custservice.org Open in urlscan Pro
2606:4700:3033::6815:4bba Public Scan

Go To Rescan
Add Verdict Report

URL:
https://custservice.org/lamisil-customer-service/
Submission: On January 30 via manual (January 30th 2023, 6:39:34 am UTC) from US — Scanned from DE

Summary HTTP 111 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 17 domains to perform 111 HTTP transactions. The main IP is 2606:4700:3033::6815:4bba, located in United States and belongs to CLOUDFLARENET, US. The main domain is custservice.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.

This is the only time custservice.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3033::6815:4bba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
19	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
6	2600:9000:21f... 2600:9000:21f3:6000:1f:e2ee:200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:82c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.28.222.11 185.28.222.11	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
11	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
111	26

19 2606:4700:3033::6815:4bba (United States)

ASN13335 (CLOUDFLARENET, US)

custservice.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl16934880.trustedcpmrevenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

www.effectivedisplaycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:6000:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

aff.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:82c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.28.222.11 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	foremedia.net platform.foremedia.net — Cisco Umbrella Rank: 235968	15 KB
19	custservice.org custservice.org	263 KB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 pix.eu.criteo.net — Cisco Umbrella Rank: 7989 csm.eu.criteo.net — Cisco Umbrella Rank: 7891	180 KB
14	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	184 KB
13	googlesyndication.com 71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	58 KB
6	bstatic.com aff.bstatic.com — Cisco Umbrella Rank: 22816 cf.bstatic.com — Cisco Umbrella Rank: 12701 r.bstatic.com — Cisco Umbrella Rank: 74413	56 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12826 ads.eu.criteo.com — Cisco Umbrella Rank: 7817 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9740	48 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8741	818 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
3	effectivedisplaycontent.com www.effectivedisplaycontent.com — Cisco Umbrella Rank: 543194
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	130 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	48 KB
1	booking.com www.booking.com — Cisco Umbrella Rank: 7858	2 KB
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 17039	887 B
1	trustedcpmrevenue.com pl16934880.trustedcpmrevenue.com
111	17

	Domain	Requested by
19	platform.foremedia.net	custservice.org platform.foremedia.net
19	custservice.org	custservice.org
14	securepubads.g.doubleclick.net	platform.foremedia.net securepubads.g.doubleclick.net custservice.org
11	static.criteo.net	ads.eu.criteo.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
3	pix.eu.criteo.net	ads.eu.criteo.com
3	r.bstatic.com	cf.bstatic.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.effectivedisplaycontent.com	custservice.org
3	www.googletagmanager.com	custservice.org platform.foremedia.net www.googletagmanager.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cf.bstatic.com	www.booking.com
2	71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
1	ads.eu.criteo.com	71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	custservice.org
1	www.google.com	tpc.googlesyndication.com
1	www.booking.com	aff.bstatic.com
1	ipapi.co	custservice.org
1	aff.bstatic.com	custservice.org
1	pl16934880.trustedcpmrevenue.com	custservice.org
111	26

This site contains links to these domains. Also see Links.

Domain
www.lamisilat.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
trustedcpmrevenue.com R3	`2022-12-20` - `2023-03-20`	3 months	crt.sh
effectivedisplaycontent.com R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.bstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-21` - `2023-10-11`	a year	crt.sh
*.booking.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-21` - `2023-09-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://custservice.org/lamisil-customer-service/
Frame ID: 49DE35F0E07AD93ABFDF8E9690343B62
Requests: 74 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=en&aid=2174231&target_aid=2174231&tmpl=affiliate_banner&fid=1675060769046&
Frame ID: F639D6887878FC51CAECF30C749AFDF2
Requests: 6 HTTP requests in this frame

Frame: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E5702B6D973F20BF8D180CF681447EA6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CA27ABD08B093573D208A8D6ABE5BA05
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 69177A62BD3D2DB950E96C818F57E07E
Requests: 2 HTTP requests in this frame

Frame: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7638C8DE51844DD115382D4E7CCCB271
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9dmIQAODpwKd5rcAAO5NpiCzyEsKvc-mvjqSw&u=%7CdBIFF8%2B4Dgaw%2BExPcDDul6EiLar1mN%2FtWlNr6LOKnWA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIIU1jSrWx0zP7lJUncN49NALS2ZcKgOZ7rIXILwoG0Q4NObNtPsbf2rQQCIc9cWHtdIKd2u8xl-l5ptLsK_3NiGG8zu_dfgzPhinpqG0le41zqq4iNV_9WiGQmGL2IVWHUafCNyFaClM-CDxplRYYBhvWqlUGGBrhuYJqUZI6xdK817YwAZhKsUp2_gVQlz6QYAeVMGDvLjESEUx15cgVlJ1lO72zNAmrcKEYvZSbxSgvm1RYIfwSzch4UzOBnpdqoh466gqZkUFEepXUGlskl2Y4nrOBNUBfi7Hgj5_5YOCUyIvmYjQkYI18lVA_LiYEegYQ7Hl80tqYb_gJqihaJLCyO8bXvz9oJCyjVNb_d9EP2HN6N0uN0eZacvGlLFX-1DcA82YlyUtLuIZk1C2tFjU0pfL_JbYX6i5O4aj4fLZ6uUedgPHnL9dmq4xYE3OdSemr-Pl72Hf-CkOYdVF23kdoWm8B6pY9zj50KYuGsu2F6VzMOW-t5gd2ummlJqUgHq_TwZJxBkaiwL91a6jNEdrAt7BYGkhWPTQm9mqb-W3miXRtbi8qZI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf2RfIWbXY5ydONy13gO28o7YAsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5McgBCakC2FH_lG07sj7gAgCoAwGqBOsBT9C_QD8FfbTaEySUKlXwHEWOQhanEod-ATg2jNqbVjAQfntRkSw6Y7MuNGGDRCUZCWu9M_3K4TVMtlfrd_ZCRPFhHudqpDtdhgwLRaSZb_QgWHDdQLXUBZoIvxkppO8wxnyvqwYiJTF29xtcNm8sSgFM34gxwhXmsEYB2UUX4XJBuxI-QqFvsxLaU9FwpfK9j5JqX8OWvDxfObQ-gNK4WUVceMyi3NaI3hYwHNVGR9zL9cK8681mpiMpP--h7jGtepgjKxkEWvA7_-8PRQMlxEYgSfrLOz7Zs_kbi1M-YQJ-pSYWxznaQnaon-AEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Fym4zdjk8BkW1J8ziym6UsyCUuQ%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: E507C63834CED5A49E7A7247E5AA6016
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lamisil Customer Support - How to Contact - Customer Service

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

111
Requests

100 %
HTTPS

84 %
IPv6

17
Domains

26
Subdomains

26
IPs

5
Countries

1012 kB
Transfer

2488 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lamisilat.com/
Title: Lamisil website

Search URL Search Domain Scan URL

URL: https://www.lamisilat.com/contact-us/
Title: click here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

111 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
custservice.org/lamisil-customer-service/ 116 KB
27 KB 109ms
52ms Document
text/html 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/lamisil-customer-service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 638d987680db5b6a3cf5cc9ee0f811acdfc75070db805cf2bc46ac8b3cf0beb3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 791835e7fb119c01-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 30 Jan 2023 06:39:28 GMT
expires: Mon, 30 Jan 2023 06:39:28 GMT
last-modified: Sun, 29 Jan 2023 19:42:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ss%2FZ9GIze31tSG4kPlUtnCj87zIchT5o2tbdLvIHGJQZ7hjY25EbbX6VWSqtMqjIoFGMMIefyVOoMVD5nMUc0hR1z7vteIZB85mRmKMVSodnVmMybICieKYubZe%2FW65cxyj2U%2BODkRTttonZkd0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
x-cache: MISS

GET
H2 200 062a4154750b2571ad136902e76c3206.css
custservice.org/wp-content/cache/min/1/ 289 KB
52 KB 22ms
20ms Stylesheet
text/css 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/cache/min/1/062a4154750b2571ad136902e76c3206.css
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54265b03aac037504768b8fb803185f5ed58125bafb631bd374b0280e38698f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82241
cf-polished: origSize=295817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 23 Dec 2022 13:35:14 GMT
server: cloudflare
etag: W/"63a5ae92-48389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BZO33OWbFqffvtEY%2BolIxTyCxLEWpZuYRCG4nN3K46W4Ew1phPdgDvmJPcGxCpm9qWFIiK8BAA3cA4mMzbzrEtZ4GX8SiaQXUii%2BT7qtMh%2FVTeKW6bEc6La%2FcG90N7AERc67%2F1ytO6F72Mmm%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 791835e85ba69c01-FRA

