66d34755720965b731d75bde11087db2475d50c3779d4c6ac6e5915472c4f289

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

CF-RAY: 6add1fea3f112b35-FRA
Date: Sun, 14 Nov 2021 03:24:03 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Last-Modified: Wed, 10 Nov 2021 08:35:24 GMT
Server: cloudflare
Age: 7524
ETag: W/"73765-5d06b1b77ec36"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Tue, 14 Dec 2021 01:18:39 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 48F7 9 KB
2 KB 148ms
118ms Document
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c3f85e4bd32903fb4c7c8404456c91e4decf6903d9c845fb3b5ec5c7f5e53e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/

Response headers

date: Sun, 14 Nov 2021 03:24:03 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6add1feb3d3e4a73-FRA
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
37 B 205ms
180ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 6add1feb3d3f4a73-FRA
content-length: 0

GET
H/1.1 200
OK gsd Show response
router.infolinks.com/ 326 B
810 B 126ms
119ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://router.infolinks.com/gsd?evt=afterGSD&pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F&jsv=1766.011-3.025&_cb=16368602432770
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 049b5e7b422cca7a0f192cc7445f3d9ff000ba7ab2430a71f1c8b9f3340f63f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:03 GMT
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
P3P: CP="NON DSP NID OUR COR"
Content-Type: text/javascript;charset=UTF-8
Content-Encoding: gzip
Cache-Control: max-age=0
Connection: keep-alive
CF-RAY: 6add1feb2aec696f-FRA
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/ 147 KB
52 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/reactive_library_fy2019.js?bust=31063702

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1516b8ec64f363cc55b8faf7c479fff5ae9302a3de2fd99963cb9fcbfefffef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 53470
x-xss-protection: 0
server: cafe
etag: 2894769311192280207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1look4.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1look4.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/ Frame 5B2C 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 06:42:24 GMT
expires: Sat, 27 Nov 2021 06:42:24 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 74499
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/ Frame 4C94 11 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 13 Nov 2021 06:42:24 GMT
expires: Sat, 27 Nov 2021 06:42:24 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 74499
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 css2
fonts.googleapis.com/ Frame 5B2C 4 KB
973 B 41ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 02:00:57 GMT
server: ESF
date: Sun, 14 Nov 2021 03:24:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5B2C 205 B
520 B 32ms
9ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:30:40 GMT
x-content-type-options: nosniff
age: 197603
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 20:30:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5B2C 604 B
696 B 33ms
10ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:30:29 GMT
x-content-type-options: nosniff
age: 208414
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 17:30:29 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 5B2C 18 KB
8 KB 38ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 00:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 8107
x-xss-protection: 0
server: cafe
etag: 4972561305884240788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 00:02:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4C94 3 KB
651 B 35ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 01:58:38 GMT
server: ESF
date: Sun, 14 Nov 2021 03:24:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 4C94 1 KB
960 B 30ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 03:01:51 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C94 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmqZuU4GQYffeC7OrrATTu4TgCdDshadhmo-o2Z0N-Nu6jfkhEAEg3NLQE2CV2oiCmAegAZG3-7wCyAEJqQILlPdm_jKzPqgDAcgDywSqBN0BT9ASIjQXSSBBqp5T2Nx3bqWsm0OtXhnyZQoTPXIzRcb-x5yisAwTH919OH-zgVuOuFTh0tjjMxHfW5_x34X2TGwtkF2ROjVGu1VOcAbgTjo03ZRqFT7ucYG50xZ99gCp90p4p4E3nEaUMtHpglTvcVbC9o3-9cxpugZNdyWaeRo1NKzkM9Ay81hSgLcrlM0IKO370mAWA63EnpDr_xitS7SPsyE6bGpHcKEsRGpn4Hbv4wb6kTBAPvpLRj3G_lTvRySc_gRihJiVrNWIYPspT8PI6umPtzGinjDl0BjABMqbkeu5A6AGLoAH18iEwwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC70Q3SCAkIgOGAEBABGF-ACgHICwG4E4gn2BMD0BUBgBcBshccChoIABIUcHViLTMyNzYwMzIwOTY2OTQ4NTQYAA&sigh=INm_JSlte38&uach_m=[UACH]&template_id=5000

Requested by

Host: 1look4.com
URL: http://1look4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 03:24:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 4C94 19 KB
8 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 03:18:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 4C94 2 KB
1 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 03:08:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C94 119 KB
37 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 4C94 15 KB
6 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 02:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 02:55:42 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 4C94 27 KB
12 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11360
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:34:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 23:30:46 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18017567713434168194/ Frame 4C94 20 KB
20 KB 27ms
12ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18017567713434168194/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e94bd57d897b4213821d2b0b9bd6b9b1faa071fd8551535b2abb80c479bfef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 15:55:40 GMT
x-content-type-options: nosniff
age: 214103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20186
x-xss-protection: 0
last-modified: Wed, 11 Mar 2020 09:09:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Nov 2022 15:55:40 GMT

GET
DATA 200
OK truncated
/ Frame 4C94 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK doq.htm Show response
rt3043.infolinks.com/action/ 3 KB
3 KB 239ms
226ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/doq.htm?pcode=utf-8&r=16368602434631
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcacc52087f49227d4b0ea520524a5727834b7a45b2088479bc2cabd19244fe7

