webdigitalonline.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Submission: On May 18 via manual (May 18th 2022, 7:42:55 am UTC) from IN — Scanned from DE

Summary HTTP 165 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 30 domains to perform 165 HTTP transactions. The main IP is 2a06:98c1:3120::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is webdigitalonline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 19th 2021. Valid for: a year.

This is the only time webdigitalonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
21	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:223... 2600:9000:223c:8400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	192.82.242.209 192.82.242.209	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
3 3	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.236.35.87 46.236.35.87	12703 (PULSANT-AS) (PULSANT-AS)
1	143.204.215.33 143.204.215.33	16509 (AMAZON-02) (AMAZON-02)
2	54.76.212.160 54.76.212.160	16509 (AMAZON-02) (AMAZON-02)
165	35

26 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

webdigitalonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:8400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.225.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.82.242.209 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.92.94.3 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.35.87 (Plymouth, United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-33.fra53.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.212.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-212-160.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	109 KB
26	webdigitalonline.com webdigitalonline.com	300 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	339 KB
17	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 ad.doubleclick.net — Cisco Umbrella Rank: 202	56 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2517 ad4m.at — Cisco Umbrella Rank: 2091 assets.ad4m.at — Cisco Umbrella Rank: 34316	307 KB
9	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487	157 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	164 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19930 api.webgains.io — Cisco Umbrella Rank: 48593	51 KB
3	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1382	2 KB
3	gstatic.com fonts.gstatic.com	48 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 38036	87 KB
2	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 15147	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 103120 static-de.ad4mat.net — Cisco Umbrella Rank: 167776	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7678	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 55297	696 B
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 20407	698 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 71012	518 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	61 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1524	350 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	356 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3409	375 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	650 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	39 KB
0	rubiconproject.com Failed pixel.rubiconproject.com Failed
0	quantserve.com Failed cms.quantserve.com Failed
165	30

	Domain	Requested by
26	webdigitalonline.com	webdigitalonline.com
21	static.criteo.net	ads.eu.criteo.com
15	pix.eu.criteo.net	ads.eu.criteo.com
13	pagead2.googlesyndication.com	webdigitalonline.com pagead2.googlesyndication.com googleads.g.doubleclick.net cdn.jsdelivr.net tpc.googlesyndication.com www.googletagservices.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com webdigitalonline.com googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	csm.eu.criteo.net	ads.eu.criteo.com
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.googletagservices.com	googleads.g.doubleclick.net
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	secure-gl.imrworldwide.com	ads.eu.criteo.com
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	www.awin1.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	rtb.fr.eu.criteo.com	webdigitalonline.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	analytics.webgains.io	track.webgains.com
1	www.conrad.de	as.ad4m.at
1	www.zenaps.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	cdn.jsdelivr.net	webdigitalonline.com
1	static-de.ad4mat.net	as.ad4m.at
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	prod-rtb.ad4mat.net	webdigitalonline.com
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	webdigitalonline.com
1	www.googletagmanager.com	webdigitalonline.com
0	pixel.rubiconproject.com Failed	googleads.g.doubleclick.net
0	cms.quantserve.com Failed	googleads.g.doubleclick.net
165	43

This site contains links to these domains. Also see Links.

Domain
www.isopentoday.com
www.facebook.com
twitter.com
aajkaltrends.club
thehealthvinegar.com
freebookmarkingsubmission.net
www.hitechdigitalservices.com
myfreelancerbook.com
aajkaltrend.com
videosongguru.com
www.bookmark4you.online
avader.org
urlshortener.site
dizitalhunt.com
www.bookmarkmonk.com
www.bookmarkfrog.com
www.bookmarkrush.com
www.bookmarkrocket.com
www.howtodocorner.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-19` - `2022-10-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-04-19` - `2022-07-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-06-08`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Frame ID: 42AF60A21FADDCACDF0E9309DE06B7C0
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Frame ID: E1B7CE2C4E1A237B3905415636D4C178
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&adk=1812271804&adf=3025194257&lmt=1652859767&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859768910&bpp=4&bdt=426&idt=252&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=639530836683&frm=20&pv=2&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300
Frame ID: 2A9E99F494DB8B5C169946794AEEC481
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51
Frame ID: 201155F27B2FD21645A7413ABCCCA8E3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=3956893526&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769301&bpp=41&bdt=817&idt=41&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9s0W3NjiEI&p=https%3A//webdigitalonline.com&dtd=46
Frame ID: 224D3EA23971B1F5E7037842A1FD2F4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=2527475&adf=2371720357&pi=t.ma~as.5849469469&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769355&bpp=5&bdt=871&idt=5&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LRYorX40fM&p=https%3A//webdigitalonline.com&dtd=64
Frame ID: C5A3AB48468CB3262F8D5AD4AC65BA65
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&adk=1419306527&adf=1359297430&pi=t.aa~a.6521833~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&to=qs&pwprc=8061188151&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769591&bpp=2&bdt=1106&idt=2&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e78b3b640908b42-22cc796097cd0039%3AT%3D1652859769%3ART%3D1652859769%3AS%3DALNI_Male8IPHuSjGfejBKc1RFNdamjEQw&prev_fmts=0x0%2C730x280%2C730x280%2C350x280&nras=2&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ChuF7widBf&p=https%3A//webdigitalonline.com&dtd=41
Frame ID: 910810AA951E759D905DA151BE819A56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1B2075FE63BBEEFCC7FC4944E9C08C2C
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAFdOIJHUhgAAqMA-b-wXRURAWMTj0JHg&u=%7CPbhUjzMp7UTdNLNte0bmj8o5jlwBG0P21a7v%2BCPjuzE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUJ3oXzvgtKiYOzI_r4EfeXyNBPk3aWLZL_MpKHRLwHFIK_rsTdz9nvMEvgW7A0h9n3n-D8hNTosGCwyb3em054bzS9VYqJVjdiMmn9uIm4_pvbhO8-YIK10snwHOMS5zwUNbFSCePrx-QVfMDiRnPC3qFSmcP8ccGo6qIQMe9ce8_lv6Ik3IP3AdONnoAnebiQkHTdkrSSi1_aMCZlqoFgCoqJ3cOYQCff7PhUGDi_s-codxs4A2IDFj2h0VQEPkzsDVSnUgZ2Jm9knVpKYHpBreOD-z5MU7_D5BJTQw7eUNtAkeMoR11Dox3wHCoFZGRi4ckhcjQoDswRh4SZRlenwc8-_TSHTgdGm051tx9FB1CUQg8KnYoTLxA7X-sTzZmw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrlP8eaOEYuLpFeCQ9fgPg5iq0AvJntKxXM2jlvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQJEv7Qal6yxPqgDAaoEhwJP0GsUfzl5e0OX99hjmOQeKfd2fI4QXjLSqu_DpJgkgG9vFIR1TyhOTDPqWXS4WXYO8K3FhwcD57-KFHMCktPSTpQroNcBoA_Zp0ptzzHTK4OM35_Dz_mAQMdAR0s1EnlsA9Mtu3IekQrxOX4tYi91VtL6CwR0MNtOkku-J2bmXV8fD0z5x-74LAEEXi0n0P6aWDZIfE9mlJmAcOkpkSPRiH7r4u1RC1MygK2In_3TU9Uoi2xx4M9U44hpAYGGv1DK6VYA4v9sYSJ_MVMRtzKIqwvrLrxWv5AU6N4nnuIrlerSLI0sgxz3sFgRQXAhjfumCyKiQbnigIWdWk1SOuyCoKG9gM8ad4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m6wMbYNr4cVI-WxCG04acN1UzSQ%26client%3Dca-pub-1167449022555508%26adurl%3D
Frame ID: DAB60EAB4B597645A0A4CCA7C28238C4
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAHtU0KTAcKAAOVDyNfsCTDYLxq22gqxQ&u=%7CPbhUjzMp7UTh%2FkmAPG0IdpwPOBLULZyOlABTVpgeuG0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWHQqJfbRdcvi7LEXVL3jGkpDINyoH-Nq8zX26nd9ZobAslg0UUUQ9cbLgzdjbCp3tVr4jaVBk-njtzc_i8uOyR6WuXvtSQi-Oh8pLSqm3kwznJ6REUI3iYIc0BvfbbGEp_YiMrhZuvenxzxUY3qJ-MBWB1jN2cJqYYaqbLIQlYdkYaCxzwGXpbTV3lR502nzD72U_iFiDPFxTRwDydZLvQVSRObohdNJYGuthdR9Zx400JHEo82h4sY4Zzijjt4It2cvqqk0bovLvS4zaa2Q9x9DsDTqX5wp_t8bom4msA_BJj7Nae5SPWIhqQgq0p_RgauusVC7abCF_M_CB0WlxyYWGQ4SZpftgDlbj2l9sR1AD9Sb0MdK6mgSu7Pt6LpiZjxanPfB8C2&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmx6seaOEYs3qHoqOsAKPqo6gB8me0rFc9ZHevrEBwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoErwJP0J7XxHE_S3mygZl4Moda1Zuo-kGCmfLtAXxFNib4LO33ffIEzAgF-KZlG88ZMmkZ1PCAmrDNNYfnPBVDoqBPkdwhEHVVOOap2RF6Gm_wDj6aDmdJd4Z4nZssU-h_zm1H0iSQU6NYl2mqslyZvADdJOazDGFaHzqx4Wk2W9R3NI-DkhEO9cUn5jkjnnIZi8mNz7HqRnUKZHT2ZXUH0Kp-35f-DYHsMIr9CWYUbafr1bvxZGMfGD3KNLkIidJ_lewXf6XQuUnADpLjsW4Fgxg3FTBhTMFlQmTuAeQl_8yiAOy33yq6JhO9T-Fb5gj5EeggFPpPKVTNyxsyarsKlxBwAGj4cUzR-GESu80iyNp1n69ZiJMR0sHOJQPCtx1pzIR1EFTSe9IlrfJex9EPF6KABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1BMUpPW1tfCRKcGtK1iKOWsyHh7g%26client%3Dca-pub-1167449022555508%26adurl%3D
Frame ID: D21C745957AEA39C134275A0F3B181DD
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAGLm0JlNzUAAIKUx1wWTOpW5M6MnGx5Q&u=%7CPbhUjzMp7UR%2BjhEeOFmjxc%2B6EjTTUsquTM6wN8SsVtY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYZK7yZCdRqyzeoIj61fdkFcm4m2H1tVj-8S_x2BkGeOcV-RfWoLdy8DhuvBe6SalbGWo6Sh9safCrxXVsEv9-FUnECOtIwTFU6Vb6W8y9Nx90jrkBwMfh0AZJ18iQ_qahVMCb9ZIE0KUHLaG4wXb8jmyiAa-umEqPv5CNnYxy2xlYSVOrE0NF93VnS_CIAhbv-UEmi65XCSubDy34-InUDVdkhZX-T0HO4K-qX8eUBwrtzGLnOIE81z9SC4uevWkdrTMa7kzY4bNPivthJlzgSQ58r3jZM9ROxUuq26hAuitAuRhwj1X-tNUzE81qZZNdHw83TbFXFBhog6YY9tZb9ERO4NAP5OVLmrL06L5VbfoWAkdjXiHX9vn7yIZxMuwdJPbLRlgh93BuSvl6HcmT0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV_QVeaOEYu3cGNS50_wP05SIkAvJntKxXPXalvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoEsAJP0FeAH7QX2G06-U4C99cSstth70Hw01VXeZgfCFDWaKXoMietOeEa9QYRQKocqqDffz5lRv0XdhDVAcwCccDuwXDTfEV__tkyVk0kt2UbP_UOKCLTNphYM8lfabkculNIz8j68hQGvvMDeRDq_cJAFfj52O5VeEuDHsVb_s5DuLlwrsMJmgRmElXe2QntT4cEzsiSIaTEVc8oTWZgpLgSkHsP-bWkBSzzqZcgcvyvKDWkUoIdOhZux1pSUARq2Pf_-fvhvUX2XQ91KyPiEsTVkWgLYZpMOTtESIDb2sTPq8y_LurlOBHjHi4gKqlHAMhCE94cIekpt_Ska0BAZuLdI_7sfYaboGtN1MHKNcJQGs7N1u-K1165uCsFzsnYWsPokXdZEScGvdjE7rIWN3PfgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3TqlZXI-XRKqWFk9Ykzx6SiD7spw%26client%3Dca-pub-1167449022555508%26adurl%3D
Frame ID: EFB0732904BA9E12CE3AF8C3F5AB6185
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CCypPeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLICT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1dnTkoSc9hJqyosJOOoHk8y9VI-f_AwSJWUUbKwjFAEybaBjqaqEgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTE2NzQ0OTAyMjU1NTUwOBgA&sigh=82P9RH6Dwaw&uach_m=[UACH]&cid=CAQSPACNIrLMoErwe_bDdHvWtAJ6cbf4OwdCJggut40C33hkypL9dM5F1TUQA7npMx8zalgwnSNkDZFpepsPzxgB
Frame ID: 0AFF378C15B354090061F664204DA98D
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h336cez2csjysxemsjhbfwhcyby78ptvxrycvkd7hygds05fged2chqfb25gt4hsp5g7qabhgzfvfdceq48b6vz2a6k83m9hge4brkysnw23rke1mabrtq0wfe05z4eejyvm5380cc1kc494wyfqyktvdzknsryvf842am351h841gq75gg38gjmvj522sb31zb61fdm6t3dh9281rd66q0wbt0e1tpb4ngy4f5zm36xcvwv8483y21gh60e8pfjysa564wvrw858ej9dcwdzs3v2vgxpjq6qfpqfrf80hy01hh31d3mk798gm71ntpds8cpw7tnb3nyk6bm6x5njpq89h0mqe5qgpfm4532afz5eaj0h6tp5rp3yyd90fshtpxh1r3wbq517ay2ykag6tgkwjst8m994&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%26client%3Dca-pub-1167449022555508%26adurl%3D
Frame ID: EC74D751E652B972AD86CA0D6E60D34C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7B28EE071787DB08E05E57001B4A33C
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E3E18D84FD97AE1634E079A97ED04372
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B56D5F97D25E73EEC9055AC5973611D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF4D320B06F264A1CE49B908455B7BEE
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Frame ID: 567E104620667074DD7C30F0C346A3FF
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downgrade QuickBooks Company File | Business & Services - Web digital Online