GET
H2 200 jquery.min.js Show response
custservice.org/wp-includes/js/jquery/ 88 KB
32 KB 43ms
42ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 16:02:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63692c00-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgkCZvsJBo1h3qxGsJj9Vl0U9SFpn9vM8bQalTJkpAuKgmJwdZlYUSj084nBv%2BIwnUcgmbXJntxa6TzBlUX9CLGsVK%2BFYsucN%2FKM0Pl7tJg7BxcmOTAU6IUtJVUVs0xy9zm1I35Gs1WjJbe9JYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835e85ba89c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
custservice.org/wp-includes/js/jquery/ 11 KB
5 KB 90ms
90ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jan 2022 13:10:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61d2f5d1-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9Y%2FY3J5KTw%2BQrk9m7qHh%2F52aLV9U11WA30f6BudkkFKoze0GNM%2FozU%2BjRXjr30zBLCF198hgW3EXLCSGRf2bSbr7wg05AXs3vP7fsctUvI8JUWwGvEFmmXzFOFxUzzH%2F%2FWncgKHdq1JNUDHrPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835ea9c51bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cookie-law-info-public.js Show response
custservice.org/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 39 KB
10 KB 40ms
40ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.7
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51aaa102a38e781229d7ccf4572538d580f51d9edb2c59fdd94875f0a0c4d322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 03 Jan 2022 13:10:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=50720
etag: W/"61d2f5ce-c620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CFrdre980fehenMEWF5mgrPB2bhYBZ1MtGRf%2FLricrXWLF9mL3GCVJeL1uJxyi2ZQX31bKcEMHAOx9ko9DJnMeFiOs0qpztaa48ivq%2B1SZ5nggHfD9c%2FILFGSS2IXIaQgDHgQVvM9gVu6Gktxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835ea9c55bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cookie-law-info-ccpa.js Show response
custservice.org/wp-content/plugins/webtoffee-gdpr-cookie-consent/admin/modules/ccpa/assets/js/ 6 KB
2 KB 86ms
82ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/webtoffee-gdpr-cookie-consent/admin/modules/ccpa/assets/js/cookie-law-info-ccpa.js?ver=2.3.7
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb98e186ac26f3c45bf690ff488f9d1d73de6b0d973afccc2228e462f7951bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 03 Jan 2022 13:10:38 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8502
etag: W/"61d2f5ce-2136"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6dhy5NcEIDR5ibhP6Xo2ZI6oIA5lPYufcEEk4dYBKORK9qd956ZG%2Fgyq7Bp%2BtIjnkybLGANJmFuUckvlDi1g4TJN8JogXi1XsfU%2Bcfz3vvqiYzmlKcsCFCWW4sWf3oZ4uQvck2UDuR6s4XG20c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac65bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 advanced.min.js Show response
custservice.org/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 95ms
91ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.39.2
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 18:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63d2c991-1c67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Qed2SqJpCDCLw6gkawnaGqBTWjxqMYh5m4%2BLUpbHqI5vAcFZRWBx%2FMrDuTi%2FC5H2fdTTgPsTqI6HZ79TWR3HSTHqxojvJB705trQ1b1e22GxtnyfsjBIvOWbqyh3h7R6MlnUNVpcJLZrH7YIvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac66bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 50ms
23ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-160276790-1

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c074aff5d52dc23de293863876ebc7ab3b6384dfe42e88a0714e026003e05b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44094
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 06:39:28 GMT

GET
H2 200 analytics Show response
platform.foremedia.net/code/8363/ 1 KB
706 B 363ms
327ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/analytics

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf80c5339537c46ff1f432686b5a35e00b2aa9e1167d4e21f021b95b1e14275d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPzeMiuu%2BgjW4%2BxQ76kPK%2FE6%2F%2BEHQEVsQ2hSopLanH2S%2F7rYza13AJNrrmg9AhD0ytsBZwRXIgGdxt%2Fr6x4LJNUHQQycXUjHSkcCCkecopwCryn4Y1SyoOhma2dMIbZCEYR0KwcNW3iRYNl5pRvLXzP3pnWr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835e888f4bbfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 c1 Show response
platform.foremedia.net/code/8363/ 1 KB
721 B 327ms
322ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/c1

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8ec062a7846dc019f43180a3247f4f45284361361b4925ea95047d4f6201545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vL5EFHbs0q0w0NS5c%2BwcAsbYh3hc7%2FIel4XXsruCFYt%2BtJ5zWd5ocHpdtAr4cFAiS9FHjM%2BipBnxu0BUB4A0P%2FYpY%2FoN7KMoASxLgnsy2OJ3qv9LJkjJjWRzjJ3DsGBcZZhYJjHHfhkPrFGpHVfmm%2FShBp2A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835eaad37bbfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 c2 Show response
platform.foremedia.net/code/8363/ 1 KB
725 B 368ms
332ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/c2

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64842dba3f319b0c8daec3372c49a9244cfc14d78fecd8b805b2b62e89413f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzezkglGIv6LEP9pskh3wAukrFwJTYvPyYmq3jEJxal6UQOZxqDCa2UGPpGVUZhb6ahi8CBpJqXuHcn5mXln9%2FTROM8zACCrsE%2FpXpRnuP6KP1MO2JVjzuTfuQuQDbn3Q5a7E0Suetvmhxqs4EzYHm2UBDFr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835e888f7bbfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 e1 Show response
platform.foremedia.net/code/8363/ 1 KB
733 B 362ms
326ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/e1

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff9ea3dfa2919916d9902daa917c67a2d20d217e125bdc3e8fe4c7a74e193b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJkmCfnzEpxBBP3LcQdHonbUCrv%2BLQlURzz9tRLDNIZRNNs6UzUoQLLmc1heFIaWglexvPN3NbdyBn8D3yuHMRkUoxDXmORMP0wAOx6L602qSWLutVtS%2BUKIkoQFEO4UbqOBqLiPs7FQz6jC1Calt4mbQckG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835e888f9bbfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
custservice.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
10ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://custservice.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ce6a10-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emEYCwIECkXR8jo6w%2BC92nmJ6GDlpXvGIwh3kRJ1ktd3dMebsB5IVmEwSdjqQuU3nB9BI3bq5VvKjbZ85ukqOTI6JhhP9OzSBUaH0Ra044K9rX%2Ftb7bnr%2FXXFCxuqYUztSUOdF1bwXmZXeT8DIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 791835e85ba79c01-FRA
expires: Wed, 01 Feb 2023 06:39:28 GMT

GET
H/1.1 403
Forbidden invoke.js
pl16934880.trustedcpmrevenue.com/b3f81ae1741b1aad971549f3a8023b3d/ 0
0 708ms
94ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl16934880.trustedcpmrevenue.com/b3f81ae1741b1aad971549f3a8023b3d/invoke.js
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:39:29 GMT
Server: nginx/1.17.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 c4 Show response
platform.foremedia.net/code/8361/ 0
485 B 358ms
322ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8361/c4

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNiEAmr3Z%2Bmp%2BBATYkIO2LQIjh8Zbb7atlSgasMb69W0hAPj922%2BJNB%2B1YfKPNb61s29%2B5%2FYP6viEPJiFYzHHQrV788wEq%2BGLS9doansm5g2qwNydDLUhaEotrzlmTLpjmBr4hh73ceA7cTEpMqqDLR6OzWE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 791835e888fabbfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 c3 Show response
platform.foremedia.net/code/8363/ 1 KB
716 B 329ms
324ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/c3

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40cef8d6dd7ec48d2e72642bad3254a18698856a821199bc86f3d38a6e85a7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHJ%2Ft%2FaoKnW9et1e6UTAmBTF0TuJ3iaJPfvG85gB3bCnElDajpRo%2BGLok7EQlFF27nyDEuXe%2B%2BBe8xQlnTturbA3A4X3Yb4RVW0Hc20KX5TLrMcayOMGYmfnBZ4ojDsub1df1oa2jjdqN4tHI3qFn57IaY0O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835eaad3bbbfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 c5 Show response
platform.foremedia.net/code/8363/ 1 KB
721 B 329ms
326ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/c5