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 14 Nov 2021 03:24:04 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Transfer-Encoding: chunked
P3P: CP="NON DSP NID OUR COR"
Content-Type: text/html;charset=UTF-8
Connection: keep-alive
X-Application-Context: application:prod
Pragma: no-cache
Server: cloudflare
Vary: Origin
Content-Language: de-DE
Access-Control-Allow-Origin: http://1look4.com
Cache-Control: no-cache,no-store
Access-Control-Allow-Credentials: true
CF-RAY: 6add1fec5cfa4e44-FRA
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/ Show response
de.tynt.com/deb/ Frame 5729
Redirect Chain

https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1

75 B
289 B

100ms
100ms

Document
text/html

208.100.17.187
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip187.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Mon, 15 Nov 2021 03:24:04 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Sun, 14 Nov 2021 03:24:03 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-length: 0
date: Sun, 14 Nov 2021 03:24:03 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame DEF7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

17ms
17ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dfb5a05ef1051553bfd881355e82d4bf91516063af06b85d137fdf2d2d2ce057

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|45|241|46|90|57|3
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1724
Expires: Sun, 14 Nov 2021 03:24:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:03 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sun, 14 Nov 2021 03:24:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:03 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame AF08 2 KB
823 B 34ms
8ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlBRkVGREItMURBMi00QjlBLTg0QTQtNjJBOEZDMjRBMkZG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DB9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF
https://router.infolinks.com/dyn/pbm-usync?uid=B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF

0
169 B

110ms
109ms

Image
text/html

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 6add1ff11a044a73-FRA
content-length: 0
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/pbm-usync?uid=B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF
date: Sun, 14 Nov 2021 03:24:03 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=1189869411783334987

35 B
187 B

117ms
116ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=1189869411783334987
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1fed1eb94a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:03 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 320cfcc9-daf3-4fb8-beb6-6c87c5d0f6e4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=1189869411783334987
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ox-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
https://router.infolinks.com/dyn/ox-usync?uid=757a480c-b5df-4238-ad81-3a40750f0d10

35 B
268 B

112ms
112ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ox-usync?uid=757a480c-b5df-4238-ad81-3a40750f0d10
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1fed1eba4a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://router.infolinks.com/dyn/ox-usync?uid=757a480c-b5df-4238-ad81-3a40750f0d10
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-pMMhempE2uFnTyLUR7Y82pzY7s4D1vm7tfM5Fv8-~A

35 B
209 B

121ms
121ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-pMMhempE2uFnTyLUR7Y82pzY7s4D1vm7tfM5Fv8-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1fed1eb74a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/VR-usync?uid=y-pMMhempE2uFnTyLUR7Y82pzY7s4D1vm7tfM5Fv8-~A
date: Sun, 14 Nov 2021 03:24:03 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5282075499
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5282075499
https://sync.1rx.io/usersync/tradedesk/93be419e-d784-4f31-8872-51822c93da37
https://sync.targeting.unrulymedia.com/csync/RX-66431608-481f-4f49-9872-12e38340c91e-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-66431608-481f-4f49-9872-12e38340c91e-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-66431608-481f-4f49-9872-12e38340c91e-003

35 B
205 B

115ms
114ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-66431608-481f-4f49-9872-12e38340c91e-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1ff109fb4a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-66431608-481f-4f49-9872-12e38340c91e-003
date: Sun, 14 Nov 2021 03:24:04 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX66431608481f4f49987212e38340c91e003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
177 B

120ms
119ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1ff109f84a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 48F7 0
474 B 62ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:03 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 48F7
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252F1look4.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252F1look4.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=http%3A%2F%2F1look4.com%2F&pid=12306&adnxs_uid=1189869411783334987

95 B
945 B

134ms
32ms

Image
image/png

54.77.182.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=http%3A%2F%2F1look4.com%2F&pid=12306&adnxs_uid=1189869411783334987

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F

Protocol

HTTP/1.1

Server

54.77.182.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-182-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 14 Nov 2021 03:24:04 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 14 Nov 2021 03:24:04 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
X-Proxy-Origin: 168.119.25.199; 168.119.25.199; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7a9166d3-7e13-47b0-80c0-73389cd78f0d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=http%3A%2F%2F1look4.com%2F&pid=12306&adnxs_uid=1189869411783334987
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 48F7 42 B
233 B 267ms
86ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP5160e574-44fa-11ec-9bc1-0612add8f72c
https://router.infolinks.com/dyn/outh-usync?uid=y-k3Zzps5E2uFIsHZzjG7SRUUIHmYLbLtp~A~UP5160e574-44fa-11ec-9bc1-0612add8f72c

35 B
235 B

131ms
131ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-k3Zzps5E2uFIsHZzjG7SRUUIHmYLbLtp~A~UP5160e574-44fa-11ec-9bc1-0612add8f72c
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1fed4ee14a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

location: https://router.infolinks.com/dyn/outh-usync?uid=y-k3Zzps5E2uFIsHZzjG7SRUUIHmYLbLtp~A~UP5160e574-44fa-11ec-9bc1-0612add8f72c
date: Sun, 14 Nov 2021 03:24:04 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

services
sync.technoratimedia.com/ Frame 48F7
Redirect Chain

https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
https://match.bnmla.com/usersync?dspid=6&uuid=2D039B0F2E904D87BE119B95AE7369F8
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D

0
298 B

337ms
105ms

Image
text/plain

150.136.222.2
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 150.136.222.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:05 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 386237529
access-control-allow-origin: https://router.infolinks.com/
access-control-allow-credentials: true

Redirect headers

Location: https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=d8bfe3a87c0c3f3b48f1e041

35 B
221 B

114ms
114ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=d8bfe3a87c0c3f3b48f1e041
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1ff1dab84a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