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

165
Requests

96 %
HTTPS

59 %
IPv6

30
Domains

43
Subdomains

35
IPs

6
Countries

1749 kB
Transfer

4056 kB
Size

22
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.isopentoday.com/convert-quickbooks-file-to-an-older-version/
Title: https://www.isopentoday.com/convert-quickbooks-file-to-an-older-version/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Downgrade%20QuickBooks%20Company%20File
Title: Linkedin

Search URL Search Domain Scan URL

URL: http://aajkaltrends.club/
Title: Aajkaltrends

Search URL Search Domain Scan URL

URL: https://thehealthvinegar.com/
Title: thehealthvinegar

Search URL Search Domain Scan URL

URL: https://freebookmarkingsubmission.net/
Title: freebookmarkingsubmission

Search URL Search Domain Scan URL

URL: https://www.hitechdigitalservices.com/
Title: hitechdigi

Search URL Search Domain Scan URL

URL: https://myfreelancerbook.com/
Title: myfreelancebook

Search URL Search Domain Scan URL

URL: https://aajkaltrend.com/
Title: aajkaltrend

Search URL Search Domain Scan URL

URL: https://videosongguru.com/
Title: videosongguru

Search URL Search Domain Scan URL

URL: https://www.bookmark4you.online/
Title: bookmark4you

Search URL Search Domain Scan URL

URL: https://avader.org/
Title: avader

Search URL Search Domain Scan URL

URL: https://urlshortener.site/
Title: urlshortener

Search URL Search Domain Scan URL

URL: http://dizitalhunt.com/
Title: dizitalhunt

Search URL Search Domain Scan URL

URL: https://www.bookmarkmonk.com/
Title: bookmarkmonk

Search URL Search Domain Scan URL

URL: https://www.bookmarkfrog.com/
Title: bookmarkfrog

Search URL Search Domain Scan URL

URL: https://www.bookmarkrush.com/
Title: bookmarkrush

Search URL Search Domain Scan URL

URL: https://www.bookmarkrocket.com/
Title: bookmarkrocket

Search URL Search Domain Scan URL

URL: https://www.howtodocorner.com/
Title: howotodocorner

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLCbPXqK_-ImGhWy9bjJzcbzdE5S1We-Vz0pDJ3U9r_NjdZh06SLq6ea7G0SEu1Ruc-gHLKx5xSIPYX_DZrGtevhtt7WCo&google_gid=CAESEKEpCkydcpAcq8sFoskZdMg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9TamVnQUFBUTNrRndRaQ&google_push=AYg5qPLCbPXqK_-ImGhWy9bjJzcbzdE5S1We-Vz0pDJ3U9r_NjdZh06SLq6ea7G0SEu1Ruc-gHLKx5xSIPYX_DZrGtevhtt7WCo

Request Chain 107

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECekD19AquiD0UzW5Yq55Wc&google_cver=1&google_push=AYg5qPJWNjkTxDSzhkX-cyVsZ98DMbt5UCy-dwlB5F9ZOq5S_uV1QUXOxZepSFNEkWhJiDdfur2X_vn_ZtjqUQyidQlcN0G9_UU HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECekD19AquiD0UzW5Yq55Wc&google_cver=1&google_push=AYg5qPJWNjkTxDSzhkX-cyVsZ98DMbt5UCy-dwlB5F9ZOq5S_uV1QUXOxZepSFNEkWhJiDdfur2X_vn_ZtjqUQyidQlcN0G9_UU&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTKYzsW1TISdUt3Z_4QdmA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJWNjkTxDSzhkX-cyVsZ98DMbt5UCy-dwlB5F9ZOq5S_uV1QUXOxZepSFNEkWhJiDdfur2X_vn_ZtjqUQyidQlcN0G9_UU

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtOjQ5FMceD42_R4if_8ms&google_cver=1&google_push=AYg5qPJgxKJ9n-Y4HXeXIC9ljBNCc8p_dN_qxzxsjNUI-BlEJUiWA_Vjd8qRjR4C01Bp8ztIyOBYI3TnGC34R21OeH3Lz4KPQCc HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAtOjQ5FMceD42_R4if_8ms&google_push=AYg5qPJgxKJ9n-Y4HXeXIC9ljBNCc8p_dN_qxzxsjNUI-BlEJUiWA_Vjd8qRjR4C01Bp8ztIyOBYI3TnGC34R21OeH3Lz4KPQCc&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoSjenrFQoKN3ZD2yToU_gAABK8AAAAB&google_gid=CAESEAtOjQ5FMceD42_R4if_8ms&google_cver=1&google_push=AYg5qPJgxKJ9n-Y4HXeXIC9ljBNCc8p_dN_qxzxsjNUI-BlEJUiWA_Vjd8qRjR4C01Bp8ztIyOBYI3TnGC34R21OeH3Lz4KPQCc

Request Chain 155

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CN2WurzG6PcCFUSx3gode2IGSw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1652859771_1f32a980-d67e-11ec-977a-2266206bbad7

Request Chain 160

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=1f169600-d67e-11ec-977a-2266206bbad7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1652859771_1f169600-d67e-11ec-977a-2266206bbad7&insert=AW&&gdpr=0&gdpr_consent=

165 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request downgrade-quickbooks-company-file Show response
webdigitalonline.com/page/business-services/ 57 KB
8 KB 1272ms
940ms Document
text/html 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e7a71c9eb66028e6309d4111592046858e11bb2fba002a4647f5b0b513d8d93

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 70d2f54b3e6b9b43-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 18 May 2022 07:42:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 18 May 2022 07:42:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlXvJ6OBgNPwuxCs5lcrtmSUqzOG%2Fxz8B8XCka8yXMrRDbxyl8cypmHI%2BZjrsqsCFkRT24iBufvfWQN9Ye5PcKaSMJ5TnP3rPkJqkWmep4bq9zkG7Nsa9j3OD9by3ntSnUW4KTMPnVKSP083gqOcSt68RA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
55 KB 150ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1167449022555508

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2997497d9f3c184f1802f4f849f03814732045bb5025b0251d85d11928453f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Origin: https://webdigitalonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56167
x-xss-protection: 0
server: cafe
etag: 17120877284300811466
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 May 2022 07:42:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 143ms
49ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-134444068-2