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d948f5a683d370556d14d5d68d76cfc74204ab2075eaf0ec76004124f59e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUnCHnY9%2BFp6cr6On0C5N348YFta3DznhOFDRUNWlNG2a12YJrlZGDsviLvqO4k4ISzr0i5F3LuexKBvc4dCAp9NjLFd%2BdCxL%2FtlVGl4Htc%2FJHj8TF9vNpbwxf4%2FGHpJT%2BaldKwovTQ40Pf3wkEv8TZXxNgO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835eaad3ebbfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
custservice.org/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 87ms
84ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 18:42:30 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"63d2c996-2945"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWUoA3ZVKz7RC%2BaK1RxoiNP86L5SQ5d6LGmeoqoYe1VkfIAvkR7mabbwJ2yXUasnCzmbJjOLA7eKukQlXh3M6WKpxGFZThHE6Eyx6EwsLx0d2NB5j8EvDNpLJhB0ADbD9djUXLdYnkU6yJQ%2BkHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac67bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
custservice.org/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 90ms
87ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 26 Jan 2023 18:42:30 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"63d2c996-31d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Itvm9sVfCx0MBxY40WFvWX9RkklHTvc%2BdT7EDuz0AgnMG%2BijDIsN62%2BPls2tUzWPpSU2EuVbL2UwQFBWYpwnUWjEYc56gDK4iasWOyxxHtaUrG%2BxrEpAmRCusVF2%2FKe1kG7Hm8DY4PHOogUry00%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac69bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cv.js Show response
custservice.org/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 23 KB
7 KB 93ms
91ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.5.0.1
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d061f9626d9361fad79e4fc876baea08ff330d55c8e8b8dbb6a2b390e6d8961e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 06:44:06 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=23328
etag: W/"637dc136-5b20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxXXA4LcgEd3NsI1wzcTVHcd0qNUivv5uhsog2r01prFYevH2Hyi0ZYyKuMrQLdbics%2FVYOFguWiZ1tmLgAoRBl4N2l0yLYKWhxPykQBcbNlI2R6tOXQ4yT2%2FctmI15ZyMFZk0%2BZUDZyP%2BHOePY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac6abc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cvpro.min.js Show response
custservice.org/wp-content/plugins/pt-content-views-pro/public/assets/js/ 159 KB
47 KB 51ms
48ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js?ver=5.9.2.2
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9abf48b05a5fb826342a40514054fbc1391b370efd826d814641b8667814c1ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 21:51:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63925c45-27be9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHu1d4mDJO8jg%2Bk8%2BwUfSM1DgvGQnMZMFImjRa5CRvKlLy7mjPyca3VT2Ne%2FL8ruywWTKrQiZixana9rKB%2BM%2FO8At7t5ksbMrmy3WGmTfdnACJiKq6hPregoGGrm8N5gi0%2B6bJxGwQ9fXlnqYTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac6dbc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 layer.js Show response
custservice.org/wp-content/plugins/advanced-ads-layer/public/assets/js/ 17 KB
5 KB 45ms
43ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/advanced-ads-layer/public/assets/js/layer.js?ver=1.7.5
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0065b495e19946f45a31357b3f1aa48addebfda1ed330b5691027566611a497b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 12 Jun 2022 13:00:13 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=27959
etag: W/"62a5e35d-6d37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2B9wfqFcLkiBlj9EH0WUeXinZInHPpPjwVxJIdegC2MIqp2J4MX8ZBRZXssRoIbpZ7mQ5PnSreyp0pbXOZdEe7CSsFgNB%2B9I6WkZGqlxp%2B83K0k%2B5L2w1h6CAN5eYx%2Bwn1cdHraBBWOnYESVri0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac6fbc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 advanced-ads-pro.min.js Show response
custservice.org/wp-content/plugins/advanced-ads-pro/assets/js/ 6 KB
2 KB 87ms
85ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.21.0
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 11:31:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63bfefae-1834"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Zzo2%2B54tWETtf4vB5tuljV3xDYA%2Fdxs62m%2B0AXx9RoCSUp1ARuvSveIaQExAUe8xQGIDw%2BR%2BF26wQs634h4pxtTRuTX9i7XjwElG4o1qkzSAPqlECFo0mkxD1iIRw%2FJigjRBOSaNq3Ro8DVfJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac71bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 menu.min.js Show response
custservice.org/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 92ms
89ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.2.4
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 10:53:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637f4d2f-1b1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4CjjYiUa05RYR%2B%2Fee%2Btd%2BaV4kVDCnKK1zNYm8nfG0%2BUrmbnfnwvsnvFKd59bIGsFMQ7QRNh4cjnT3uiLQH%2FTUkc8FCjKdcZIRSq5CKGHSzCQLO8qGJtpxjM91FAUGvwjxaC34fSG0V6dj7VxYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac72bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 navigation-search.min.js Show response
custservice.org/wp-content/themes/generatepress/assets/js/ 2 KB
1 KB 91ms
88ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.2.4
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 10:53:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637f4d2f-858"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIZWnZmrPEhkOStoB6gk97Dtx2aDh8GWenhbmav0qU6KziRiSbEMvIPfjimERsHESik9JcXqoZ9npd19ljNBbqhatdtGRoQbHXH8Yj0nfz13YRsVC4JBzQsSSkv%2BZplu5a7dJhzUrICBlsiZnsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac74bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
custservice.org/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 87ms
84ms Script
application/javascript 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 07:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6318480a-2063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yL1ELAzJbKDvWOGGOK58YiUFa8QdatRtcoJLn91I6IMGlQLRghnVVgdeqf31eLV6JlFE5gAzD%2BnhNTb2H9kiGwERLVLJn%2FV0Ziq2PJd8OSlCTKgGlCst2q5B8IqKVuhB8SsLwi3nJXPLU7ZYDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 791835eaac76bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics Show response
platform.foremedia.net/getcode/8363/ 7 KB
2 KB 323ms
321ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/8363/analytics?host=custservice.org

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca959527a92a178ed9fbe3df196bc9ef912a49cfcb3f4b7eeb750fc40fe1b79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3Kks5xZ%2FSmlYpmQ8TjVnd%2BZi%2FyPfYXBup%2B38UURZt%2BxEPdo%2F6GDoR2JxpwUUq303vx9mL0zDd8cEUuUwyczMTPd969pAYomvlUCm3xWuYnq%2FYmo02qc3HilS7XuytX3J%2F03r4y2mgYvP1vMWuKpJqQDBgtH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835eaad40bbfd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 generatepress.woff2
custservice.org/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 86ms
86ms Font
application/font-woff2 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://custservice.org/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: custservice.org
URL: https://custservice.org/wp-content/cache/min/1/062a4154750b2571ad136902e76c3206.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer: https://custservice.org/wp-content/cache/min/1/062a4154750b2571ad136902e76c3206.css
Origin: https://custservice.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 08:37:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "620f5ac3-4f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjB5je5TG6VeUuNEpHZAm09QrhDxogjuCl%2FwmPBKb8KkamrYPA1bmf9BHru9Xal5Ts9baUVge3vjT1iubQUDjoooNQa2A863btPe5kUwoFqeB%2Bh%2Bj%2F3r%2FP8K5l9v%2B0Qn%2BS6c8jrjMiK4xdmFZHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 791835eaac77bc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1264

GET
H3 200 c2 Show response
platform.foremedia.net/getcode/8363/ 1 KB
759 B 325ms
325ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/8363/c2

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/c2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b513e875e77e3544e1259faaf0fb5c0c3b43f254c5f8a6e95c3644e245412d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2Xi5r%2Fj20wjK5RIVDRLJ4KMfT7DQCd%2FqaHnIFQGC6w7mfcPbeHQfkb8wvEQbsmNDDJD%2BWqIIM1%2FEBkNsIcjcz5OEIflJoNrK76WMTpAc1zDSrRvfzNCCPKZI4EZABOZUNMwYCa2fv8BaG7jQA0Z33xyEKFQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835eabe529bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/2f9d106d09a019dab882699af1e881e3/ 0
0 298ms
97ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.effectivedisplaycontent.com/2f9d106d09a019dab882699af1e881e3/invoke.js
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://custservice.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 30 Jan 2023 06:39:28 GMT
Server: nginx/1.17.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160276790-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 04:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6278
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 30 Jan 2023 06:54:50 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 15ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=93261099&t=pageview&_s=1&dl=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&ul=en-us&de=UTF-8&dt=Lamisil%20Customer%20Support%20-%20How%20to%20Contact%20-%20Customer%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1289443898&gjid=71933594&cid=1254599560.1675060769&tid=UA-160276790-1&_gid=1525925510.1675060769&_r=1&_slc=1&gtm=2ou1p0&z=767977665

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://custservice.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:39:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://custservice.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/d124e2acf41912ab82fbe2d05b587794/ 0
0 106ms
105ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.effectivedisplaycontent.com/d124e2acf41912ab82fbe2d05b587794/invoke.js
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://custservice.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 30 Jan 2023 06:39:28 GMT
Server: nginx/1.17.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 18ms
14ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8363/analytics?host=custservice.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

742465277e670a3a02a34bc72016a1f4d893cebc20a3dfea05b0afe43a882243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44097
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 06:39:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 21ms
17ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160276790-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbc7612995c5925cac168b97fea557523a382686cb6b6512a1e86fddbe87291b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44111
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 06:39:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 206ms
116ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8363/analytics?host=custservice.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42ce9ee9e51344dc1182f0d456164af3530858ff5ee4e53303d7982c04ed897b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27567
x-xss-protection: 0
server: sffe
etag: "1467 / 611 of 1000 / last-modified: 1674860937"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 30 Jan 2023 06:39:28 GMT

GET
H3 200 footer Show response
platform.foremedia.net/code/8363/ 1 KB
859 B 327ms
324ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/footer

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8363/analytics?host=custservice.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

503fba493a6affbda4249f0235964c7adf593aea9759aac3d154a803dfe6ba8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3r4HbHBku1Z034tn%2FtpY4%2B9%2Fi5Dhkr8QCydMzX7h6HS%2BI0d1lIrFX22C4ONK3YkAHOnrzzk6M1Bcv%2FwmSbCrBnml43A2APJoawAknS32a0CtWwSmQs25Y2LU7O6MPrmmp%2B6N6%2FQXDOp%2FdLI2OYhFHyn7Sjwh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835ecb9049bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 footer_float Show response
platform.foremedia.net/code/8363/ 1 KB
859 B 331ms
329ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/footer_float

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8363/analytics?host=custservice.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca039e7463f755b1482ff1ea5c07ea6b7fe4bf24287465f8fefac69bef1352c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFFXSsZyk1jP4lfy9REiVi%2B9mCTRT3Cdd6Gq%2FEjRGdi2vJcnPBjKFlXC8Lr7iphN8I6YfZK4Bm8FLsbhkLPo409C%2F1GpBhHINehxY9epQCpVH865kJsjrdeY2xQw6GFipFLDL40TYOwSnDFj3JZcy1zjzMTs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835ecb9069bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 custom14825 Show response
platform.foremedia.net/code/8363/ 1 KB
863 B 328ms
326ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/8363/custom14825