Date: Sun, 14 Nov 2021 03:24:04 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=d8bfe3a87c0c3f3b48f1e041
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DB9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF
https://router.infolinks.com/dyn/usersync?pmuservalue=B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF

0
253 B

122ms
122ms

Image
text/plain

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 6add1ff11a064a73-FRA
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF
date: Sun, 14 Nov 2021 03:24:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 48F7 0
58 B 112ms
111ms Image
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 6add1fec6e394a73-FRA
content-length: 0

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 48F7
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=5107433821696928264

35 B
188 B

114ms
114ms

Image
image/gif

172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=5107433821696928264
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1fee6fad4a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=5107433821696928264
Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 48F7 0
72 B 320ms
100ms Image
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=2494762&wsid=0&pdom=1look4.com&purl=http%3A%2F%2F1look4.com%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP005 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-33x-status: 2000208
date: Sun, 14 Nov 2021 03:24:03 GMT
server: 33XP005

GET
H2 200 css
fonts.googleapis.com/ Frame 173E 3 KB
651 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 02:00:21 GMT
server: ESF
date: Sun, 14 Nov 2021 03:24:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 173E 1 KB
914 B 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 03:01:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 173E 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 03:18:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 173E 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 03:08:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 173E 119 KB
36 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 173E 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 02:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 02:55:42 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 173E 27 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11360
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:34:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 23:30:46 GMT

GET
DATA 200
OK truncated
/ Frame 4C94 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbcfaa77e1357c3a3b879e2e78de15026ae22416ffb1bebed4628a25af101bc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame CD3E 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: 1look4.com
URL: http://1look4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame DEF7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZCBUznQevEiXw5udH9IbwAABFgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJJjHn72v4VUbnLfRaijAL0&google_cver=1

43 B
315 B

10ms
10ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJJjHn72v4VUbnLfRaijAL0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sun, 14 Nov 2021 03:24:04 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJJjHn72v4VUbnLfRaijAL0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame DEF7 70 B
264 B 74ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DEF7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZCBUznQevEiXw5udH9IbwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHigyIEy2VM1EOGA7MO7hYU&google_cver=1&gdpr=1

43 B
999 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHigyIEy2VM1EOGA7MO7hYU&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 03:24:04 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHigyIEy2VM1EOGA7MO7hYU&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DEF7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZCBUznQevEiXw5udH9IbwAABFgAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZCBUznQevEiXw5udH9IbwAABFgAAAAB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZCBUznQevEiXw5udH9IbwAABFgAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JHGXZDN22PB4MHH0SZ73
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: R71SBNZJ74TFP47WB44N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZCBUznQevEiXw5udH9IbwAABFgAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame DEF7 0
0 41ms
12ms Image
text/html 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame DEF7
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
278 B

12ms
12ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 Nov 2021 03:24:04 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Sun, 14 Nov 2021 03:24:04 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 13 Nov 2021 03:24:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DEF7
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821696928264

43 B
1 KB

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821696928264
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 03:24:04 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821696928264
Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame DEF7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=67f76190-8153-4100-b31e-5fcc1390abe1&gdpr=1&gdpr_consent=

43 B
1008 B

25ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=67f76190-8153-4100-b31e-5fcc1390abe1&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 03:24:04 GMT

Redirect headers

Date: Sun, 14 Nov 2021 03:24:04 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=67f76190-8153-4100-b31e-5fcc1390abe1&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 14 Nov 2021 03:24:03 GMT

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame DEF7 35 B
197 B 121ms
120ms Image
image/gif 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YZCBUznQevEiXw5udH9IbwAA%261112
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 6add1fed2ecb4a73-FRA
content-length: 35
expires: Sat, 14 Nov 2020 03:24:04 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8729 143 B
222 B 9ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 02:37:41 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2783
alt-svc: clear

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1766.011-3.025/ 123 KB
46 KB 21ms
21ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1766.011-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray: 6add1feddf304a73-FRA
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 08:35:24 GMT
server: cloudflare
age: 8930
etag: W/"1eb61-5d06b1b77e84e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Tue, 14 Dec 2021 00:55:14 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 310 KB
106 KB 48ms
8ms Script
application/javascript 2600:9000:20eb:6400:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 357b5aff9248d4ae642ce44990867624a33c9ea1cca2e91335b600e3605659a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 17:41:09 GMT
Content-Encoding: gzip
Age: 34975
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Sat, 13 Nov 2021 17:41:09 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: rITqbozX3DKBbm9SujtX1fXSxc5GzchUV5elLs6Nqzu4tHhoG0Pzdg==
Expires: Sun, 14 Nov 2021 17:41:09 GMT

GET
H2 200 container.html Show response
resources.infolinks.com/static/ Frame 119A 257 B
329 B 19ms
18ms Document
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/container.html
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f200dd381332cbd68d65ecfecf03e80e09e990a78e57cea26c0c7332cf9c7606

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/

Response headers

date: Sun, 14 Nov 2021 03:24:04 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 15 Feb 2021 07:25:02 GMT
cache-control: max-age=2592000
expires: Tue, 14 Dec 2021 00:01:20 GMT
via: 1.1 google
cf-cache-status: HIT
age: 12164
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6add1fedef414a73-FRA
content-encoding: gzip