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6374c8b9a86726c14cd5186f1000997daca4df7bb5c7f8928684f90e336a9d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39376
x-xss-protection: 0
last-modified: Wed, 18 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 May 2022 07:42:48 GMT

GET
H2 200 bootstrap.min.css
webdigitalonline.com/assets/css/ 138 KB
22 KB 542ms
535ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/css/bootstrap.min.css
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:53:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZRn1ISgqG2xBfWXumupKS3jiwSQMgnUC%2FyHnvGpBaQLgMMg6EOpt3fSYn4mcDxdIrZH74APax792W9KsIDzVCzZAq7BpzihITCSspUwXdU6KUGYrf%2B36z7dvkknwHcVGLvu8S9V%2Fc9wICPfKbkxYoxd9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f551586c9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 line-icons.css
webdigitalonline.com/assets/fonts/ 12 KB
3 KB 425ms
417ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/fonts/line-icons.css
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bff9eb30e83197f025b292d2d652d816ddd46262b5d29554c698c94f1e25c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAUPmCorqELnKz4FUHNqB2MG5U0Cklp%2F%2BKgnTZiz%2FRWHvu319pwDp717vfRxOSTlcoBH9wUo8e7KvfLkPAu9wFJzCLBlva9sjiL7LcZYQ6ljollno8hW65x5BT9CA2Bx9v6npufIMolHSxe6sY8vIJcPSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f551586f9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 slicknav.css
webdigitalonline.com/assets/css/ 2 KB
1 KB 417ms
410ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/css/slicknav.css
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1517b32e0fda53788ce95c0376989d7c6c9a8a5696f801387960ef699074c3d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:53:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt8a5%2FHlEGD5yroOxzqrYf1wrLxyCxqCncNAnBUHumzgpuz6FwDECc%2FXKVgZhq%2FtdzJuuCyVaFzbU6cbyhZwW0JgF5R%2Bvjig7xoy4FZg1qeRfeul0MezulRFjdgPyHL0qKHjFP1uisbJLfswteL19XVC1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55158719b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 color-switcher.css
webdigitalonline.com/assets/css/ 2 KB
956 B 411ms
404ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/css/color-switcher.css
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd7d1eb9228b0dd6d77240648d5121705afb452b4b866bfcb291b11f15f70285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:53:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBJaXSbKDrT8%2FLRXkkADKXdY2bYTsJ77dIaRKhBVPi3V%2Fk0wi%2Fk%2BPnA6tW6j8UCIJmjCH1WOUj6xOKJh5YwvMv3GSqljeM9us4mU1OoC02YaHtsPtYjnKpnTT0g08dV53znVUXajhdk2DhaPH3y3povu1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55158739b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 animate.css
webdigitalonline.com/assets/css/ 44 KB
5 KB 430ms
423ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/css/animate.css
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8992882b548461f80c8ae3ffbfb873fe5e0a376d029fcf9a411326e8ce568a28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:53:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EU%2FGWkq4GuAWnmYtxfXS4Pj6WcUGFy3JKnArbmZ4INcOeqebh7IuspxciK7GxAeJSsVAMNie8C2gIJKuwsNhPlrIaIA98cEg%2F%2F0DKmgJ07vhO41mxfRwLVWBk1Ay8nmwW9HoA5cc4mcxKlUz%2BTx%2FU5PqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55158749b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 owl.carousel.css
webdigitalonline.com/assets/css/ 3 KB
1 KB 406ms
400ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/css/owl.carousel.css
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b0db9f49a0ceed3f0d071a89b448ae02a37d381f082b50be3469f89d84a22a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:53:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8mu9%2BIq2MC2MBmQha7mUzkMZPGeKBGvfOSoM9S%2B9juH96jWmQnmwT7XCRVC9HccpOLw4VVM6Bl6NWUNQw1zW6FraIJ6XOHmbEqOn%2FrCc31UtO6sozI8DIbobBBzeheHNGP6S09oIcp73grfZcTO3PMIBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55158759b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main2.css
webdigitalonline.com/assets/css/ 89 KB
16 KB 534ms
527ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/css/main2.css
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0795bd99912afaac03734b77bdd24feb81423d3ed23855e3cab9138aaf3de86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Sep 2021 10:47:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYEq7WxB496BO6gYMVTj%2B6irY%2FKuTHGK3whWfKLykaCmJgzf5obI0cxfddh%2FCX7QB5xV3ErV5QX7qLlCj6t2L%2F6cYzAD59KSMRt1KbtzOKZLdQJyNOSbT3oDJz2gYz0vMi1kmRnB3XM1FLhQylMAbabVVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55158769b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 responsive.css
webdigitalonline.com/assets/css/ 11 KB
3 KB 422ms
416ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/css/responsive.css
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2968c79bc2595eaa6900ab5c16ebe21f0cce6f7a8e56ef0eb64c519be91461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Sep 2021 09:55:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbfiASOWeC7ch8S2tREj7d%2Bd8plDcQtuLyzxnW9hAezYmAP39g%2Bph0L5kYJSK7f7IKa8L4MjfvPVhh8h%2FPi7EHVopEKRFuTzvly7NZ%2BJGoKZf3OlI48C4rKfAgdO0HZCt%2B%2FIlFhwTZ9DbunVsablIg7WHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55158779b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 760654-web-digital-online-logo.jpeg
webdigitalonline.com/assets/logo/ 16 KB
17 KB 581ms
575ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webdigitalonline.com/assets/logo/760654-web-digital-online-logo.jpeg
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5eb22ff34b879e0d30c190b6eaae59d193f6fd3c63b41943ee990b886ebab21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Oct 2021 07:11:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6p0pa0jtC5tMxC43xdGlSOEVl%2BSPrY9yQDrmJv9Ewb1hUw91Upi2q54YpMmFRzK3WKjtPdcJ%2FZmKV4NW9eyFiAKGdyZS1kmnRnC1C0%2FkcjIT9wq05Q42ouPfNeFGGGcWWaMAJPdJLBMnkHd7O1EO9ZIQIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70d2f55198e89b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16731

GET
H2 200 email-decode.min.js Show response
webdigitalonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 52ms
45ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webdigitalonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 13 May 2022 14:29:36 GMT
server: cloudflare
etag: W/"627e6b50-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPJiWQDCbv35A%2BdmniE74IlAIYEWjXXv0LU6iVeQnK8nMn9okvpQcah24%2F7oLoK0OYLKwHgVmV3p735L9YvB0f5Sl7LYh%2FIrXOngwJDhOqT0dp1y2cH9%2FLDjrIP5xEmY2B7m%2FRB%2FKkx5UkXnNXw5bsD7EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55158789b43-FRA
vary: Accept-Encoding
expires: Fri, 20 May 2022 07:42:48 GMT