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8363/analytics?host=custservice.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee99d819f3539aead024ce1baf097f7384cd7b6d2b41d46f332f4c3507accf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCL9Vnf%2FxhIL4%2FGF%2FFUyDopi2g%2FNPWzLzPK%2B0glBRdC%2Bfjow%2FNcfjGvGj1BviW2W8wKl%2B%2B9gxSJ5TGfMI%2FK9CumB1YkMBCkqt88VqOh4s4XnWzb%2F4iHdU1sbuYZoVIpWNg%2FdJit6JAO3Y6sGYrQwVn868bc2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835ecb9089bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 c1 Show response
platform.foremedia.net/getcode/8363/ 1 KB
723 B 326ms
325ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/8363/c1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/c1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e9dda78af9e8687ae3410dfece20ccf887f683e17e9fa51179291d06b1989ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djfqc7wDha9KOErLQytDylHYScXC66SXQIqsKzwl5xiUxCRfeXl%2FN0XHTHSpH73v7NUAX7qSpMbNkTCwC%2FWdMbO99Y8FqXTedwijfzYw64o%2F8txMOh4JVVjinqCBrCOep%2FQysYI2W5LDW1LIkHCSc6Sm5sHy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835ecb90e9bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=93261099&t=pageview&_s=1&dl=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&ul=en-us&de=UTF-8&dt=Lamisil%20Customer%20Support%20-%20How%20to%20Contact%20-%20Customer%20Service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=466643777&gjid=1756155915&cid=1254599560.1675060769&tid=UA-182103897-1&_gid=1525925510.1675060769&_r=1&_slc=1&gtm=2ou1p0&z=640237268

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://custservice.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:39:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://custservice.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 e1 Show response
platform.foremedia.net/getcode/8363/ 1 KB
722 B 320ms
319ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/8363/e1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/e1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c34b93467e6fa7b622445cfee563becec57a6839c5c4bd7cd4067acfa0321bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsqK0skMB4HwXh9IlaNjppfd47Gl6ESWkUNQiFFRSd1KLHD1pbilp7P%2B1JjaZ5e3OeYfM8nmTrZzOF77HuvXiUmLkdHarfL764UQZefIt2jCXvwh09Nxm%2BbrlgQtYp%2BSM3GyXQrRK%2F4NSFXxS0a1teyrD%2FXn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835ed4a369bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 flexiproduct.js Show response
aff.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 189ms
28ms Script
application/javascript 2600:9000:21f3:6000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1675060768844

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jun 2022 03:41:28 GMT
server: nginx
etag: W/"62a6b1e8-1849"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: qbVtWdDPJvViMJnK7TyFBkyVpRPxO87ORh_JzqKgiWWV8a4E608VoQ==
expires: Wed, 01 Mar 2023 06:39:29 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 c3 Show response
platform.foremedia.net/getcode/8363/ 1 KB
724 B 328ms
327ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/8363/c3

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6a4fe64e47a90eff031a2cb2759b64a2c3528c8c91bd783eefeda426d952fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPShNJvjDlqOTgfZZ%2FLw%2FK8XpZkexgItSBM3B7oR%2BrnVUgYZ8akBakUDOXFuWNYsBsADgh3vMqhbR2LDowb%2B26v158ZdaUWG9fmkT47zWu%2Fx112EZIjpS7qH7UF0YlA4AeZkAQKG8sC38OMBKxJ232wQsIdW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835ed5a569bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/bca873c1bca82760127ef08666bd2488/ 0
0 102ms
100ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.effectivedisplaycontent.com/bca873c1bca82760127ef08666bd2488/invoke.js
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://custservice.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 30 Jan 2023 06:39:28 GMT
Server: nginx/1.17.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 c5 Show response
platform.foremedia.net/getcode/8363/ 1 KB
720 B 338ms
336ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/8363/c5

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/c5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6727cdefba4d692ce3e7143afd4531f227a9abcacf0d9e3d3eeed9321f0fcf66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fFMkm8tAU76ZmwdSpOOj4lddNcsB1w28wwz9jGSM%2Bp95xG5wmFdJlYiPiHstetOaI%2FVTRypvQj1g89JFX5xalWYArIA7VCodsZsTLUPwZQ2UOQu4Ls%2FdsU7wOzYrLnE3cTw5KfilE3yYxKRtpFaX%2FtpdPmA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835ed6a609bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8277d3b312f84417a05400643587eaa0982065618af9e1cafc8f72316e6fd1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pubads_impl_2023012401.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
130 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529002ff0f1d31928a5090c1f28de571b19464dcd04540a5dcff9be9277dffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 11:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133217
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 09:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Jan 2024 11:53:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 77 B
84 B 96ms
53ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=custservice.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d59d9602402a1b901dc966150533b2ee3c3d4b0560c91b4882d36046b4cc308e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60
x-xss-protection: 0
expires: Mon, 30 Jan 2023 06:39:29 GMT

GET
H3 200 getyourguide-sidebar.jpg
custservice.org/wp-content/uploads/2022/06/ 52 KB
53 KB 100ms
100ms Image
image/jpeg 2606:4700:3033::6815:4bba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://custservice.org/wp-content/uploads/2022/06/getyourguide-sidebar.jpg
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4bba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b422aa255039d8b01f9315740aeb09e4fb7b2f1bb3b37f088a6574c66672070f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/lamisil-customer-service/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Jun 2022 08:08:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62a99364-d1ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hz5AXHCQpHEcVkgcg5SyUq88L0CMCA9Gk6PBPTm%2F4FNhCHnTjq9MK%2BlzzHw5KmQYSkqTpvhn57kYymo4TcrF1FG3ApVObe%2F1TOdBZHpGmcMV9CtNOMpuxYu4%2BgMsGQxax%2BzreYw0cwg%2BZWEZDA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 791835ee698bbc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53676

GET
H2 200 / Show response
ipapi.co/json/ 753 B
887 B 250ms
219ms XHR
application/json 2606:4700:20::681a:82c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: custservice.org
URL: https://custservice.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d77115024ed7950fd62208290e839608641f12d10a0716b584cde0a8a3fbcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://custservice.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, Origin
allow: GET, OPTIONS, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: https://custservice.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfeTpItMdb%2BXAy2OXVwKYxS3uOhDS1o6KDAjbDBDO8zsQUjpqNDX55hr6H31mrjb1UnaqXV4Zljwo%2FmPcHuJ8F8J6tGeIKAgbEv15Yj73k7s0ylgRrLmr07QKaYGW2pWaE050l3%2B"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 791835eea84d9040-FRA

GET
H/1.1 200
OK flexiproduct.html Show response
www.booking.com/ Frame F639 3 KB
2 KB 605ms
371ms Document
text/html 185.28.222.11
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=en&aid=2174231&target_aid=2174231&tmpl=affiliate_banner&fid=1675060769046&

Requested by

Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1675060768844

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.28.222.11 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

158bc043513957c2322a7a534a36ca2e830516e396a6150dac477e792afc1228

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://custservice.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 1112
content-type: text/html; charset=UTF-8
date: Mon, 30 Jan 2023 06:39:29 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: nginx
strict-transport-security: max-age=604800
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 footer Show response
platform.foremedia.net/getcode/8363/ 1 KB
719 B 315ms
314ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/8363/footer

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/footer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d7ac8cf1990271a122cf53437ff7c5e12fc2c475b8ab0fdb9800054f999cbb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mlm%2F1x7wOGrrHVzv8UvctJrXdGR8mG59UosbctKunV7b6rHAkO0xfYDVJsjAy3r5ANG2kY6CWa%2FuQLkem67DdgAWFdWo2v%2Bb3ZvRumXh6Z84ozFypy%2BfrHxwdrQp5YmddmPcUf4QhV71sh9OFe78bm1pIdmv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835eedc969bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 14825 Show response
platform.foremedia.net/getccode/ 709 B
770 B 324ms
324ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getccode/14825

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/custom14825

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

766f193b145932086e9f07933af4d9712521db6553cf42cffed67236bfb7c86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdVq1g%2F5TrrSkOs2nv4qmKEX%2FYiUM8dkz4Dt0BKHkKy86FjvJEU5nH3xb0LG0y82V6yJB%2BKnmRl6Db7K1klFwsjQfvtZH9384qdRnjUMlP%2FKvrRpKl%2B51hLkdxx0qTDIT6RRU1bi1ReL%2FBkrkpiq24Qhdw%2BG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835eeeca29bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 footer_float Show response
platform.foremedia.net/getcode/8363/ 1 KB
740 B 325ms
325ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/8363/footer_float

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8363/footer_float

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ca138eae29ff0c0cf837dd346e9998353340a2bc03ce6d74d6161d76b2842c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlV3Mrg5PG8rMhHzxka7uqO9DxCeIhONneMxltUcTvdcpTaiUpwOfoR0IruW2ye4SVEkTx%2BZB9xwMRQyu2BwdyyMJbLPebWPiZ%2B327kfwdiYw9BtuTXFKrmopxpIuz3eRNa9y8ds5%2BoJCk7XpU%2FD70ef3sli"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 791835eeeca39bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 43ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=custservice.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 42ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=custservice.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
704 B 213ms
212ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C320x480&ifi=1&adks=3619699650&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1675060769122&lmt=1675021378&dlt=1675060768045&idt=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f195702ee81c57c72a26d7965915a367cb308ac07274aee238b454319af45ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E570 6 KB
3 KB 107ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://custservice.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:39:29 GMT
expires: Tue, 30 Jan 2024 06:39:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023012401.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023012401.js?cb=31071868