GET
H/1.1 200
OK dcl.htm Show response
rt3043.infolinks.com/action/ 0
347 B 178ms
175ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/dcl.htm?rid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&jsv=1766.011-3.025&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 6add1fee2e632bca-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dcl.htm Show response
rt3043.infolinks.com/action/ 0
347 B 210ms
207ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/dcl.htm?rid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&jsv=1766.011-3.025&capara=%7B%22intag_markers%22%3A1%2C%22mode%22%3A%22default%22%2C%22clObj%22%3A%7B%220%22%3A%7B%22aboveTheFold%22%3A0%2C%22top%22%3A4297%2C%22docHeight%22%3A1200%2C%22width%22%3A1140%2C%22index%22%3A0%2C%22hooksCount%22%3A12%2C%22lines%22%3A1%7D%7D%7D
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 6add1fee5a1b1f45-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dcl.htm Show response
rt3043.infolinks.com/action/ 0
347 B 182ms
179ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/dcl.htm?rid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&jsv=1766.011-3.025&capara=%7B%22failedAlgos%22%3A%22aapalgo%22%7D
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 6add1fee5a85435d-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK getads.htm Show response
rt3043.infolinks.com/action/ 0
348 B 192ms
189ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/getads.htm?hks=%5B%5D&rid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&jsv=1766.011-3.025&sr=1600X1200&rts=1636860243802&cfv=-1&cb=singleGetAdsResponse&os=Windows&ov=10&br=Chrome&bv=95.0.4638.54&dv=p&ce=t&purl=http%3A%2F%2F1look4.com%2F&tzo=-0000&c=c&strg=true&rsd=08syPgEXDYUtoljEehpl0Sx0318Ds7a4sjpEluJoYewwmgQECzUN2d1NyR4EgdMaIUpAEU3BvJ5plNg2EyfusUMTIa_L5spG0AvSThXtv7qzGHSaIq3AOaRnb1q04UhG9zlBsDIeidewSMbVruczunnegf8BZxeU&rsk=69&rcs=bgHlhK450fW7J4v13ZDOhA&hbnr=false
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 6add1fee6c6dc2f4-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dcl.htm Show response
rt3043.infolinks.com/action/ 0
347 B 187ms
184ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/dcl.htm?rid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&jsv=1766.011-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A0%7D
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 6add1fee6e3ed6e5-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK loader.gif
resources.infolinks.com/static/skins/ 962 B
1 KB 18ms
18ms Image
image/gif 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://resources.infolinks.com/static/skins/loader.gif
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 03:24:04 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 10874
Cf-Polished: origSize=1631, status=webp_bigger
Connection: keep-alive
Content-Length: 962
Last-Modified: Mon, 14 Nov 2016 12:31:03 GMT
Server: cloudflare
ETag: "65f-54142035d0066"
Vary: Accept-Encoding
Content-Type: image/gif
Expires: Tue, 14 Dec 2021 00:22:50 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 6add1fee5a072b35-FRA
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK loader-bg.png
resources.infolinks.com/static/skins/ 902 B
1 KB 22ms
19ms Image
image/webp 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://resources.infolinks.com/static/skins/loader-bg.png
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 03:24:04 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 13125
Cf-Polished: origFmt=png, origSize=1488
Content-Disposition: inline; filename="loader-bg.webp"
Connection: keep-alive
Content-Length: 902
Last-Modified: Mon, 14 Nov 2016 12:31:03 GMT
Server: cloudflare
ETag: "5d0-541420359b4a6"
Vary: Accept
Content-Type: image/webp
Expires: Mon, 13 Dec 2021 23:45:19 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 6add1fee6f4c05c4-FRA
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK getads.htm Show response
rt3043.infolinks.com/action/ 124 B
583 B 873ms
869ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22achieve%22%2C%22scs%22%3A%22doUtVuE-rj%22%7D%5D&rid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&jsv=1766.011-3.025&sr=1600X1200&rts=1636860243835&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=95.0.4638.54&dv=p&ce=t&purl=http%3A%2F%2F1look4.com%2F&tzo=-0000&c=c&strg=true&rsd=08syPgEXDYUtoljEehpl0Sx0318Ds7a4sjpEluJoYewwmgQECzUN2d1NyR4EgdMaIUpAEU3BvJ5plNg2EyfusUMTIa_L5spG0AvSThXtv7qzGHSaIq3AOaRnb1q04UhG9zlBsDIeidewSMbVruczunnegf8BZxeU&rsk=69&rcs=bgHlhK450fW7J4v13ZDOhA&hbnr=false
Requested by: Host: resources.infolinks.com
URL: http://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde0d9b1bd2ff75b3f9f5c92749ae4e2c0ba1f6fe5a9322f09e370e544c275b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

CF-RAY: 6add1fee9fef1456-FRA
Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:05 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Language: de-DE
P3P: CP="NON DSP NID OUR COR"
Cache-Control: no-cache,no-store
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8729
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

32ms
31ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 03:24:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 03:24:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 14 Nov 2021 03:24:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: clear

GET
H2 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A05 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: 1look4.com
URL: http://1look4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 06:25:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 06:25:17 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 119A
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=1daf2e01-6114-4617-9195-56af59b87a60=&partner_id=3337
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=1daf2e01-6114-4617-9195-56af59b87a60=&partner_id=3337

95 B
426 B

16ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=1daf2e01-6114-4617-9195-56af59b87a60=&partner_id=3337

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container.html

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://resources.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=1daf2e01-6114-4617-9195-56af59b87a60=&partner_id=3337
date: Sun, 14 Nov 2021 03:24:04 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
712 B 466ms
122ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=NvLePNApUoKWNdOtjGzFibDuwgUXGogd-FE7fPshldVrrKDwf0XLOFUjIPg==-E0zCOsVlblDkPw==&pm_ct=3555bd70ce66c2377a8dca5a&pm_pl=1636860243897&pm_td=8&pid=1000102&en=1.1&callback=__pm_glbl_Pz7NrQBLyhOelzisuxN0Klmw._gc1&tt=if&v=bf28c17
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b29939a065bb5ca467544dd9a5c8bf4fe902e49cd169aff882537bf6af283d5f