GET
H2 200 jquery-min.js Show response
webdigitalonline.com/assets/js/ 82 KB
30 KB 628ms
621ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/jquery-min.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPh6N31LSKI7MLTN6y%2ByBLvUFmepR4UauTT86PbL6JDWpPNeL9uJGwv6Y4HCgqBoc7PTQ8DB1geSZ120SFU9EDEw%2BNX9EuxVsIzSYI6PPzGoLkEkdWv9HiVabAsbAHRCWwCjzwS0v0A3Bp70aS15wzSfVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55158799b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 popper.min.js Show response
webdigitalonline.com/assets/js/ 19 KB
7 KB 452ms
445ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/popper.min.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c7c29c5a11380b9d25194ce97eeae1e4bba0b5d0b0bc86329deae20f6ea7508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5nNvZyxK%2Fyp1iD2DcXbSqPF8c2mEH9wTHF45nxYVAJmYq9sxnAztm90M9XnRT5Ckaa7LthwdoIVZMl29YpaEjbg%2FYu0dBB9zub1YaKaJS33CUMtd51u%2BuQ5fwGH%2FpSCy%2B%2BuprVEKuFrVUp%2FbwDkn2BoZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198cd9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
webdigitalonline.com/assets/js/ 50 KB
14 KB 591ms
584ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/bootstrap.min.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08vn7n7EsLJgYjkefNtnQwD5l1FJFI6fcOTohq4mLCKH%2BCKFIA6DIl4tJmh0A2MQLpxlHT2WdYs4YA3oGmwo%2FFmBVmdbP%2BEjhZn01oeglYrprsmLBD0p%2FkEy8hMfmffV1fYQwQ5SLcfiS7ywypchOITNTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198cf9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.counterup.min.js Show response
webdigitalonline.com/assets/js/ 1 KB
856 B 446ms
439ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/jquery.counterup.min.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6F53CegstMGLGMSa6OBUIlJ%2F%2BpD0l7ZLnXKjgJ2hHCmOoCPuWlL%2F0drQUynj5fBBlVfi49WwYsI6Zh0owUB4T4iOQIhgWnxhcUfGDY9pqjuHesVMVaCw2r%2Bq8alZ0HB7%2FXmQzYsskvm2%2FSxIkoOVp%2BK48g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198d19b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 waypoints.min.js Show response
webdigitalonline.com/assets/js/ 8 KB
3 KB 448ms
441ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/waypoints.min.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC9qLieR%2B4SDZxE4fuOXnPrCXDYvW154z8Jln%2FZ2a1Y%2FsiO2j3sdKHdsKySwhYTEhSwU1rOKnDnemf2Hv2rKglYjbTdgy8792FgIGXo1iAVI1mON33fz9lnnjXSZb8jXULJhD2ajiF0OvEPE78%2FI1BItlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198d59b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wow.js Show response
webdigitalonline.com/assets/js/ 4 KB
2 KB 445ms
439ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/wow.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0b81c6472c52ce27272c8b39e8743c3ee2954db7907efccc2e676571e4c3b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7uIDbWNv1BuUYWLbUqYXPp280Q1C2KgSnWJHbuEsmSA6jNJRdT9s6jJcbtwhJos2i6jkr3Ny5ympgIjE3FJukPL3ZioM8HCAE3fSpvOA%2B1ocqfpq1HEaHBNxmWizdOseVJ3gchJvf6PBoSIcLsSbJ9RgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198d79b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 owl.carousel.min.js Show response
webdigitalonline.com/assets/js/ 42 KB
12 KB 556ms
550ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/owl.carousel.min.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzBs9ZQVDKr9rJDZ2XiA2S00MkB5pkRIZJ8IcO3e%2BggqC%2BOJFmbyE09aMXDbm6Qw64QXaxNQEG8fLSJNg4JS6tWKsPBL5IVQ8y9bEGv1ONsJ0Mgo%2BEM2rP07UzXpH4KXP8Cg61mfiIs1VHkmvrur%2BJJX5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198d99b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.slicknav.js Show response
webdigitalonline.com/assets/js/ 9 KB
3 KB 447ms
440ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/jquery.slicknav.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e745230fd0a6db5790226e805856dad1f40ce2acb6a45f2eec20888c86719c88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBNHc3cTSGEg7qprGa%2B1iJKqiO%2FJKDVwoyHvuC5789IL1R95cW%2FwKHjYptqeW7uyG2UTj2Q%2BaYZjsd69b1OObOZtrLrP%2FW2DrCv98xtgN15wRttuezaI%2F1Ejs3CDXaQwEOlOv31ycpY6jz9%2BhnnZ4Dsl1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198da9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.js Show response
webdigitalonline.com/assets/js/ 2 KB
996 B 449ms
443ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/main.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea4721b0a1bb5e0fef365f5dde0722edae01bf0e830bfe8ed0964348d2d47a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTmXSAai%2Bh18mnrtqTqwnPxwLluNaRm9zvkytvUWvGrahvhwv5vOvrBHUzesTpjegmDnM5CUd%2Bqk2D5eokkI2rjtd0WMNxKkZrgnRkvj12W3U1t0O4Eo9atVxo2A2TlsuCzmmeJ%2FIAKRvVaxld40Zfy4kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198db9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 form-validator.min.js Show response
webdigitalonline.com/assets/js/ 6 KB
2 KB 469ms
463ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/form-validator.min.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c31a654938abf168fca328d9663ea83999b87ff36d18b016ea8aace1a9cb2cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8eYkjPrXwKGoe7KuVckHeybeT4hxdUtbAPZFD5l85c83tsGhuwNMt9AtqLntrC5dfZT10Q%2FBX3bWbGO5olXkTSOArlK1koWnsnuc9YPlM2zmHMFsU6TgYvqFagNFMdhYzClB7WXBZ1rHNLixjsFRd1UPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198dc9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 summernote.js Show response
webdigitalonline.com/assets/js/ 153 KB
37 KB 725ms
719ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/js/summernote.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 891cde09c5c693b91dc8319fe618b3d39ac1bd56de2f05fb44dd6a8dce7f1d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:54:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxqK8qeO3WxpbJAMdZIqh%2FYxtvEx63l40xnfVCMWBe%2FzmZ0h4ylD0pV3Jp3IJSoTn5GLhC%2FbWoBZEKeYebj7GgoIFpHlzuhUIYJlRvpTGwMyrIhGb534HmwAjoTfFYhAIkMCQrdahE3jmAX7osPwhzEV9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198e19b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.validate.min.js Show response
webdigitalonline.com/assets/validate/ 21 KB
7 KB 509ms
503ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/validate/jquery.validate.min.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b6d597b63af5c67ae52bbfc53148bc78343e05c72c3da15966f6640876a59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 31 Aug 2021 06:37:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr6TuvVSrZ%2BnmYdFbE5LMaPH4RVRqUYVDyf%2BO6FYPgZjqYYWciuOGTDTP5FEvhSA7%2Br1CpmkL%2F%2FMQitgZtxXofRfmkxrqW4X9ewZA7gYxhwn6XWQowKcPweG1t7RHlJK5UBbxfpdPR3zoGV5DhiXMVOfGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198e39b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 form-validation.js Show response
webdigitalonline.com/assets/validate/ 3 KB
934 B 449ms
444ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/validate/form-validation.js
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b2a21c9099a234c3b867beea11ce2fab1f35c9ec40e29a7ba977026a181adc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 11:42:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjjlUlE65FvcuyhfRkKUz9qumTNleQopOFCGyASzib9DtCsNWltTm2KcYkSr99JOYwK3Xv9g6oQfrvfz76aNRAUi%2F0YWFSXJpC6Wp82JpwWcy2igW6hvME6E0qJuDYRg%2B%2FzLgn6KYFCaWj%2FpCleHzcI4zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f55198e69b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
41ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134444068-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5020
date: Wed, 18 May 2022 06:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 18 May 2022 08:19:08 GMT

GET
H2 200 banner1.jpg
webdigitalonline.com/assets/img/ 45 KB
45 KB 1042ms
1042ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webdigitalonline.com/assets/img/banner1.jpg
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd994ccb50440d9ee42008b67bda89e558a78b13c8be9a8953b15c5cd4402953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:53:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2jCfwhAHXBwZYgNYD1Qok5t5%2BGiGqA4NfBXJk%2FXWap1gpjZh4IT0AiUWXruOb8T2wJGAgX22UUJMSfbmHHs%2BzXyl78CRRqaTSKBG93JmECE0pnHY1hX0xNVs3SIcMJHvpAzqBrOHphRH7lLH6N%2FX1Pg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70d2f5539c299b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45618

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 166ms
165ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=817987963&t=pageview&_s=1&dl=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&ul=en-us&de=UTF-8&dt=Downgrade%20QuickBooks%20Company%20File%20%7C%20Business%20%26%20Services%20-%20Web%20digital%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=408532785&gjid=1408296694&cid=855922387.1652859769&tid=UA-134444068-2&_gid=1047944318.1652859769&_r=1&gtm=2ou5g0&z=1993905807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://webdigitalonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://webdigitalonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ 309 KB
110 KB 143ms
66ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1167449022555508&plah=webdigitalonline.com&bust=31067624

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1167449022555508

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

970fb8a2c101291445ed4d6d8f05ca87caea82c5d7ba66ff22687cf3dcd78ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112748
x-xss-protection: 0
server: cafe
etag: 14068686424268331441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 18 May 2022 07:42:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/ Frame E1B7 10 KB
5 KB 129ms
37ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1167449022555508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 18:13:19 GMT
etag: 1428802124239944296
expires: Tue, 31 May 2022 18:13:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 136ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Roboto:500,700

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/assets/css/main2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41308ec15a6ce75cb12fc2e98043799c02c28262f50b1254cec591997cfe948c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 May 2022 07:42:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 18 May 2022 07:42:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 May 2022 07:42:49 GMT

GET
H2 200 LineIcons0ad2.ttf
webdigitalonline.com/assets/fonts/ 99 KB
59 KB 1034ms
732ms Font
font/ttf 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webdigitalonline.com/assets/fonts/LineIcons0ad2.ttf?ibaccn
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/assets/fonts/line-icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b2f1c14e81fcb0505906b079db6d5fa055e1ef853cf219a416e38355a619c17

Request headers

Referer: https://webdigitalonline.com/assets/fonts/line-icons.css
Origin: https://webdigitalonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 30 Mar 2019 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OO4YoL%2FD7cdwdsH3stPXnSJj0SIvdfUwtIPZ9KZsH2G1qKmbmWmil6O5xPdf25LroaPAEL7Cxppry0EQjhBVV%2FTEZhl1qu8QCjhOcJL%2BbbjLvU2iuYRlrGROkTUZPe4FIWGz9B7ACD64lO7MypVoM3dnNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d2f556c97c9b43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 224 B
650 B 186ms
47ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=webdigitalonline.com&callback=_gfp_s_&client=ca-pub-1167449022555508

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1167449022555508&plah=webdigitalonline.com&bust=31067624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8d76aab5bbb46ec73c1a3508eebd05e2693a0f8e6361ab603b7f867f8c4eb820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 148ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=webdigitalonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 148ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=webdigitalonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&tn=NAV&cls=navbar%20navbar-expand-lg%20bg-white%20fixed-top%20scrolling-navbar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A9E 42 KB
14 KB 309ms
203ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&adk=1812271804&adf=3025194257&lmt=1652859767&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859768910&bpp=4&bdt=426&idt=252&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=639530836683&frm=20&pv=2&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ae9924073f6b371be4396e294e64ff21399057e1b58e8fac1406439127ef5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13884
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:49 GMT
expires: Wed, 18 May 2022 07:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
16 KB 191ms
81ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Roboto:500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://webdigitalonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:57:13 GMT
x-content-type-options: nosniff
age: 157536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:57:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 152ms
58ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Roboto:500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://webdigitalonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:29:20 GMT
x-content-type-options: nosniff
age: 155609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:29:20 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2011 24 KB
10 KB 657ms
631ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cc7c8294a03881bae3e31871255c3166f696c99e2564ca2d798083431916a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9808
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:49 GMT
expires: Wed, 18 May 2022 07:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 62ms
39ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Roboto:500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://webdigitalonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:56:04 GMT
x-content-type-options: nosniff
age: 154005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:56:04 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 224D 430 B
231 B 374ms
371ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=3956893526&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769301&bpp=41&bdt=817&idt=41&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=9s0W3NjiEI&p=https%3A//webdigitalonline.com&dtd=46

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

810661aefc324ff49f6c0b913db27e94b27f309d3fba5ee4b9dab0a710e2b32b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:49 GMT
expires: Wed, 18 May 2022 07:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5A3 23 KB
10 KB 373ms
372ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=2527475&adf=2371720357&pi=t.ma~as.5849469469&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769355&bpp=5&bdt=871&idt=5&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LRYorX40fM&p=https%3A//webdigitalonline.com&dtd=64

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d391ead647e6a3ce9f481f550639feffc6ee3b7d69749e2083b5de86cf31e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9781
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:49 GMT
expires: Wed, 18 May 2022 07:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/ 146 KB
52 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205120101/reactive_library_fy2019.js?bust=31067624

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a331b8b0f85a7cfa9f4824f33c1e20da64da1ad02a9dc656d27eb344554636f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52973
x-xss-protection: 0
server: cafe
etag: 10627439308672331577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 07:42:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 288ms
206ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=webdigitalonline.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 282ms
202ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=webdigitalonline.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9108 31 KB
12 KB 352ms
352ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&adk=1419306527&adf=1359297430&pi=t.aa~a.6521833~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&to=qs&pwprc=8061188151&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769591&bpp=2&bdt=1106&idt=2&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e78b3b640908b42-22cc796097cd0039%3AT%3D1652859769%3ART%3D1652859769%3AS%3DALNI_Male8IPHuSjGfejBKc1RFNdamjEQw&prev_fmts=0x0%2C730x280%2C730x280%2C350x280&nras=2&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ChuF7widBf&p=https%3A//webdigitalonline.com&dtd=41