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64a8580749f8406b3d6e31fccb12c0aeb513cacc64aa07c12323119d8a7a1ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13729
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 09:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Jan 2024 11:47:02 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 560 B
303 B 336ms
336ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=3355497853&sfv=1-0-40&prev_scp=refresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1675060769139&lmt=1675021378&dlt=1675060768045&idt=1027&adxs=290&adys=387&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=670x0&msz=670x0&fws=0&ohw=0&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a529855298f29850143962a1ca8dd47ffdb7eb758bba5e3c4f9ca7993da1675b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 560 B
305 B 499ms
498ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C300x250%7C336x280&ifi=3&adks=2417783875&sfv=1-0-40&prev_scp=refresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1675060769147&lmt=1675021378&dlt=1675060768045&idt=1027&adxs=290&adys=500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=670x0&msz=670x0&fws=0&ohw=0&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b9561e35bcd1adeb584d6354ec34e1457dbbfaa2954ac90433dccb61f6e140e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 34ms
19ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=custservice.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=custservice.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 560 B
309 B 632ms
632ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150&ifi=4&adks=1178603473&sfv=1-0-40&prev_scp=refresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1675060769173&lmt=1675021378&dlt=1675060768045&idt=1027&adxs=290&adys=1121&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=670x0&msz=670x0&fws=0&ohw=0&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56c80980f9b6b0f204bba5d1b667d21622aa024564c350b2d6450441842ffc53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 561 B
306 B 743ms
743ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C250x250&ifi=5&adks=3990569455&sfv=1-0-40&prev_scp=refresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1675060769194&lmt=1675021378&dlt=1675060768045&idt=1027&adxs=1050&adys=214&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=270x0&msz=270x0&fws=0&ohw=0&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c816afc006b6d948f7fc60cc1df4be5274c69b29c2cc921811dc08c853b4823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 861ms
860ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C200x200&ifi=6&adks=3016102451&sfv=1-0-40&prev_scp=refresh%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1675060769210&lmt=1675021378&dlt=1675060768045&idt=1027&adxs=1050&adys=607&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=330x60&msz=270x0&fws=0&ohw=0&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5e06a3e3d2a818dcb08e5d443ea9e231f48f85321e7236be6df21028666652a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10476
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=custservice.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=custservice.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 545 B
280 B 851ms
849ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182%2CFOREMEDIA-USER-556_anchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&adks=3558601427&sfv=1-0-40&ists=1&fas=2&prev_scp=refresh%3Dtrue&sc=1&cookie=ID%3D0073f4fc47f4928f%3AT%3D1675060769%3AS%3DALNI_MZrEIQodvYf5akbklyHshK3_9lGDw&gpic=UID%3D00000bacdf5ade4c%3AT%3D1675060769%3ART%3D1675060769%3AS%3DALNI_MYv2O6sRH2PjIsXVbQXWEoNkBFzaw&abxe=1&dt=1675060769434&lmt=1675021378&dlt=1675060768045&idt=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AD37Y7urBt31nzkYDztIF674bLFl1OgKwpzbkkXlEIAxlEee&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c09fd5b58d3cf08447686505702a93e39fb1e751c16046ed4e05d8a595de2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
161 B 738ms
738ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150&ifi=8&adks=405490228&sfv=1-0-40&prev_scp=refresh%3Dtrue&sc=1&cookie=ID%3D0073f4fc47f4928f%3AT%3D1675060769%3AS%3DALNI_MZrEIQodvYf5akbklyHshK3_9lGDw&gpic=UID%3D00000bacdf5ade4c%3AT%3D1675060769%3ART%3D1675060769%3AS%3DALNI_MYv2O6sRH2PjIsXVbQXWEoNkBFzaw&abxe=1&dt=1675060769438&lmt=1675021378&dlt=1675060768045&idt=1027&adxs=290&adys=940&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=670x1986&msz=670x0&fws=4&ohw=1600&psts=AD37Y7urBt31nzkYDztIF674bLFl1OgKwpzbkkXlEIAxlEee&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd463b02c06c4b1359008e538e39b27322b0059c255d9227f9cf3c63f17d57f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 330 B
161 B 955ms
954ms XHR
text/plain 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3063652407731420&correlator=4188808390530039&eid=31071868%2C31068367&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&iu_parts=21863165165%2C22384329182&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&adks=3956984265&sfv=1-0-40&prev_scp=refresh%3Dtrue&sc=1&cookie=ID%3D0073f4fc47f4928f%3AT%3D1675060769%3AS%3DALNI_MZrEIQodvYf5akbklyHshK3_9lGDw&gpic=UID%3D00000bacdf5ade4c%3AT%3D1675060769%3ART%3D1675060769%3AS%3DALNI_MYv2O6sRH2PjIsXVbQXWEoNkBFzaw&abxe=1&dt=1675060769460&lmt=1675021378&dlt=1675060768045&idt=1027&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcustservice.org%2Flamisil-customer-service%2F&frm=20&vis=1&psz=1600x2834&msz=1600x-1&fws=516&ohw=1600&psts=AD37Y7urBt31nzkYDztIF674bLFl1OgKwpzbkkXlEIAxlEee&ga_vid=1254599560.1675060769&ga_sid=1675060769&ga_hid=93261099&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

466559ee0e338bc32b44e44c346d4e70aad58ebc5103ef89d5121207a8659cab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://custservice.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css
cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/ Frame F639 6 KB
2 KB 9ms
8ms Stylesheet
text/css 2600:9000:21f3:6000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=en&aid=2174231&target_aid=2174231&tmpl=affiliate_banner&fid=1675060769046&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

258a405249df1898ae210d562b7a73457c378e5686bc45a66f2bf709bac59e3d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 05:43:48 GMT
content-encoding: br
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA2-C2
age: 2076941
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Aug 2022 14:40:51 GMT
server: nginx
etag: W/"62ebda73-1931"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: K36GVD7YiRfdW5sD5mINSP4UMJY6xdgznsumKbklT19zoG_WbVnnhg==
expires: Sun, 05 Feb 2023 05:43:48 GMT

GET
H2 200 8f8f91594b07c3401aee5de300e3d1acd54221f6.jpg
r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/728_six/ Frame F639 21 KB
22 KB 45ms
10ms Image
image/jpeg 2600:9000:21f3:6000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/728_six/8f8f91594b07c3401aee5de300e3d1acd54221f6.jpg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

76f0b5a18dc303c68602fb8f2c374cb22ebdfe2167e3dbbe0d7f534f1bd7f5c0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 06:45:54 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA2-C2
age: 2505215
x-cache: Hit from cloudfront
content-length: 21876
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
server: nginx
etag: "5cadd1cc-5574"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DNUz5m8sReI7UhqKirbfKJFHXDqXCtrunV5EzAwxkPQuhELO9MxRPw==
expires: Tue, 31 Jan 2023 06:45:54 GMT

GET
H2 200 0195055111ead85a393fabc53dd83aeb06040b75.svg
r.bstatic.com/static/affiliate_base/img/banners/bookingLogos/booking-com-logo-dark-backgrounds-mono/ Frame F639 8 KB
4 KB 46ms
11ms Image
image/svg+xml 2600:9000:21f3:6000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.bstatic.com/static/affiliate_base/img/banners/bookingLogos/booking-com-logo-dark-backgrounds-mono/0195055111ead85a393fabc53dd83aeb06040b75.svg

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

754da64c4a7344dc24cfd8a781b834e9c2251b8c0bd218c3b582f745e56f44e1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 05:22:03 GMT
content-encoding: br
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA2-C2
age: 1991846
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Aug 2022 08:50:41 GMT
server: nginx
etag: W/"62f0ce61-2110"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: gNhZQ34zrYmET5msOu78KV3zJ8RgVxpE10GC-cNjOGPKzC1GCMgNjQ==
expires: Mon, 06 Feb 2023 05:22:03 GMT

GET
H2 200 5fed8c51212b08fc2d6eecc876d4ee88acb855f7.png
r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/curved_side_104/ Frame F639 450 B
1023 B 46ms
12ms Image
image/png 2600:9000:21f3:6000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.bstatic.com/static/affiliate_base/img/banners/branded_set_1/curved_side_104/5fed8c51212b08fc2d6eecc876d4ee88acb855f7.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/affiliate_banner_1/3d34c0d4d9217136e6b7f6d398462e408e6d37ea.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

630ff3f5e3fb3bc8d9f615285a6a9c7cbe291e4500f5db996293a58a65e0ee5c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 07:11:09 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA2-C2
age: 1726100
x-cache: Hit from cloudfront
content-length: 450
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:47 GMT
server: nginx
etag: "5cadd1cb-1c2"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: QYue41KkwCIw1z3DkU9-CIXtk6oUtkIncwZI9lGHMETt1NRmCPoszA==
expires: Thu, 09 Feb 2023 07:11:09 GMT

GET
H2 200 beb5a35856de848cee8daf0016dd8dec9b1f8e4f.woff
cf.bstatic.com/static/fonts/affiliate_banners/opensans-regular-webfont/ Frame F639 24 KB
25 KB 28ms
9ms Font
application/font-woff 2600:9000:21f3:6000:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/affiliate_banners/opensans-regular-webfont/beb5a35856de848cee8daf0016dd8dec9b1f8e4f.woff