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 03:24:04 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: http://1look4.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 5E4F 16 KB
8 KB 8ms
8ms Document
text/html 2600:9000:20eb:6400:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000102
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fea09e4a9d33b00dc8fd1c86941b21949588a97b2f0d6331de0174e397e38850

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Last-Modified: Sat, 13 Nov 2021 02:50:01 GMT
Date: Sat, 13 Nov 2021 17:41:08 GMT
X-Cache: Hit from cloudfront
Via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: yDJ7IXUaqC1S_mXNkXSInLDJHBelZcVrc-Vluy1dkcocMsLBaREV3w==
Age: 34976

GET
DATA 200
OK truncated
/ Frame EE5A 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK cf8b4b68-f3c2-47bf-9d27-0e85b433b457
http://1look4.com/ 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://1look4.com/cf8b4b68-f3c2-47bf-9d27-0e85b433b457
Requested by: Host: 1look4.com
URL: http://1look4.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
265 B 331ms
239ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=NvLePNApUoKWNdOtjGzFibDuwgUXGogd-FE7fPshldVrrKDwf0XLOFUjIPg==-E0zCOsVlblDkPw==&pm_ct=3555bd70ce66c2377a8dca5a&pm_pl=1636860243897&pm_td=377&pid=1000102&en=1.1&callback=__pm_glbl_Pz7NrQBLyhOelzisuxN0Klmw._gc2&tt=if&v=bf28c17
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://1look4.com
Date: Sun, 14 Nov 2021 03:24:04 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1look4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
265 B 253ms
118ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=NvLePNApUoKWNdOtjGzFibDuwgUXGogd-FE7fPshldVrrKDwf0XLOFUjIPg==-E0zCOsVlblDkPw==&pm_ct=3555bd70ce66c2377a8dca5a&pm_pl=1636860243897&pm_td=466&pid=1000102&en=1.1&callback=__pm_glbl_Pz7NrQBLyhOelzisuxN0Klmw._gc3&tt=if&v=bf28c17
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://1look4.com
Date: Sun, 14 Nov 2021 03:24:04 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 5E4F 0
564 B 9ms
8ms XHR
text/html 2600:9000:20eb:6400:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000102
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000102
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.ad-score.com/x.html?pid=1000102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 17:41:08 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 13 Nov 2021 02:50:01 GMT
Age: 34976
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: tJxpjWaqsQZKVfflEKAGxwd0whq9ofRXsdf_QkcWv7qgryBQlaTxIA==
Via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
265 B 278ms
114ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=NvLePNApUoKWNdOtjGzFibDuwgUXGogd-FE7fPshldVrrKDwf0XLOFUjIPg==-E0zCOsVlblDkPw==&pm_ct=3555bd70ce66c2377a8dca5a&pm_pl=1636860243897&pm_td=531&pid=1000102&en=1.1&callback=__pm_glbl_Pz7NrQBLyhOelzisuxN0Klmw._gc4&tt=if&v=bf28c17
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://1look4.com
Date: Sun, 14 Nov 2021 03:24:05 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
265 B 200ms
114ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=NvLePNApUoKWNdOtjGzFibDuwgUXGogd-FE7fPshldVrrKDwf0XLOFUjIPg==-E0zCOsVlblDkPw==&pm_ct=3555bd70ce66c2377a8dca5a&pm_pl=1636860243897&pm_td=631&pid=1000102&en=1.1&callback=__pm_glbl_Pz7NrQBLyhOelzisuxN0Klmw._gc5&tt=if&v=bf28c17
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://1look4.com
Date: Sun, 14 Nov 2021 03:24:05 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C94 0
0 47ms
46ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcgG1U4GQYffeC7OrrATTu4TgCdDshadhmo-o2Z0N-Nu6jfkhEAEg3NLQE2CV2oiCmAegAZG3-7wCyAEJqQILlPdm_jKzPqgDAaoE3QFP0BIiNBdJIEGqnlPY3HdupaybQ61eGfJlChM9cjNFxv7HnKKwDBMf3X04f7OBW464VOHS2OMzEd9bn_HfhfZMbC2QXZE6NUa7VU5wBuBOOjTdlGoVPu5xgbnTFn32AKn3SningTecRpQy0emCVO9xVsL2jf71zGm6Bk13JZp5GjU0rOQz0DLzWFKAtyuUzQgo7fvSYBYDrcSekOv_GK1LtI-zITpsakdwoSxEamfgdu_jBvqRMEA--ktGPcb-VO9HJJz-BGKEmJWs1Yhg-ylPw8jq6Y-3MaKeMOXQGMAEypuR67kDoAYugAfXyITDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELvRDdIICQiA4YAQEAEYX4AKAcgLAbgTiCfYEwPQFQGAFwGyFxwKGggAEhRwdWItMzI3NjAzMjA5NjY5NDg1NBgA&sigh=3erRGZajj6g&vt=1&template_id=5000&uach_m=[UACH]