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dc725104dbe8d995a15bc815cef647af60ff2e80a6bf2425b7c06fb98ecca7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:49 GMT
expires: Wed, 18 May 2022 07:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/ Frame 1B20 10 KB
4 KB 38ms
38ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 19:13:00 GMT
etag: 1428802124239944296
expires: Tue, 31 May 2022 19:13:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1B20 0
0 196ms
195ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtlWOeaOEYuLpFeCQ9fgPg5iq0AvJntKxXM2jlvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQJEv7Qal6yxPqgDAaoEhAJP0GsUfzl5e0OX99hjmOQeKfd2fI4QXjLSqu_DpJgkgG9vFIR1TyhOTDPqWXS4WXYO8K3FhwcD57-KFHMCktPSTpQroNcBoA_Zp0ptzzHTK4OM35_Dz_mAQMdAR0s1EnlsA9Mtu3IekQrxOX4tYi91VtL6CwR0MNtOkku-J2bmXV8fD0z5x-74LAEEXi0n0P6aWDZIfE9mlJmAcOkpkSPRiH7r4u1RC1MygK2In_3TU9Uoi2xx4M9U44hpAYGGv1DK6VYA4v9sYSJ_MVMRtzKIqwvrLrxWv5AU6N4nnuJpl8tAqwKwkKNrpPvBfNbZhO-svSiMWTtWSLg7qPJMFvQHCiWuP4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTE2NzQ0OTAyMjU1NTUwOBgA&sigh=dqg_Af82WsM&uach_m=[UACH]&cid=CAQSGwCNIrLMwTN9Vtjhoqw_sIv8bp68NMAyuz0_RhgB

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 18 May 2022 07:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 May 2022 07:42:49 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 1B20 0
0 264ms
96ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RO0HfJ2DYgICAAAAZVeMu-oFdCoQeKOEYn1uMjf2K01R0zMRABIAAA&wp=YoSjeQAFdOIJHUhgAAqMA-b-wXRURAWMTj0JHg

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 179221
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DAB6 207 KB
58 KB 419ms
252ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAFdOIJHUhgAAqMA-b-wXRURAWMTj0JHg&u=%7CPbhUjzMp7UTdNLNte0bmj8o5jlwBG0P21a7v%2BCPjuzE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUJ3oXzvgtKiYOzI_r4EfeXyNBPk3aWLZL_MpKHRLwHFIK_rsTdz9nvMEvgW7A0h9n3n-D8hNTosGCwyb3em054bzS9VYqJVjdiMmn9uIm4_pvbhO8-YIK10snwHOMS5zwUNbFSCePrx-QVfMDiRnPC3qFSmcP8ccGo6qIQMe9ce8_lv6Ik3IP3AdONnoAnebiQkHTdkrSSi1_aMCZlqoFgCoqJ3cOYQCff7PhUGDi_s-codxs4A2IDFj2h0VQEPkzsDVSnUgZ2Jm9knVpKYHpBreOD-z5MU7_D5BJTQw7eUNtAkeMoR11Dox3wHCoFZGRi4ckhcjQoDswRh4SZRlenwc8-_TSHTgdGm051tx9FB1CUQg8KnYoTLxA7X-sTzZmw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrlP8eaOEYuLpFeCQ9fgPg5iq0AvJntKxXM2jlvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQJEv7Qal6yxPqgDAaoEhwJP0GsUfzl5e0OX99hjmOQeKfd2fI4QXjLSqu_DpJgkgG9vFIR1TyhOTDPqWXS4WXYO8K3FhwcD57-KFHMCktPSTpQroNcBoA_Zp0ptzzHTK4OM35_Dz_mAQMdAR0s1EnlsA9Mtu3IekQrxOX4tYi91VtL6CwR0MNtOkku-J2bmXV8fD0z5x-74LAEEXi0n0P6aWDZIfE9mlJmAcOkpkSPRiH7r4u1RC1MygK2In_3TU9Uoi2xx4M9U44hpAYGGv1DK6VYA4v9sYSJ_MVMRtzKIqwvrLrxWv5AU6N4nnuIrlerSLI0sgxz3sFgRQXAhjfumCyKiQbnigIWdWk1SOuyCoKG9gM8ad4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m6wMbYNr4cVI-WxCG04acN1UzSQ%26client%3Dca-pub-1167449022555508%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

53e8fbf285bc21c815548869622bd6d4274a4ae7f6a3ca999b161efb60c5ff7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=wKeKhPiZryWald9gie2RqmJgDQUxwgO1fwgfk2EpLS28wo2yLaXqs2GBn2l4Wk5KxktkFp_wMl7cmhfh2f867QRTleKRRP1CF-DWoyUqel-X6fvnHgS3vVKKQ_FsLS0lwHqw5NZcE14OWIns-5EJH5183TH3ja4eyJSQ-lBOcVGTuByQMGufPcdBfhSi4wr099EhxWEDQfp6eWr2_K5RxPhr-Fjf9G544gs4CyqCO9fRZI4pX8J1reAXJ5WpY7GIDcU9xw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 124450881
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 1B20 3 KB
1 KB 302ms
95ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 07:40:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B20 133 KB
41 KB 261ms
55ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:42:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 1B20 15 KB
7 KB 247ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 07:34:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame C5A3 3 KB
1 KB 220ms
94ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=2527475&adf=2371720357&pi=t.ma~as.5849469469&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769355&bpp=5&bdt=871&idt=5&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LRYorX40fM&p=https%3A//webdigitalonline.com&dtd=64