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=banner&w=728&h=90&lang=en&aid=2174231&target_aid=2174231&tmpl=affiliate_banner&fid=1675060769046&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:6000:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 01:49:39 GMT
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA2-C2
age: 536398
x-cache: Hit from cloudfront
content-length: 24852
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
server: nginx
etag: "5cadd1cc-6114"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5dOmKknXDLCv15QHm-DEngn8qZbpH3p7HJ7W9JgBl1A48iH673cEMQ==
expires: Thu, 23 Feb 2023 01:39:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 46ms
22ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99e5258f31656c589af8ed2df7cb5996674b4ba604e8fc67c5ea29ef7378ee17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11280
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 199ms
124ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 06:39:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA27 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://custservice.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 250527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 09:04:02 GMT
expires: Sat, 27 Jan 2024 09:04:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6917 783 B
1 KB 105ms
42ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a432e27a5848cc5eb12df95bf1588380ca9a29c4fb4f647eb02b4621c670c6c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9mC-dYAofZLwgLa4AXSq5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://custservice.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-9mC-dYAofZLwgLa4AXSq5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:39:30 GMT
expires: Mon, 30 Jan 2023 06:39:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 qJHh-aUWlcs1sYgB_nvEplbJ1uLycgbr3tEtSMk_R_c.js Show response
pagead2.googlesyndication.com/bg/ Frame CA27 36 KB
14 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qJHh-aUWlcs1sYgB_nvEplbJ1uLycgbr3tEtSMk_R_c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a891e1f9a51695cb35b18801fe7bc4a656c9d6e2f27206ebded12d48c93f47f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 16:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 16:01:40 GMT

GET
H2 200 container.html Show response
71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7638 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://custservice.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:39:29 GMT
expires: Tue, 30 Jan 2024 06:39:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6917 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012401&jk=3063652407731420&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7638 0
0 62ms
61ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXgxeIWbXY5ydONy13gO28o7YAsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5McgBCakC2FH_lG07sj7gAgCoAwGqBOgBT9C_QD8FfbTaEySUKlXwHEWOQhanEod-ATg2jNqbVjAQfntRkSw6Y7MuNGGDRCUZCWu9M_3K4TVMtlfrd_ZCRPFhHudqpDtdhgwLRaSZb_QgWHDdQLXUBZoIvxkppO8wxnyvqwYiJTF29xtcNm8sSgFM34gxwhXmsEYB2UUX4XJBuxI-QqFvsxLaU9FwpfK9j5JqX8OWvDxfObQ-gNK4WUVceMyi3NaI3hYwHNVGR9zL9cK8681mpiMpP--h7jGtephhKTiW3X-n7FCTUaD1-eDYQO7BjTT3q3uvQ26Yk71giT6Tbb3J_eAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzAxMTk1ODgzNDQxMDg5MRjT2nM&sigh=EEZXlDnw6W0&uach_m=[UACH]&cid=CAQSSwDUE5ymEKydaKAM-ses7a-oyw0lTkSdADXP3E3occQKHIU2NJhzpa-HmF8KioBwh31Tz-wJ3bkpSW8L-gi6WBNYy7oGjKqdKk6iCBgBIBM
Requested by: Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7638 0
0 72ms
19ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMLVC_oB-gGdg2ICAgAAAFBwK4krVyH1ECFm12N0reQE1VD9pdeCQwASAAAKDkFRVURBZ1lCQWdFQkFn&wp=Y9dmIQAODpwKd5rcAAO5NpiCzyEsKvc-mvjqSw

Requested by

Host: custservice.org
URL: https://custservice.org/lamisil-customer-service/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 327654
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E507 139 KB
47 KB 121ms
88ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9dmIQAODpwKd5rcAAO5NpiCzyEsKvc-mvjqSw&u=%7CdBIFF8%2B4Dgaw%2BExPcDDul6EiLar1mN%2FtWlNr6LOKnWA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIIU1jSrWx0zP7lJUncN49NALS2ZcKgOZ7rIXILwoG0Q4NObNtPsbf2rQQCIc9cWHtdIKd2u8xl-l5ptLsK_3NiGG8zu_dfgzPhinpqG0le41zqq4iNV_9WiGQmGL2IVWHUafCNyFaClM-CDxplRYYBhvWqlUGGBrhuYJqUZI6xdK817YwAZhKsUp2_gVQlz6QYAeVMGDvLjESEUx15cgVlJ1lO72zNAmrcKEYvZSbxSgvm1RYIfwSzch4UzOBnpdqoh466gqZkUFEepXUGlskl2Y4nrOBNUBfi7Hgj5_5YOCUyIvmYjQkYI18lVA_LiYEegYQ7Hl80tqYb_gJqihaJLCyO8bXvz9oJCyjVNb_d9EP2HN6N0uN0eZacvGlLFX-1DcA82YlyUtLuIZk1C2tFjU0pfL_JbYX6i5O4aj4fLZ6uUedgPHnL9dmq4xYE3OdSemr-Pl72Hf-CkOYdVF23kdoWm8B6pY9zj50KYuGsu2F6VzMOW-t5gd2ummlJqUgHq_TwZJxBkaiwL91a6jNEdrAt7BYGkhWPTQm9mqb-W3miXRtbi8qZI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf2RfIWbXY5ydONy13gO28o7YAsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5McgBCakC2FH_lG07sj7gAgCoAwGqBOsBT9C_QD8FfbTaEySUKlXwHEWOQhanEod-ATg2jNqbVjAQfntRkSw6Y7MuNGGDRCUZCWu9M_3K4TVMtlfrd_ZCRPFhHudqpDtdhgwLRaSZb_QgWHDdQLXUBZoIvxkppO8wxnyvqwYiJTF29xtcNm8sSgFM34gxwhXmsEYB2UUX4XJBuxI-QqFvsxLaU9FwpfK9j5JqX8OWvDxfObQ-gNK4WUVceMyi3NaI3hYwHNVGR9zL9cK8681mpiMpP--h7jGtepgjKxkEWvA7_-8PRQMlxEYgSfrLOz7Zs_kbi1M-YQJ-pSYWxznaQnaon-AEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Fym4zdjk8BkW1J8ziym6UsyCUuQ%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: 71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
URL: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c636695f9caad4285a33b3f35f434a96093df74ee3bea008434b1a01a97191aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:39:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SJHcGztO4KhPCrpzctdF-_R-GptZEFXTDnwwia8uXnSNYYxC2T5z_LSSfzQOoupnqk0GDvrli4qT58soUrpq7Z4RzBfpi_R5YO7plVvbh9uPPl2BDnYvD4WnnddQpjAq4xCyjsHSqotA2ykQj7YlxBwJK8SPUocpLMY1nT0Eb7IDesjNY8iEvnOgv0eGvTWCf-o1dPQIP55HzNJaPllb7M_xgkL1eaNYhMNdK2EQbdZDlAeYmbnpvPbjU_ileKm4Y6WenA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 68398154
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 7638 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js

Requested by

Host: 71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
URL: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 7638 18 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
URL: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Feb 2023 09:55:14 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7638 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
URL: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 29 Jan 2024 09:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7638 156 KB
48 KB 143ms
81ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
URL: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49065
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674650782302584"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 06:39:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CA27 0
10 B 20ms
20ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?meh6rQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 7638 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c6003974a9de5ef74e52a834c86753302719bf04811237d521530cd3ec8b351

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E507 2 KB
1 KB 276ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9dmIQAODpwKd5rcAAO5NpiCzyEsKvc-mvjqSw&u=%7CdBIFF8%2B4Dgaw%2BExPcDDul6EiLar1mN%2FtWlNr6LOKnWA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIIU1jSrWx0zP7lJUncN49NALS2ZcKgOZ7rIXILwoG0Q4NObNtPsbf2rQQCIc9cWHtdIKd2u8xl-l5ptLsK_3NiGG8zu_dfgzPhinpqG0le41zqq4iNV_9WiGQmGL2IVWHUafCNyFaClM-CDxplRYYBhvWqlUGGBrhuYJqUZI6xdK817YwAZhKsUp2_gVQlz6QYAeVMGDvLjESEUx15cgVlJ1lO72zNAmrcKEYvZSbxSgvm1RYIfwSzch4UzOBnpdqoh466gqZkUFEepXUGlskl2Y4nrOBNUBfi7Hgj5_5YOCUyIvmYjQkYI18lVA_LiYEegYQ7Hl80tqYb_gJqihaJLCyO8bXvz9oJCyjVNb_d9EP2HN6N0uN0eZacvGlLFX-1DcA82YlyUtLuIZk1C2tFjU0pfL_JbYX6i5O4aj4fLZ6uUedgPHnL9dmq4xYE3OdSemr-Pl72Hf-CkOYdVF23kdoWm8B6pY9zj50KYuGsu2F6VzMOW-t5gd2ummlJqUgHq_TwZJxBkaiwL91a6jNEdrAt7BYGkhWPTQm9mqb-W3miXRtbi8qZI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf2RfIWbXY5ydONy13gO28o7YAsme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5McgBCakC2FH_lG07sj7gAgCoAwGqBOsBT9C_QD8FfbTaEySUKlXwHEWOQhanEod-ATg2jNqbVjAQfntRkSw6Y7MuNGGDRCUZCWu9M_3K4TVMtlfrd_ZCRPFhHudqpDtdhgwLRaSZb_QgWHDdQLXUBZoIvxkppO8wxnyvqwYiJTF29xtcNm8sSgFM34gxwhXmsEYB2UUX4XJBuxI-QqFvsxLaU9FwpfK9j5JqX8OWvDxfObQ-gNK4WUVceMyi3NaI3hYwHNVGR9zL9cK8681mpiMpP--h7jGtepgjKxkEWvA7_-8PRQMlxEYgSfrLOz7Zs_kbi1M-YQJ-pSYWxznaQnaon-AEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Fym4zdjk8BkW1J8ziym6UsyCUuQ%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E507 2 KB
1 KB 311ms
52ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E507 308 B
636 B 275ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E507 293 B
621 B 276ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame E507 43 B
348 B 276ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GXy2eJpBjIzE1OM40TJNTMwfKYBlL9QRga3TIrvrNAcwmLD7tqNQ4d_j_KVJL3k4w0jh9PEH589nK7joMZKlBZj9uu6f0fhMCBKquLCLU710GXDhvWko1ucD51whVmayiQLejVBKdcVTuASJZyvcJwK9PvjAiruySwM5JLsx7FUdpeAsH_-katL0R_KfeMC56i5u-QITQ3hrTozqunvqzlDlgBhsu3XD87oTOle_LEcHAHlAzI4SU2AX-q90rzCnrkXaxzfxV5B2EUh8I0OtByrW5BMHhaUbSUdbWJwYi-1mrGzV7wAPxHVO5DvCb11mhvuXXfxLJYt9KPkTzDjPrluooTqEdB5V0HggQQgULfe2zbYMrbnJWT7WG5Q9QayFFQuTFC4FQqpnC8JozI4gTX8SZvPEAclbn1oZH3OK-S3Agafi