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 14 Nov 2021 03:24:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4C94 42 B
174 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_HsmVxBGIcggGn4-07Q9AkSP9J1mS4m74-jzwJiMBHEWSt0drieqzRvK6f5B9hp44Qjbz3tA3gwgpeoCc_Jexn4ThWdUybNDT1Vv5tGJ4fZp3z8x3lg&sai=AMfl-YTQmkiKe-oEoA6_-qFmzdAvEoWYJdyxQa0wDbyxVVjDSHXsw-Ojb-YFrHO-OISJMW9HaKChRAtQLK_8&sig=Cg0ArKJSzBU0XPAtjuzNEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=178,526,1000,1205,1219&tos=178,348,474,205,14&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&pay=1&rst=1636860243352&rpt=243&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 03:24:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
265 B 520ms
518ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=NvLePNApUoKWNdOtjGzFibDuwgUXGogd-FE7fPshldVrrKDwf0XLOFUjIPg==-E0zCOsVlblDkPw==&pm_ct=3555bd70ce66c2377a8dca5a&pm_pl=1636860243897&pm_td=1331&pid=1000102&en=1.1&callback=__pm_glbl_Pz7NrQBLyhOelzisuxN0Klmw._gc6&tt=if&v=bf28c17
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://1look4.com
Date: Sun, 14 Nov 2021 03:24:06 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
265 B 119ms
118ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=NvLePNApUoKWNdOtjGzFibDuwgUXGogd-FE7fPshldVrrKDwf0XLOFUjIPg==-E0zCOsVlblDkPw==&pm_ct=3555bd70ce66c2377a8dca5a&pm_pl=1636860243897&pm_td=2331&pid=1000102&en=1.1&callback=__pm_glbl_Pz7NrQBLyhOelzisuxN0Klmw._gc7&tt=if&v=bf28c17
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2494762_0&l2=4&l3=Windows&l4=Chrome&l5=1look4.com&ref=http://1look4.com/&pub_domain=1look4.com&utid=f68a3fd9-7532-4932-99f0-e4d6bcfd8950&uid=cuid_1daf2e01-6114-4617-9195-56af59b87a60&uip=168.119.25.199&cb=8182518150246477708
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://1look4.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://1look4.com
Date: Sun, 14 Nov 2021 03:24:06 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1look4.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6781c72cc112edfcb29a53db7ee84b5d
1look4.com/	1969-12-31 23:59:59	Name: _csrf Value: 5b6f4cf642a5f709ff8d7c4814ed5a485b846649d3b65f37c81465742764ce71a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Al4kUKy1n1i6W9v--_bkaf7nTk0gey_J%22%3B%7D
.1look4.com/	1970-01-20 16:12:12	Name: _ga Value: GA1.2.386599458.1636860243
.1look4.com/	1970-01-19 22:42:26	Name: _gid Value: GA1.2.1989522548.1636860243
.1look4.com/	1970-01-19 22:41:00	Name: _gat_gtag_UA_11564248_5 Value: 1
.1look4.com/	1970-01-20 08:02:36	Name: __gads Value: ID=4bfe0709a5e73b37-2256c7a6b2cb00dc:T=1636860243:RT=1636860243:S=ALNI_Mb4ncLnDhmWeiXs7wPOYuVDqn7LjA
1look4.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: a4dd6c22-25a7-49ff-b84e-88b8b1fed03f
.doubleclick.net/	1970-01-20 08:02:36	Name: IDE Value: AHWqTUmK0rTG6U5zndeE8CzbCe6ELmLEU4dlh48sAdPz7G4JqvfyHEsrUV28Q4ph0Lw
.openx.net/	1970-01-20 07:26:36	Name: i Value: 8d4155c4-0f8c-4a43-b698-c55ae98f9b78\|1636860243
.advertising.com/	1970-01-20 07:28:02	Name: APID Value: UP5160e574-44fa-11ec-9bc1-0612add8f72c
.casalemedia.com/	1970-01-20 07:26:36	Name: CMID Value: YZCBUznQevEiXw5udH9IbwAA
.casalemedia.com/	1970-01-20 00:50:36	Name: CMPS Value: 5211
.yahoo.com/	1970-01-20 07:26:57	Name: A3 Value: d=AQABBFOBkGECEOEno7dFtQXWt5Kr-8CW8FwFEgEBAQHSkWGaYQAAAAAA_eMAAA&S=AQAAAiluzNEZqLgDk0twPgQD5g8
.casalemedia.com/	1970-01-20 00:50:36	Name: CMPRO Value: 1112
.adnxs.com/	1970-01-20 00:50:36	Name: uuid2 Value: 1189869411783334987
.pubmatic.com/	1970-01-19 22:42:26	Name: KTPCACOOKIE Value: YES
.analytics.yahoo.com/	1970-01-20 07:28:02	Name: IDSYNC Value: "192u~21ir:18xp~21ir"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP5160e574-44fa-11ec-9bc1-0612add8f72c
.yahoo.com/	1970-01-19 22:42:26	Name: APIDTS Value: 1636860244
.pubmatic.com/	1970-01-20 00:50:36	Name: SyncRTB3 Value: 1638057600%3A220
.pubmatic.com/	1970-01-20 00:50:36	Name: KADUSERCOOKIE Value: B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF