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 07:40:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5A3 133 KB
41 KB 262ms
136ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:42:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame C5A3 15 KB
6 KB 214ms
88ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 07:34:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C5A3 0
0 116ms
116ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKQbqeaOEYs3qHoqOsAKPqo6gB8me0rFc9ZHevrEBwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoErAJP0J7XxHE_S3mygZl4Moda1Zuo-kGCmfLtAXxFNib4LO33ffIEzAgF-KZlG88ZMmkZ1PCAmrDNNYfnPBVDoqBPkdwhEHVVOOap2RF6Gm_wDj6aDmdJd4Z4nZssU-h_zm1H0iSQU6NYl2mqslyZvADdJOazDGFaHzqx4Wk2W9R3NI-DkhEO9cUn5jkjnnIZi8mNz7HqRnUKZHT2ZXUH0Kp-35f-DYHsMIr9CWYUbafr1bvxZGMfGD3KNLkIidJ_lewXf6XQuUnADpLjsW4Fgxg3FTBhTMFlQmTuAeQl_8yiAOy33yq6JhO9T-Fb5gj5EeggFPpPKVTNyxsyarsKlxBwAGj4cUzRumMzKUqtVMnKA7v6WK63KsjaL7XImQXreExItqZtZf49KFja1G6ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExNjc0NDkwMjI1NTU1MDgYAA&sigh=RTp9JQ7aUMI&uach_m=[UACH]&cid=CAQSGwCNIrLMJKuzQFBynb-H657CC9M16IM6IJfANBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=2527475&adf=2371720357&pi=t.ma~as.5849469469&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769355&bpp=5&bdt=871&idt=5&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=969&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=LRYorX40fM&p=https%3A//webdigitalonline.com&dtd=64
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 18 May 2022 07:42:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 May 2022 07:42:49 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame C5A3 0
0 168ms
43ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RN4CmAKdg2ICAgAAADO9NlSV9HvDEHijhGK2hDU3JBPxr5BCzgASAAA&wp=YoSjeQAHtU0KTAcKAAOVDyNfsCTDYLxq22gqxQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 322906
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D21C 170 KB
53 KB 236ms
154ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAHtU0KTAcKAAOVDyNfsCTDYLxq22gqxQ&u=%7CPbhUjzMp7UTh%2FkmAPG0IdpwPOBLULZyOlABTVpgeuG0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWHQqJfbRdcvi7LEXVL3jGkpDINyoH-Nq8zX26nd9ZobAslg0UUUQ9cbLgzdjbCp3tVr4jaVBk-njtzc_i8uOyR6WuXvtSQi-Oh8pLSqm3kwznJ6REUI3iYIc0BvfbbGEp_YiMrhZuvenxzxUY3qJ-MBWB1jN2cJqYYaqbLIQlYdkYaCxzwGXpbTV3lR502nzD72U_iFiDPFxTRwDydZLvQVSRObohdNJYGuthdR9Zx400JHEo82h4sY4Zzijjt4It2cvqqk0bovLvS4zaa2Q9x9DsDTqX5wp_t8bom4msA_BJj7Nae5SPWIhqQgq0p_RgauusVC7abCF_M_CB0WlxyYWGQ4SZpftgDlbj2l9sR1AD9Sb0MdK6mgSu7Pt6LpiZjxanPfB8C2&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmx6seaOEYs3qHoqOsAKPqo6gB8me0rFc9ZHevrEBwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoErwJP0J7XxHE_S3mygZl4Moda1Zuo-kGCmfLtAXxFNib4LO33ffIEzAgF-KZlG88ZMmkZ1PCAmrDNNYfnPBVDoqBPkdwhEHVVOOap2RF6Gm_wDj6aDmdJd4Z4nZssU-h_zm1H0iSQU6NYl2mqslyZvADdJOazDGFaHzqx4Wk2W9R3NI-DkhEO9cUn5jkjnnIZi8mNz7HqRnUKZHT2ZXUH0Kp-35f-DYHsMIr9CWYUbafr1bvxZGMfGD3KNLkIidJ_lewXf6XQuUnADpLjsW4Fgxg3FTBhTMFlQmTuAeQl_8yiAOy33yq6JhO9T-Fb5gj5EeggFPpPKVTNyxsyarsKlxBwAGj4cUzR-GESu80iyNp1n69ZiJMR0sHOJQPCtx1pzIR1EFTSe9IlrfJex9EPF6KABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1BMUpPW1tfCRKcGtK1iKOWsyHh7g%26client%3Dca-pub-1167449022555508%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fd179789b1e9683320a46c5be15f1ac213c6fdb361b614e47cad6d94095cdf96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=64RIK_iZryWald9gyZjuyLcMrlZ-a8VzDetsIIkL_5hIRZakViDSMnBr_ZVevHRLMQHCA2QUjVfwJDEaHIeFWm5cjXNMECPzmHPb1h3NEgEWBfFNwMlRVJpGMNcZFf5AYX7mBmpIZuOS-0NrYxAVR1Ho1OV51o86UzTsaM07fvodluLSHVZiKbqj2fSo5U57Xh6d6bmQtBtM9KjjhorHVsZB_XVfp9VhdTu2TCDyIf6D9zeB8dI_bSFGzHNil1pl23Mkbw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 104232280
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2011 3 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 07:40:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 2011 15 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 07:34:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2011 133 KB
41 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:42:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2011 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C29SMeaOEYu3cGNS50_wP05SIkAvJntKxXPXalvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoErQJP0FeAH7QX2G06-U4C99cSstth70Hw01VXeZgfCFDWaKXoMietOeEa9QYRQKocqqDffz5lRv0XdhDVAcwCccDuwXDTfEV__tkyVk0kt2UbP_UOKCLTNphYM8lfabkculNIz8j68hQGvvMDeRDq_cJAFfj52O5VeEuDHsVb_s5DuLlwrsMJmgRmElXe2QntT4cEzsiSIaTEVc8oTWZgpLgSkHsP-bWkBSzzqZcgcvyvKDWkUoIdOhZux1pSUARq2Pf_-fvhvUX2XQ91KyPiEsTVkWgLYZpMOTtESIDb2sTPq8y_LurlOBHjHi4gKqlHAMhCE94cIekpt_Ska0BAZuLdI_7sfYaboClP9VNNul5DpVLZdT-3caawrCGzxOfA2HcgrNGrrjkqpV1uaqGpgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMTY3NDQ5MDIyNTU1NTA4GAA&sigh=4cgBEp_-pvw&uach_m=[UACH]&cid=CAQSGwCNIrLMmJfv81kJNww6N553f4eVr20WD4F1BxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 18 May 2022 07:42:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2011 0
0 64ms
63ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RNoFmAKdg2ICAgAAADO9NlSV9HvDEHmjhGIUtqsenEuX3DLT-QASAAA&wp=YoSjeQAGLm0JlNzUAAIKUx1wWTOpW5M6MnGx5Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 279857
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame EFB0 132 KB
45 KB 235ms
235ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAGLm0JlNzUAAIKUx1wWTOpW5M6MnGx5Q&u=%7CPbhUjzMp7UR%2BjhEeOFmjxc%2B6EjTTUsquTM6wN8SsVtY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYZK7yZCdRqyzeoIj61fdkFcm4m2H1tVj-8S_x2BkGeOcV-RfWoLdy8DhuvBe6SalbGWo6Sh9safCrxXVsEv9-FUnECOtIwTFU6Vb6W8y9Nx90jrkBwMfh0AZJ18iQ_qahVMCb9ZIE0KUHLaG4wXb8jmyiAa-umEqPv5CNnYxy2xlYSVOrE0NF93VnS_CIAhbv-UEmi65XCSubDy34-InUDVdkhZX-T0HO4K-qX8eUBwrtzGLnOIE81z9SC4uevWkdrTMa7kzY4bNPivthJlzgSQ58r3jZM9ROxUuq26hAuitAuRhwj1X-tNUzE81qZZNdHw83TbFXFBhog6YY9tZb9ERO4NAP5OVLmrL06L5VbfoWAkdjXiHX9vn7yIZxMuwdJPbLRlgh93BuSvl6HcmT0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV_QVeaOEYu3cGNS50_wP05SIkAvJntKxXPXalvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoEsAJP0FeAH7QX2G06-U4C99cSstth70Hw01VXeZgfCFDWaKXoMietOeEa9QYRQKocqqDffz5lRv0XdhDVAcwCccDuwXDTfEV__tkyVk0kt2UbP_UOKCLTNphYM8lfabkculNIz8j68hQGvvMDeRDq_cJAFfj52O5VeEuDHsVb_s5DuLlwrsMJmgRmElXe2QntT4cEzsiSIaTEVc8oTWZgpLgSkHsP-bWkBSzzqZcgcvyvKDWkUoIdOhZux1pSUARq2Pf_-fvhvUX2XQ91KyPiEsTVkWgLYZpMOTtESIDb2sTPq8y_LurlOBHjHi4gKqlHAMhCE94cIekpt_Ska0BAZuLdI_7sfYaboGtN1MHKNcJQGs7N1u-K1165uCsFzsnYWsPokXdZEScGvdjE7rIWN3PfgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3TqlZXI-XRKqWFk9Ykzx6SiD7spw%26client%3Dca-pub-1167449022555508%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&slotname=5849469469&adk=395207145&adf=1161148090&pi=t.ma~as.5849469469&w=730&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769238&bpp=13&bdt=754&idt=13&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=258&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CycWXDjRtm&p=https%3A//webdigitalonline.com&dtd=51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3cb1c4d780b68414f4afaa1b3493cc248115efef3c3e8508db79568d517b7d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=cinKdviZryWald9g-mOoXn6kkThBqiQZxozD6ybbOQoryP6iqmJp9gwggLVjD9Xc_C9XjcdYbO78arsXtUhEz9-ZT2Iyz2NGh4UtCnuQ167O_mrfypoy2LU4G0ieA1IcotjcB5UeR7WDtQKJ7_HkbgZJMzNNndtrUfiT78kVYLxJIhsernIhLo61ptWyWD6SxQslu0B2Dj4Zn-dML1h8anKv_0REmbuWdhfXdIbdUBFr6-NbJAjS7VBr-Nw6yMPsXElP_A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 117161434
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0AFF 0
0 85ms
83ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCypPeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLICT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1dnTkoSc9hJqyosJOOoHk8y9VI-f_AwSJWUUbKwjFAEybaBjqaqEgAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTE2NzQ0OTAyMjU1NTUwOBgA&sigh=82P9RH6Dwaw&uach_m=[UACH]&cid=CAQSPACNIrLMoErwe_bDdHvWtAJ6cbf4OwdCJggut40C33hkypL9dM5F1TUQA7npMx8zalgwnSNkDZFpepsPzxgB