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:39:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3242595
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E507 12 KB
5 KB 37ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 902972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CPNO7ypLE53mxPdBm2sF4cl%2B0JuWRjbwmNcggPBWKIH8w3DHkxtR%2BDRjypCPnleE3FkZd5jmrxYwSF0fW0jgWn47sNDTelI0ur7tbambuxr1da5d8KDr7euAijZkO9RGzqcPonIHaTQfz%2FV2XqWDnwF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 791835f64c80bb97-FRA
expires: Sat, 20 Jan 2024 06:39:30 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E507 12 KB
6 KB 265ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame E507 38 KB
38 KB 261ms
20ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame E507 46 KB
46 KB 279ms
39ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 13712e9c5185424c80dc3de4858f850b_cpn_250x250_1.jpg
static.criteo.net/design/dt/3018/230118/ Frame E507 8 KB
8 KB 22ms
21ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/230118/13712e9c5185424c80dc3de4858f850b_cpn_250x250_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

203bbd88b00c2385c64818cd8811e8579953d088b5e329c1646367a8681019e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 11:27:06 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63c7d78a-1f6b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 8043
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E507 12 KB
13 KB 243ms
18ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=132&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F220816%2F9a4e6f4abb4f42218d2b58ef8b0d9305_logo_colorset_2_square.png&v=3&w=496&s=6w7VNkRdTrQwRyt-gp6Wo67m

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

df702ab2748ddbb01919212d57f053928688567e29e72a1407d6b6301678066b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30068169
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12553
expires: Sat, 13 Jan 2024 06:55:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E507 37 KB
38 KB 254ms
29ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F1726%2F230103%2F3fb21791cf9a4ecf92f797caf51f3b5d_img_vertical_3.jpg&v=3&w=1200&s=RmW7loRcx-psmrrw1SHVHLOZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

79a4509185a0a9a59fa205bad6293b6b11b889713db84f8a73ad1b27bad4cf96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28798423
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38320
expires: Fri, 29 Dec 2023 14:13:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E507 16 KB
16 KB 264ms
40ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18130828-47yLp9zd.jpg&v=3&w=400&s=INvMGbkmn6V8bKMTqae0cms3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0a5f82d799623c40509306f40ac9549d6653db712f2d20c7971d21730bef1f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=120061
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16246
expires: Tue, 31 Jan 2023 16:00:31 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E507 0
128 B 243ms
20ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=SJHcGztO4KhPCrpzctdF-_R-GptZEFXTDnwwia8uXnSNYYxC2T5z_LSSfzQOoupnqk0GDvrli4qT58soUrpq7Z4RzBfpi_R5YO7plVvbh9uPPl2BDnYvD4WnnddQpjAq4xCyjsHSqotA2ykQj7YlxBwJK8SPUocpLMY1nT0Eb7IDesjNY8iEvnOgv0eGvTWCf-o1dPQIP55HzNJaPllb7M_xgkL1eaNYhMNdK2EQbdZDlAeYmbnpvPbjU_ileKm4Y6WenA&sds=2&rev=84429&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:39:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E507 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E507 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 06:39:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012401&jk=3063652407731420&bg=!s7ClsPTNAAZSrDxfcqw7ACkAdvg8WjenwrWXkRJ382zE7PhmjXhwp8UFF8gNKDXmtHucYTR_DFVVYQIAAAB0UgAAAANoAQcKACuEHD-wWzUp1Bp5aN-RsNJ5aBbCzcqCdkqUGlvwRPz7_hIKLZrhuuer9oWXmQKoKo8kGLyCcFWWg4PEq-CHuV9_s0t5thTxyqKSxk_uu5hsAMdA3Cnu8SESulfxmwmwXu_AzhoyfdAO2_yq3GT8ACBbbFjbobbt1Pmjawerzdbe9J5xhCC1eeCs4mL2qyq1FiR0PTbxbZMga9NC74IJBRoiH4AibDVsCEGt22adgC8WWbxCOjmnUr25Q4rrzA8wyDKNAaJiakmLQuHIduI0sK15Ed8jWe5scGulJbqfNon9af2AlXScVZAcGlDPLpGh3-KN1a0IMNfS1cylj_x1xZssR9vNQ4yvneCfVP8BFztFZJxD3dDaKdTgy_C50YE813yRdruI7Rtn2xHmJ8761x1tH1Sm81PqJlYvourqWHV6VKPKu36bPwyNASeZKBN2cuE6mETznBkEUDyxUyVzxybyTLZd01mHq4psV0FXky_wzxVBzy8Cyy_WsLQj6jX6JipfrXoLaa1N2yFkFSZIqWAKCClIqrxWdMPF8CAGNG6lTlbzlIHDJjCNLtCwRKlKK03Qu6hIBDtYADSwDb8JJyCyJKsKVGuWq5ba4Bldc625uxnjSc_d_QEw0Pgy_fTqKColxa5ekeaCESUh-bialCe6ZVPPZwxQh224kjOFOWKF3Qmh71zapEvosLpZ0a0MtU2qtWNeJzvI8-khN-v3mb70uRPjPodl3x0eUGM0TO9Pe2Kxig6PjyozmuqZDu6OvmmmoDTsjxu34xThCQpJPzjFu0ed5pUC27hJsTLzzwmnGwGwFArjIFj2BqBexa4l24DOzRRBDoOrB5eRUp7qzzyv6Z6wVz4PnQM1QLvrBxiLZVOIp6E74Y5qrpGDQzCa8BpXvSv4Jv6h1_kHsKrPoepTWa4vTgsbQ71HRRBjmWKzGfAz65J8Ib8y5hig2E5bX82lC0iH7cU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://custservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame E507 0
127 B 19ms
19ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:39:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7638 42 B
174 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLR_XFK8I4r9hPI3pCyNOwvZYiwDsM59GwX66ODYyHmBdDplaC-6MFEcXmgnWH_VhimIWYc0-efFNn4D1xS1Qxsm4&sig=Cg0ArKJSzCNh55WR9VGoEAE&id=lidar2&mcvt=1000&p=607,1060,857,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3016102451&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675060770099&rpt=234&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:39:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13712e9c5185424c80dc3de4858f850b_cpn_250x250_1.jpg
static.criteo.net/design/dt/3018/230118/ Frame E507 8 KB
8 KB 17ms
17ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/230118/13712e9c5185424c80dc3de4858f850b_cpn_250x250_1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

203bbd88b00c2385c64818cd8811e8579953d088b5e329c1646367a8681019e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:39:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 11:27:06 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63c7d78a-1f6b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 8043
expires: Thu, 25 Jan 2024 06:39:33 GMT

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.custservice.org/	1970-01-20 18:53:40	Name: _ga Value: GA1.2.1254599560.1675060769
.custservice.org/	1970-01-20 09:19:07	Name: _gid Value: GA1.2.1525925510.1675060769
.custservice.org/	1970-01-20 09:17:40	Name: _gat_gtag_UA_160276790_1 Value: 1
.custservice.org/	1970-01-20 09:17:40	Name: _gat_gtag_UA_182103897_1 Value: 1
custservice.org/	1970-01-20 18:03:16	Name: cookielawinfo-checkbox-necessary Value: yes
custservice.org/	1970-01-20 18:03:16	Name: cookielawinfo-checkbox-non-necessary Value: no
custservice.org/	1970-01-20 18:03:16	Name: cookielawinfo-checkbox-analytics Value: no
custservice.org/	1970-01-20 18:03:16	Name: cookielawinfo-checkbox-advertisement Value: no
custservice.org/	1970-01-20 18:03:16	Name: cookielawinfo-checkbox-uncategorized Value: no
.booking.com/	1970-01-20 18:53:40	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBtobVCH92JAn6Coyx9rPHrz6BHTrFltc1Ad4ykUnyjUG8BUtdrsci9MmouYuU1hK5JaiE1xVCk%2B8VbLhNdQAFql8BK8El4%2Bt4g4Jh4NPkAutMFf9e6bvWsI56Vzcof6gwnwXcnrhgFq2dmOXO6JgWAm750Il1n11Zo%3D
.custservice.org/	1970-01-20 18:39:16	Name: __gads Value: ID=7943def4135841ef:T=1675060769:S=ALNI_MaECVVDDrbReOq1ShcXQomHD4OlFA
.custservice.org/	1970-01-20 18:39:16	Name: __gpi Value: UID=00000bacdf5a4043:T=1675060769:RT=1675060769:S=ALNI_Mbc0-215ZFCuEQZNMXZBQfam9VuDQ
.doubleclick.net/	1970-01-20 18:39:16	Name: IDE Value: AHWqTUnjFmL7slKeQp3X8tldklAW6FPlwrLT_GVBP5dA-f88MyeAUK8OFUmKjqO3w2I