.casalemedia.com/	1970-01-19 22:42:26	Name: CMST Value: YZCBU2GQgVQA
.simpli.fi/	1970-01-20 07:28:02	Name: suid Value: 2D039B0F2E904D87BE119B95AE7369F8
.adsrvr.org/	1970-01-20 07:26:36	Name: TDID Value: 93be419e-d784-4f31-8872-51822c93da37
.mathtag.com/	1970-01-20 08:06:55	Name: uuid Value: 67f76190-8153-4100-b31e-5fcc1390abe1
.rfihub.com/	1970-01-20 08:02:36	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjSzNLM0sjAyMxHiM9St8DE2d6_I9ghzC42S4jU0MzazMDMwMjExNDAAAB368G80AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjSzNLM0sjAyMxHiM9St8DE2d6_I9ghzC40CAExRbTslAAAA
.infolinks.com/	1970-01-19 22:42:26	Name: OXUSERCOOKIE Value: 757a480c-b5df-4238-ad81-3a40750f0d10
.infolinks.com/	1970-01-20 00:50:36	Name: ANUSERCOOKIE Value: 1189869411783334987
.infolinks.com/	1970-01-19 22:42:26	Name: VRUSERCOOKIE Value: y-pMMhempE2uFnTyLUR7Y82pzY7s4D1vm7tfM5Fv8-~A
.infolinks.com/	1970-01-19 22:42:26	Name: IXUSERCOOKIE Value: YZCBUznQevEiXw5udH9IbwAA&1112
.rfihub.com/	1970-01-20 08:02:36	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmxmYWZgZGJiaGCwShyZb2wGAPvKn9ogAAAA
.adsrvr.org/	1970-01-20 07:26:36	Name: TDCPM Value: CAEYBSABKAIyCwisko-MnsqTOhAFOAE.
.cpx.to/	1970-01-20 07:26:36	Name: cpSess Value: 6daad17f5e942a13
.cpx.to/	1970-01-20 07:26:36	Name: dsp_app_nexus Value: 1189869411783334987#1636860244146
.infolinks.com/	1970-01-19 22:42:26	Name: OUTHUSERCOOKIE Value: y-k3Zzps5E2uFIsHZzjG7SRUUIHmYLbLtp~A~UP5160e574-44fa-11ec-9bc1-0612add8f72c
js.ad-score.com/	1970-01-21 18:29:39	Name: token Value: JOKECsQibxiuI-d9k2-DSFGtCJBnExWL
.pubmatic.com/	1970-01-20 00:50:36	Name: PUBMDCID Value: 3
.tynt.com/	1970-01-20 07:26:36	Name: uid Value: 17V1rWGQgVS+KvrlASsxSQ==
.casalemedia.com/	1970-01-20 07:26:36	Name: CMRUM3 Value: 396190815427605107433821696928264&2d6190815305a0&f16190815305a0&0361908154276067f76190-8153-4100-b31e-5fcc1390abe1&27619081530b40&2e6190815305a0&5a6190815305a0&e6619081532760
.1rx.io/	1970-01-20 07:26:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-66431608-481f-4f49-9872-12e38340c91e-003%22%7D
.pubmatic.com/	1970-01-19 22:42:26	Name: pi Value: 156872:3
.pubmatic.com/	1970-01-20 00:50:36	Name: chkChromeAb67Sec Value: 3
.lijit.com/	1970-01-20 07:26:36	Name: ljt_reader Value: d8bfe3a87c0c3f3b48f1e041
.bnmla.com/	1970-01-19 22:41:00	Name: rx_sspurl_1000361 Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D58294f92-c83c-4b49-b225-2386db4ae876
.bnmla.com/	1970-01-19 23:02:36	Name: rx_uuid Value: 58294f92-c83c-4b49-b225-2386db4ae876
.bnmla.com/	1970-01-19 23:02:36	Name: rx_maxage_1000361 Value: 1638156244
.targeting.unrulymedia.com/	1970-01-20 07:26:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-66431608-481f-4f49-9872-12e38340c91e-003%22%7D
.tapad.com/	1970-01-20 00:07:24	Name: TapAd_TS Value: 1636860244293
.tapad.com/	1970-01-20 00:07:24	Name: TapAd_DID Value: dd6da70b-9293-4a0d-b580-03bfe8954b8a
1look4.com/	1970-01-19 22:42:26	Name: pmtimesig Value: [[1636860243907,0]]
.doubleclick.net/	1970-01-19 22:41:03	Name: DSID Value: NO_DATA
.infolinks.com/	1970-01-19 22:42:26	Name: ZTUSERCOOKIE Value: 5107433821696928264
.tapad.com/	1970-01-20 00:07:24	Name: TapAd_3WAY_SYNCS Value:
.infolinks.com/	1970-01-19 22:42:26	Name: R1USERCOOKIE Value: RX-66431608-481f-4f49-9872-12e38340c91e-003
.infolinks.com/	1970-01-19 22:42:26	Name: PUBMUSERCOOKIE Value: B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF
.infolinks.com/	1970-01-20 00:50:36	Name: ZMNUSERCOOKIE Value: ""
.infolinks.com/	1970-01-19 22:42:26	Name: KADUSERCOOKIE Value: B9AFEFDB-1DA2-4B9A-84A4-62A8FC24A2FF~1636860331120
data.ad-score.com/	1970-01-21 18:30:18	Name: token Value: CPxXvWBueuPbm-vgl9-heAryIUZAPahK
.bnmla.com/	1970-01-19 22:41:00	Name: rx_sspid_1000361 Value: 170_213
.infolinks.com/	1970-01-19 22:42:26	Name: SOVRNUSERCOOKIE Value: d8bfe3a87c0c3f3b48f1e041
.technoratimedia.com/	1970-01-21 18:29:00	Name: tads_uid Value: GDPR