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&adk=1419306527&adf=1359297430&pi=t.aa~a.6521833~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&to=qs&pwprc=8061188151&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769591&bpp=2&bdt=1106&idt=2&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e78b3b640908b42-22cc796097cd0039%3AT%3D1652859769%3ART%3D1652859769%3AS%3DALNI_Male8IPHuSjGfejBKc1RFNdamjEQw&prev_fmts=0x0%2C730x280%2C730x280%2C350x280&nras=2&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ChuF7widBf&p=https%3A//webdigitalonline.com&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 18 May 2022 07:42:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 0AFF 0
0 145ms
48ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hxmv2k9tgcf5sd0bymt42yhj0mf36340ax4gzcta7v8n92emzwqxqxmm2g6bb3j7mhvkq7663hhkqczs73gygr76hdfbhwbfdx9xxgdaq10ey6ah9rddbw9gwkpc7qqnkhr39423k8pqt5xnj61d8mc3dqbaq7yf7bbfz97aadnghp6bbnyg3d23qpr1hvapm7xyav5b77ygxr812r06d8a1xvzvbjbrz4tyn3m0pzzhdd8zvtnqkwew2ak0d7fra4qantm2b5j7jt09ctvfg8ffjyx82j3x7386j4v0zs8gvp4s2tdd2j35n43qgkj5j0n6xxex3hjgqjg1f8b2qf15tnjew8640fybxaqeghfargpey6zmseahv1aef42f8eyxrkv59dqygqhz6kgxhg&b=YoSjeQALCqgAsyKrAAmbeqczyR9owowHe-Onrw
Requested by: Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 18 May 2022 07:42:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame EC74 2 KB
3 KB 153ms
55ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h336cez2csjysxemsjhbfwhcyby78ptvxrycvkd7hygds05fged2chqfb25gt4hsp5g7qabhgzfvfdceq48b6vz2a6k83m9hge4brkysnw23rke1mabrtq0wfe05z4eejyvm5380cc1kc494wyfqyktvdzknsryvf842am351h841gq75gg38gjmvj522sb31zb61fdm6t3dh9281rd66q0wbt0e1tpb4ngy4f5zm36xcvwv8483y21gh60e8pfjysa564wvrw858ej9dcwdzs3v2vgxpjq6qfpqfrf80hy01hh31d3mk798gm71ntpds8cpw7tnb3nyk6bm6x5njpq89h0mqe5qgpfm4532afz5eaj0h6tp5rp3yyd90fshtpxh1r3wbq517ay2ykag6tgkwjst8m994&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%26client%3Dca-pub-1167449022555508%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&adk=1419306527&adf=1359297430&pi=t.aa~a.6521833~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&to=qs&pwprc=8061188151&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769591&bpp=2&bdt=1106&idt=2&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e78b3b640908b42-22cc796097cd0039%3AT%3D1652859769%3ART%3D1652859769%3AS%3DALNI_Male8IPHuSjGfejBKc1RFNdamjEQw&prev_fmts=0x0%2C730x280%2C730x280%2C350x280&nras=2&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ChuF7widBf&p=https%3A//webdigitalonline.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8506e58e532a6c51a4c7dc329abe601ffad5c4709e3798e4b845d55bc7bbf0d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70d2f55b8a1c9b4f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 0AFF 3 KB
1 KB 132ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 06:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 06:38:31 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E7B2 1 KB
749 B 46ms
42ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 19 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AFF 133 KB
41 KB 134ms
51ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652701179351892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:42:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 0AFF 15 KB
6 KB 131ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7f462e43fe896aaa5a2d99fc168e2fc5c4c9eee29b5a47144a4bfbd7e9d126d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6371
x-xss-protection: 0
server: cafe
etag: 2039857681689864383
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 07:32:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0AFF 0
0 491ms
45ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2Bs5eFoLE3YsnIJXOui3yC5bV5thva49rM7DTMJevwdN6uY2HV_7yKoH0ywDwnodrwl3jBuAu-sdyRkGsDtP9Jo7hOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&adk=1419306527&adf=1359297430&pi=t.aa~a.6521833~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&to=qs&pwprc=8061188151&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769591&bpp=2&bdt=1106&idt=2&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e78b3b640908b42-22cc796097cd0039%3AT%3D1652859769%3ART%3D1652859769%3AS%3DALNI_Male8IPHuSjGfejBKc1RFNdamjEQw&prev_fmts=0x0%2C730x280%2C730x280%2C350x280&nras=2&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ChuF7widBf&p=https%3A//webdigitalonline.com&dtd=41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2011 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c772dbc2b894f9b4b8bfdf592a2b63cc8149fe7c119fc1526dcf2ba5ee3297a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D21C 2 KB
1 KB 175ms
84ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAHtU0KTAcKAAOVDyNfsCTDYLxq22gqxQ&u=%7CPbhUjzMp7UTh%2FkmAPG0IdpwPOBLULZyOlABTVpgeuG0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWHQqJfbRdcvi7LEXVL3jGkpDINyoH-Nq8zX26nd9ZobAslg0UUUQ9cbLgzdjbCp3tVr4jaVBk-njtzc_i8uOyR6WuXvtSQi-Oh8pLSqm3kwznJ6REUI3iYIc0BvfbbGEp_YiMrhZuvenxzxUY3qJ-MBWB1jN2cJqYYaqbLIQlYdkYaCxzwGXpbTV3lR502nzD72U_iFiDPFxTRwDydZLvQVSRObohdNJYGuthdR9Zx400JHEo82h4sY4Zzijjt4It2cvqqk0bovLvS4zaa2Q9x9DsDTqX5wp_t8bom4msA_BJj7Nae5SPWIhqQgq0p_RgauusVC7abCF_M_CB0WlxyYWGQ4SZpftgDlbj2l9sR1AD9Sb0MdK6mgSu7Pt6LpiZjxanPfB8C2&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmx6seaOEYs3qHoqOsAKPqo6gB8me0rFc9ZHevrEBwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoErwJP0J7XxHE_S3mygZl4Moda1Zuo-kGCmfLtAXxFNib4LO33ffIEzAgF-KZlG88ZMmkZ1PCAmrDNNYfnPBVDoqBPkdwhEHVVOOap2RF6Gm_wDj6aDmdJd4Z4nZssU-h_zm1H0iSQU6NYl2mqslyZvADdJOazDGFaHzqx4Wk2W9R3NI-DkhEO9cUn5jkjnnIZi8mNz7HqRnUKZHT2ZXUH0Kp-35f-DYHsMIr9CWYUbafr1bvxZGMfGD3KNLkIidJ_lewXf6XQuUnADpLjsW4Fgxg3FTBhTMFlQmTuAeQl_8yiAOy33yq6JhO9T-Fb5gj5EeggFPpPKVTNyxsyarsKlxBwAGj4cUzR-GESu80iyNp1n69ZiJMR0sHOJQPCtx1pzIR1EFTSe9IlrfJex9EPF6KABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1BMUpPW1tfCRKcGtK1iKOWsyHh7g%26client%3Dca-pub-1167449022555508%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D21C 2 KB
1 KB 135ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D21C 308 B
636 B 165ms
85ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame D21C 507 B
835 B 124ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame D21C 0
690 B 271ms
139ms Image
text/plain 2600:9000:223c:8400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652859768
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAHtU0KTAcKAAOVDyNfsCTDYLxq22gqxQ&u=%7CPbhUjzMp7UTh%2FkmAPG0IdpwPOBLULZyOlABTVpgeuG0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWHQqJfbRdcvi7LEXVL3jGkpDINyoH-Nq8zX26nd9ZobAslg0UUUQ9cbLgzdjbCp3tVr4jaVBk-njtzc_i8uOyR6WuXvtSQi-Oh8pLSqm3kwznJ6REUI3iYIc0BvfbbGEp_YiMrhZuvenxzxUY3qJ-MBWB1jN2cJqYYaqbLIQlYdkYaCxzwGXpbTV3lR502nzD72U_iFiDPFxTRwDydZLvQVSRObohdNJYGuthdR9Zx400JHEo82h4sY4Zzijjt4It2cvqqk0bovLvS4zaa2Q9x9DsDTqX5wp_t8bom4msA_BJj7Nae5SPWIhqQgq0p_RgauusVC7abCF_M_CB0WlxyYWGQ4SZpftgDlbj2l9sR1AD9Sb0MdK6mgSu7Pt6LpiZjxanPfB8C2&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmx6seaOEYs3qHoqOsAKPqo6gB8me0rFc9ZHevrEBwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoErwJP0J7XxHE_S3mygZl4Moda1Zuo-kGCmfLtAXxFNib4LO33ffIEzAgF-KZlG88ZMmkZ1PCAmrDNNYfnPBVDoqBPkdwhEHVVOOap2RF6Gm_wDj6aDmdJd4Z4nZssU-h_zm1H0iSQU6NYl2mqslyZvADdJOazDGFaHzqx4Wk2W9R3NI-DkhEO9cUn5jkjnnIZi8mNz7HqRnUKZHT2ZXUH0Kp-35f-DYHsMIr9CWYUbafr1bvxZGMfGD3KNLkIidJ_lewXf6XQuUnADpLjsW4Fgxg3FTBhTMFlQmTuAeQl_8yiAOy33yq6JhO9T-Fb5gj5EeggFPpPKVTNyxsyarsKlxBwAGj4cUzR-GESu80iyNp1n69ZiJMR0sHOJQPCtx1pzIR1EFTSe9IlrfJex9EPF6KABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1BMUpPW1tfCRKcGtK1iKOWsyHh7g%26client%3Dca-pub-1167449022555508%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:50 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: nBnbHMn5j375u5PflMlHM57xwZmwKWlfHkARmjThCGla_uaWNdPGYQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame D21C 43 B
348 B 167ms
50ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=BoZZTqIgar3PdS5R9BM-mVDRxQXiMYjFS5ZJ154enocPTaIE4oxlRLpVd_O6aLQSSa_LTAVED7MwJMOoapePSFjZYCOyPBKTWgAaLT7tMOaMQFiK7JVPJnEBtHQrrQQn1QePRBgnHUEO0HxaLtJuUgJs_6Z2CSgxIOL8bU5az4od_PFMbyciNLXpkd83bAKOssAzYNj-au-f_ErpZx1RAKsJQOn1Btb9QjYb4b_PS4AsgJxoLK9mPxXKYlJz6Hyjt_h6ajbDtQ7LNVkFAX1UJKFmb2HR-mDUo5RReN2zKjuUcXNUDJxyteySX_x3ntBbr0DchBK1EsyCVphyZQDxx6n4lRazt6gWHJTh-Mid9iSfAdYfvGrDkH7NNVW-AhbwJGQBlbdJ3esTHjh1cShEoVomRzydFORkV8F5g4dlE2wG3jdj5I673d5SCPDPweATos4dSg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:50 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2620320
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D21C 12 KB
6 KB 43ms
43ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
DATA 200
OK truncated
/ Frame 1B20 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8e3ba0fd2e6f4f121bf0fc9e3e1fc8bfc8495f164fdeffaa1a2f48907be2ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D21C 19 KB
19 KB 155ms
50ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=696&s=o9Cx9FQCYw_Rwzo84yJFEa4N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28834917
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19171
expires: Mon, 17 Apr 2023 01:24:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D21C 0
128 B 130ms
41ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=64RIK_iZryWald9gyZjuyLcMrlZ-a8VzDetsIIkL_5hIRZakViDSMnBr_ZVevHRLMQHCA2QUjVfwJDEaHIeFWm5cjXNMECPzmHPb1h3NEgEWBfFNwMlRVJpGMNcZFf5AYX7mBmpIZuOS-0NrYxAVR1Ho1OV51o86UzTsaM07fvodluLSHVZiKbqj2fSo5U57Xh6d6bmQtBtM9KjjhorHVsZB_XVfp9VhdTu2TCDyIf6D9zeB8dI_bSFGzHNil1pl23Mkbw&sds=2&rev=81468.6&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 May 2022 07:42:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D21C 2 KB
1 KB 48ms
48ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D21C 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
DATA 200
OK truncated
/ Frame C5A3 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf68aaf4230b227d2de67f80d23e220232dd4c3049c9a004a8d6a0b1ebf6ea8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DAB6 2 KB
1 KB 49ms
48ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAFdOIJHUhgAAqMA-b-wXRURAWMTj0JHg&u=%7CPbhUjzMp7UTdNLNte0bmj8o5jlwBG0P21a7v%2BCPjuzE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUJ3oXzvgtKiYOzI_r4EfeXyNBPk3aWLZL_MpKHRLwHFIK_rsTdz9nvMEvgW7A0h9n3n-D8hNTosGCwyb3em054bzS9VYqJVjdiMmn9uIm4_pvbhO8-YIK10snwHOMS5zwUNbFSCePrx-QVfMDiRnPC3qFSmcP8ccGo6qIQMe9ce8_lv6Ik3IP3AdONnoAnebiQkHTdkrSSi1_aMCZlqoFgCoqJ3cOYQCff7PhUGDi_s-codxs4A2IDFj2h0VQEPkzsDVSnUgZ2Jm9knVpKYHpBreOD-z5MU7_D5BJTQw7eUNtAkeMoR11Dox3wHCoFZGRi4ckhcjQoDswRh4SZRlenwc8-_TSHTgdGm051tx9FB1CUQg8KnYoTLxA7X-sTzZmw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrlP8eaOEYuLpFeCQ9fgPg5iq0AvJntKxXM2jlvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQJEv7Qal6yxPqgDAaoEhwJP0GsUfzl5e0OX99hjmOQeKfd2fI4QXjLSqu_DpJgkgG9vFIR1TyhOTDPqWXS4WXYO8K3FhwcD57-KFHMCktPSTpQroNcBoA_Zp0ptzzHTK4OM35_Dz_mAQMdAR0s1EnlsA9Mtu3IekQrxOX4tYi91VtL6CwR0MNtOkku-J2bmXV8fD0z5x-74LAEEXi0n0P6aWDZIfE9mlJmAcOkpkSPRiH7r4u1RC1MygK2In_3TU9Uoi2xx4M9U44hpAYGGv1DK6VYA4v9sYSJ_MVMRtzKIqwvrLrxWv5AU6N4nnuIrlerSLI0sgxz3sFgRQXAhjfumCyKiQbnigIWdWk1SOuyCoKG9gM8ad4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m6wMbYNr4cVI-WxCG04acN1UzSQ%26client%3Dca-pub-1167449022555508%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DAB6 2 KB
1 KB 59ms
58ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DAB6 308 B
636 B 55ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame DAB6 507 B
835 B 57ms
49ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame DAB6 0
690 B 150ms
142ms Image
text/plain 2600:9000:223c:8400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652859769
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAFdOIJHUhgAAqMA-b-wXRURAWMTj0JHg&u=%7CPbhUjzMp7UTdNLNte0bmj8o5jlwBG0P21a7v%2BCPjuzE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUJ3oXzvgtKiYOzI_r4EfeXyNBPk3aWLZL_MpKHRLwHFIK_rsTdz9nvMEvgW7A0h9n3n-D8hNTosGCwyb3em054bzS9VYqJVjdiMmn9uIm4_pvbhO8-YIK10snwHOMS5zwUNbFSCePrx-QVfMDiRnPC3qFSmcP8ccGo6qIQMe9ce8_lv6Ik3IP3AdONnoAnebiQkHTdkrSSi1_aMCZlqoFgCoqJ3cOYQCff7PhUGDi_s-codxs4A2IDFj2h0VQEPkzsDVSnUgZ2Jm9knVpKYHpBreOD-z5MU7_D5BJTQw7eUNtAkeMoR11Dox3wHCoFZGRi4ckhcjQoDswRh4SZRlenwc8-_TSHTgdGm051tx9FB1CUQg8KnYoTLxA7X-sTzZmw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrlP8eaOEYuLpFeCQ9fgPg5iq0AvJntKxXM2jlvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQJEv7Qal6yxPqgDAaoEhwJP0GsUfzl5e0OX99hjmOQeKfd2fI4QXjLSqu_DpJgkgG9vFIR1TyhOTDPqWXS4WXYO8K3FhwcD57-KFHMCktPSTpQroNcBoA_Zp0ptzzHTK4OM35_Dz_mAQMdAR0s1EnlsA9Mtu3IekQrxOX4tYi91VtL6CwR0MNtOkku-J2bmXV8fD0z5x-74LAEEXi0n0P6aWDZIfE9mlJmAcOkpkSPRiH7r4u1RC1MygK2In_3TU9Uoi2xx4M9U44hpAYGGv1DK6VYA4v9sYSJ_MVMRtzKIqwvrLrxWv5AU6N4nnuIrlerSLI0sgxz3sFgRQXAhjfumCyKiQbnigIWdWk1SOuyCoKG9gM8ad4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m6wMbYNr4cVI-WxCG04acN1UzSQ%26client%3Dca-pub-1167449022555508%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:50 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: 9WmOyLByT5zCkrBQaOWKg3DxA6baV_vzDGjZuuiDdDMdvAeX4xYSfA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame DAB6 43 B
347 B 60ms
54ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=6TsRFvEQXosB4o_DSZQa_qdMyZ4bvqb-21_6qacLmBS-tuJRJPMgg0rkWoqeOqBRAQhSg-g3M_qj7yVHh6RQdVmfP6MQIaA3nny1ylPg-JEGcmA8_tkKgByQD14Z7BOU_lEjj-HS6kfVxapYO1ke8_ick3RBnkyrARRdv0eIzuqJzm5EzwtX1IgMmuTrC8XJnRuxW2PY4rSgAh7g7imWzCtHeI5A6tQ5eD97gRlYzd-qLk44ntlRp_lMXm1HBo8hrhCM2GtFFo2vcDO93ENiWp_irPCGvF2zVnPoDnynpFtHi_hcZQIfElLGG5dgcCKhRjhkkDpEjNpcYLuf4fTJkZI_BPZpHpCqKL_zpiWR90HxuWEfxGwZMTFW5pkFJPdYozhLSJJV1pKOAkvvGLJTjj4EXAMkNLWII7Ev7-0PWft2NIhKkp7R2owqpD6JExHalfHgJA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:49 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3128082
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0AFF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b30bb9b2aa878173751a163425715919f3e43bc3c5e476458e17be842e89f02