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://custservice.org/lamisil-customer-service/(Line 167) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/2f9d106d09a019dab882699af1e881e3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://custservice.org/lamisil-customer-service/(Line 167) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/2f9d106d09a019dab882699af1e881e3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.effectivedisplaycontent.com/2f9d106d09a019dab882699af1e881e3/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://custservice.org/lamisil-customer-service/(Line 179) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/d124e2acf41912ab82fbe2d05b587794/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://custservice.org/lamisil-customer-service/(Line 179) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/d124e2acf41912ab82fbe2d05b587794/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.effectivedisplaycontent.com/d124e2acf41912ab82fbe2d05b587794/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://custservice.org/lamisil-customer-service/(Line 738) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/bca873c1bca82760127ef08666bd2488/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://custservice.org/lamisil-customer-service/(Line 738) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/bca873c1bca82760127ef08666bd2488/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.effectivedisplaycontent.com/bca873c1bca82760127ef08666bd2488/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl16934880.trustedcpmrevenue.com/b3f81ae1741b1aad971549f3a8023b3d/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

71779e6ac256b178eefb1bbff2f52ab9.safeframe.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
aff.bstatic.com
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cf.bstatic.com
csm.eu.criteo.net
custservice.org
ipapi.co
pagead2.googlesyndication.com
pix.eu.criteo.net
pl16934880.trustedcpmrevenue.com
platform.foremedia.net
r.bstatic.com
rtb.nl.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.booking.com
www.effectivedisplaycontent.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
178.250.2.148
185.28.222.11
192.243.59.12
192.243.59.13
2600:9000:21f3:6000:1f:e2ee:200:93a1
2606:4700:20::681a:82c
2606:4700:3033::6815:4bba
2606:4700::6811:180e
2a00:1450:4001:803::2008
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2002
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::3
2a06:98c1:3120::3
0065b495e19946f45a31357b3f1aa48addebfda1ed330b5691027566611a497b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a5f82d799623c40509306f40ac9549d6653db712f2d20c7971d21730bef1f50
0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031
0e9dda78af9e8687ae3410dfece20ccf887f683e17e9fa51179291d06b1989ac
1529002ff0f1d31928a5090c1f28de571b19464dcd04540a5dcff9be9277dffe
158bc043513957c2322a7a534a36ca2e830516e396a6150dac477e792afc1228
1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875
203bbd88b00c2385c64818cd8811e8579953d088b5e329c1646367a8681019e1
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
258a405249df1898ae210d562b7a73457c378e5686bc45a66f2bf709bac59e3d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b513e875e77e3544e1259faaf0fb5c0c3b43f254c5f8a6e95c3644e245412d7
2c074aff5d52dc23de293863876ebc7ab3b6384dfe42e88a0714e026003e05b2
2c6003974a9de5ef74e52a834c86753302719bf04811237d521530cd3ec8b351
2d77115024ed7950fd62208290e839608641f12d10a0716b584cde0a8a3fbcdc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
40cef8d6dd7ec48d2e72642bad3254a18698856a821199bc86f3d38a6e85a7aa
42ce9ee9e51344dc1182f0d456164af3530858ff5ee4e53303d7982c04ed897b
466559ee0e338bc32b44e44c346d4e70aad58ebc5103ef89d5121207a8659cab
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503fba493a6affbda4249f0235964c7adf593aea9759aac3d154a803dfe6ba8a
51aaa102a38e781229d7ccf4572538d580f51d9edb2c59fdd94875f0a0c4d322
54265b03aac037504768b8fb803185f5ed58125bafb631bd374b0280e38698f5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c80980f9b6b0f204bba5d1b667d21622aa024564c350b2d6450441842ffc53
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630ff3f5e3fb3bc8d9f615285a6a9c7cbe291e4500f5db996293a58a65e0ee5c
638d987680db5b6a3cf5cc9ee0f811acdfc75070db805cf2bc46ac8b3cf0beb3
64842dba3f319b0c8daec3372c49a9244cfc14d78fecd8b805b2b62e89413f7c
64a8580749f8406b3d6e31fccb12c0aeb513cacc64aa07c12323119d8a7a1ac7
6727cdefba4d692ce3e7143afd4531f227a9abcacf0d9e3d3eeed9321f0fcf66
6b9561e35bcd1adeb584d6354ec34e1457dbbfaa2954ac90433dccb61f6e140e
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
742465277e670a3a02a34bc72016a1f4d893cebc20a3dfea05b0afe43a882243
754da64c4a7344dc24cfd8a781b834e9c2251b8c0bd218c3b582f745e56f44e1
766f193b145932086e9f07933af4d9712521db6553cf42cffed67236bfb7c86d
76f0b5a18dc303c68602fb8f2c374cb22ebdfe2167e3dbbe0d7f534f1bd7f5c0
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
79a4509185a0a9a59fa205bad6293b6b11b889713db84f8a73ad1b27bad4cf96
8277d3b312f84417a05400643587eaa0982065618af9e1cafc8f72316e6fd1e1
8c816afc006b6d948f7fc60cc1df4be5274c69b29c2cc921811dc08c853b4823
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
99e5258f31656c589af8ed2df7cb5996674b4ba604e8fc67c5ea29ef7378ee17
9a432e27a5848cc5eb12df95bf1588380ca9a29c4fb4f647eb02b4621c670c6c
9abf48b05a5fb826342a40514054fbc1391b370efd826d814641b8667814c1ae
9d7ac8cf1990271a122cf53437ff7c5e12fc2c475b8ab0fdb9800054f999cbb1
9f06c5a5a26eed51ed7c0d94bd7bdb822cc503c1e619b463377c44e114e2ca5c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a529855298f29850143962a1ca8dd47ffdb7eb758bba5e3c4f9ca7993da1675b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a891e1f9a51695cb35b18801fe7bc4a656c9d6e2f27206ebded12d48c93f47f7
a8ec062a7846dc019f43180a3247f4f45284361361b4925ea95047d4f6201545
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f
b422aa255039d8b01f9315740aeb09e4fb7b2f1bb3b37f088a6574c66672070f
b6ca138eae29ff0c0cf837dd346e9998353340a2bc03ce6d74d6161d76b2842c
c09fd5b58d3cf08447686505702a93e39fb1e751c16046ed4e05d8a595de2523
c34b93467e6fa7b622445cfee563becec57a6839c5c4bd7cd4067acfa0321bac
c636695f9caad4285a33b3f35f434a96093df74ee3bea008434b1a01a97191aa
ca039e7463f755b1482ff1ea5c07ea6b7fe4bf24287465f8fefac69bef1352c3
ca959527a92a178ed9fbe3df196bc9ef912a49cfcb3f4b7eeb750fc40fe1b79f
cbc7612995c5925cac168b97fea557523a382686cb6b6512a1e86fddbe87291b
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf80c5339537c46ff1f432686b5a35e00b2aa9e1167d4e21f021b95b1e14275d
d061f9626d9361fad79e4fc876baea08ff330d55c8e8b8dbb6a2b390e6d8961e
d59d9602402a1b901dc966150533b2ee3c3d4b0560c91b4882d36046b4cc308e
dd463b02c06c4b1359008e538e39b27322b0059c255d9227f9cf3c63f17d57f7
df702ab2748ddbb01919212d57f053928688567e29e72a1407d6b6301678066b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e06a3e3d2a818dcb08e5d443ea9e231f48f85321e7236be6df21028666652a
e7d948f5a683d370556d14d5d68d76cfc74204ab2075eaf0ec76004124f59e2d
eb98e186ac26f3c45bf690ff488f9d1d73de6b0d973afccc2228e462f7951bc1
ee99d819f3539aead024ce1baf097f7384cd7b6d2b41d46f332f4c3507accf07
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f195702ee81c57c72a26d7965915a367cb308ac07274aee238b454319af45ca6
f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6a4fe64e47a90eff031a2cb2759b64a2c3528c8c91bd783eefeda426d952fe8
ff9ea3dfa2919916d9902daa917c67a2d20d217e125bdc3e8fe4c7a74e193b19

custservice.org Open in urlscan Pro 2606:4700:3033::6815:4bba Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

100 %HTTPS

84 %IPv6

17 Domains

26 Subdomains

26 IPs

5 Countries

1012 kBTransfer

2488 kBSize

13 Cookies

2 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

custservice.org Open in urlscan Pro
2606:4700:3033::6815:4bba Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

84 %
IPv6

17
Domains

26
Subdomains

26
IPs

5
Countries

1012 kB
Transfer

2488 kB
Size

13
Cookies

111 HTTP transactions
3 data transactions