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://1look4.com/assets/efe21797/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://1look4.com/assets/efe21797/app.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3276032096694854&fa=1&ifi=3&uci=a!3&btvi=1 Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1look4.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
cm.g.doubleclick.net
data.ad-score.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fonts.googleapis.com
free.pagepeeker.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
js.ad-score.com
match.adsrvr.org
match.bnmla.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.tapad.com
resources.infolinks.com
router.infolinks.com
rt3043.infolinks.com
s.amazon-adsystem.com
s.cpx.to
secure.adnxs.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
via.placeholder.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
130.211.115.4
142.250.185.130
15.197.193.217
150.136.222.2
159.122.14.34
172.217.16.130
172.66.41.9
172.66.42.247
174.137.133.49
176.9.106.58
178.162.133.149
18.156.0.31
185.29.132.241
185.33.220.100
185.64.189.110
185.64.190.79
185.64.190.81
193.0.160.129
2.18.234.21
208.100.17.187
208.91.199.181
209.54.180.3
213.19.147.44
2600:9000:20eb:6400:a:deb0:3380:93a1
2606:4700:3108::ac42:2b15
2a00:1450:4001:801::2003
2a00:1450:4001:808::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
3.122.145.244
35.227.248.159
35.244.159.8
38.27.122.158
51.89.9.254
54.77.182.98
67.202.105.24
70.42.32.191
72.251.249.13
049b5e7b422cca7a0f192cc7445f3d9ff000ba7ab2430a71f1c8b9f3340f63f8
04f23594376a72e58735f6fafbee0860c5346278c094861e32a4a861c2cad54a
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
1516b8ec64f363cc55b8faf7c479fff5ae9302a3de2fd99963cb9fcbfefffef8
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20e94bd57d897b4213821d2b0b9bd6b9b1faa071fd8551535b2abb80c479bfef
2e32ce50aaf34d573d38ac8020d40103e991ec3185bf5e6061ca5fad829ce945
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
357b5aff9248d4ae642ce44990867624a33c9ea1cca2e91335b600e3605659a9
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
382f696e29144b587f80ebc1ddece499dc5ae31f794329d45cbf495174849178
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
41eb27d1f2327c903455f1adce6d0a81ae51a3d782ce891d36830f91eedb4b11
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5dea6c744c4089bf1e102e2c28e1083cd29b8cd9125d813b3184a7c53ec7209d
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c3f85e4bd32903fb4c7c8404456c91e4decf6903d9c845fb3b5ec5c7f5e53e
624b887c603ecda34951afe9a2e395123946d03bb9583240deb291c512f785a3
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66d34755720965b731d75bde11087db2475d50c3779d4c6ac6e5915472c4f289
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1024684a031f54a865ce6dfad1c1354298ae8e429ffeff9fb7b1bc781e2607
6f56856a9632fa766f619a4a6f8a21508d9eb9d2efbbf5c2f9784df0bf3b0202
72021bc249a742dfcd71bd637e1f635e4ca4c946d956d31531edf72b6ed10fb5
77224dca64e54d2c16bd311714c86734973a85e2fd4aa0a4e2218b329f69896c
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
7935e6d0f7278c760cd580d4904437bd87d9c45d417dfa58196cf6945aa60ab8
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd5d5a0abcff8f298ca04608656cc44706aaea54b1752a213d60653ab8effc5
9b13cd2a8205bc8ca415457689ab6545ecbd2e0587e37ba8106fdb8d79d540b2
9c882830dd05d3191c8e2745908de7235e6687978d0f76d3b856853acc948681
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b04bedb4456618d85779de8585b8f906d8e363dacae0688845b5b64764b8a399
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29939a065bb5ca467544dd9a5c8bf4fe902e49cd169aff882537bf6af283d5f
b3de79e2d0a2c96bffc6008f121ceab0102c72bf9af54a358038080fe8939445
b47e23319e2d2db38c24bc6924c16cc236a02b31adc8e4a6d6881eea09579c43
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b4d34e3a26e41e6ee6cecefd0cc840933c368cfa7cb335823b9ed9fe01b724c7
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4334b99cbddcdffe2aa1bd63622ea5c6601c2f6744f91832b4ffc989692debc
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
ca1c2e8f8e2c7e6a6b59f88642334c19180a334ddd51aab45906a72fd64799fa
cbcfaa77e1357c3a3b879e2e78de15026ae22416ffb1bebed4628a25af101bc2
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d25b093ff275c3e96365f7a319e532d615542df62a008ab71ba75e9abf475302
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
dfb5a05ef1051553bfd881355e82d4bf91516063af06b85d137fdf2d2d2ce057
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f200dd381332cbd68d65ecfecf03e80e09e990a78e57cea26c0c7332cf9c7606
f51c466e2f5f9cc1c5f6dc04547a8b7323b7c7babf0f16a3663d1dda8b912327
fcacc52087f49227d4b0ea520524a5727834b7a45b2088479bc2cabd19244fe7
fde0d9b1bd2ff75b3f9f5c92749ae4e2c0ba1f6fe5a9322f09e370e544c275b6
fe5858bc0ab0bbdcb70fe012b04ac1e3ca5393c34bf22ff6d9904e110b1ea739
fea09e4a9d33b00dc8fd1c86941b21949588a97b2f0d6331de0174e397e38850

1look4.com Open in urlscan Pro 208.91.199.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

119 Requests

55 %HTTPS

29 %IPv6

39 Domains

49 Subdomains

32 IPs

5 Countries

1275 kBTransfer

3379 kBSize

62 Cookies

0 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1look4.com Open in urlscan Pro
208.91.199.181 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

55 %
HTTPS

29 %
IPv6

39
Domains

49
Subdomains

32
IPs

5
Countries

1275 kB
Transfer

3379 kB
Size

62
Cookies

119 HTTP transactions
5 data transactions