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame EC74 85 KB
11 KB 98ms
55ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h336cez2csjysxemsjhbfwhcyby78ptvxrycvkd7hygds05fged2chqfb25gt4hsp5g7qabhgzfvfdceq48b6vz2a6k83m9hge4brkysnw23rke1mabrtq0wfe05z4eejyvm5380cc1kc494wyfqyktvdzknsryvf842am351h841gq75gg38gjmvj522sb31zb61fdm6t3dh9281rd66q0wbt0e1tpb4ngy4f5zm36xcvwv8483y21gh60e8pfjysa564wvrw858ej9dcwdzs3v2vgxpjq6qfpqfrf80hy01hh31d3mk798gm71ntpds8cpw7tnb3nyk6bm6x5njpq89h0mqe5qgpfm4532afz5eaj0h6tp5rp3yyd90fshtpxh1r3wbq517ay2ykag6tgkwjst8m994&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%26client%3Dca-pub-1167449022555508%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h336cez2csjysxemsjhbfwhcyby78ptvxrycvkd7hygds05fged2chqfb25gt4hsp5g7qabhgzfvfdceq48b6vz2a6k83m9hge4brkysnw23rke1mabrtq0wfe05z4eejyvm5380cc1kc494wyfqyktvdzknsryvf842am351h841gq75gg38gjmvj522sb31zb61fdm6t3dh9281rd66q0wbt0e1tpb4ngy4f5zm36xcvwv8483y21gh60e8pfjysa564wvrw858ej9dcwdzs3v2vgxpjq6qfpqfrf80hy01hh31d3mk798gm71ntpds8cpw7tnb3nyk6bm6x5njpq89h0mqe5qgpfm4532afz5eaj0h6tp5rp3yyd90fshtpxh1r3wbq517ay2ykag6tgkwjst8m994&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%26client%3Dca-pub-1167449022555508%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 138779
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 16 May 2022 17:09:51 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 70d2f55d196691e9-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame EC74 31 KB
11 KB 66ms
56ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h336cez2csjysxemsjhbfwhcyby78ptvxrycvkd7hygds05fged2chqfb25gt4hsp5g7qabhgzfvfdceq48b6vz2a6k83m9hge4brkysnw23rke1mabrtq0wfe05z4eejyvm5380cc1kc494wyfqyktvdzknsryvf842am351h841gq75gg38gjmvj522sb31zb61fdm6t3dh9281rd66q0wbt0e1tpb4ngy4f5zm36xcvwv8483y21gh60e8pfjysa564wvrw858ej9dcwdzs3v2vgxpjq6qfpqfrf80hy01hh31d3mk798gm71ntpds8cpw7tnb3nyk6bm6x5njpq89h0mqe5qgpfm4532afz5eaj0h6tp5rp3yyd90fshtpxh1r3wbq517ay2ykag6tgkwjst8m994&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%26client%3Dca-pub-1167449022555508%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb79983098cae86fa7cf2efc46d131d36bc52697ee1faeaaf2dc95bdf2e64610

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=IOnHVw==, md5=TQGT+nK+VK2hQyff6S/VUw==
date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8667
x-guploader-uploadid: ADPycdtVCuQh3tbUzEH574ex_2SleVXlxZux4A6yIku4oJdb1MbfAq9XrpYIRpELC21mpsBruNg0lYdP2HJt4zo-lpxtBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 14 May 2022 05:18:02 GMT
server: cloudflare
etag: W/"4d0193fa72be54ada14327dfe92fd553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9771O1c5NZINWxjNeLlxW0z5QpR9ax6JOZY%2FkKcmtHh7mevuq54BIYaS9b1HG1s4dn0rS4oGHjN0fiDiY6wqWE4ib4Cx4i9LvDY4lsrjmHfUp%2Bor0dZjjBXGEfCu1j07A05MsUE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1651592188892994
content-type: application/javascript; charset=utf-8
expires: Wed, 18 May 2022 05:18:23 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 10607
cf-ray: 70d2f55cec829b4f-FRA
cf-bgj: minify

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame EFB0 2 KB
1 KB 54ms
46ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAGLm0JlNzUAAIKUx1wWTOpW5M6MnGx5Q&u=%7CPbhUjzMp7UR%2BjhEeOFmjxc%2B6EjTTUsquTM6wN8SsVtY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYZK7yZCdRqyzeoIj61fdkFcm4m2H1tVj-8S_x2BkGeOcV-RfWoLdy8DhuvBe6SalbGWo6Sh9safCrxXVsEv9-FUnECOtIwTFU6Vb6W8y9Nx90jrkBwMfh0AZJ18iQ_qahVMCb9ZIE0KUHLaG4wXb8jmyiAa-umEqPv5CNnYxy2xlYSVOrE0NF93VnS_CIAhbv-UEmi65XCSubDy34-InUDVdkhZX-T0HO4K-qX8eUBwrtzGLnOIE81z9SC4uevWkdrTMa7kzY4bNPivthJlzgSQ58r3jZM9ROxUuq26hAuitAuRhwj1X-tNUzE81qZZNdHw83TbFXFBhog6YY9tZb9ERO4NAP5OVLmrL06L5VbfoWAkdjXiHX9vn7yIZxMuwdJPbLRlgh93BuSvl6HcmT0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV_QVeaOEYu3cGNS50_wP05SIkAvJntKxXPXalvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoEsAJP0FeAH7QX2G06-U4C99cSstth70Hw01VXeZgfCFDWaKXoMietOeEa9QYRQKocqqDffz5lRv0XdhDVAcwCccDuwXDTfEV__tkyVk0kt2UbP_UOKCLTNphYM8lfabkculNIz8j68hQGvvMDeRDq_cJAFfj52O5VeEuDHsVb_s5DuLlwrsMJmgRmElXe2QntT4cEzsiSIaTEVc8oTWZgpLgSkHsP-bWkBSzzqZcgcvyvKDWkUoIdOhZux1pSUARq2Pf_-fvhvUX2XQ91KyPiEsTVkWgLYZpMOTtESIDb2sTPq8y_LurlOBHjHi4gKqlHAMhCE94cIekpt_Ska0BAZuLdI_7sfYaboGtN1MHKNcJQGs7N1u-K1165uCsFzsnYWsPokXdZEScGvdjE7rIWN3PfgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3TqlZXI-XRKqWFk9Ykzx6SiD7spw%26client%3Dca-pub-1167449022555508%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame EFB0 2 KB
1 KB 51ms
46ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame EFB0 308 B
636 B 49ms
47ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame EFB0 507 B
835 B 46ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame EFB0 0
689 B 142ms
140ms Image
text/plain 2600:9000:223c:8400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652859769
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoSjeQAGLm0JlNzUAAIKUx1wWTOpW5M6MnGx5Q&u=%7CPbhUjzMp7UR%2BjhEeOFmjxc%2B6EjTTUsquTM6wN8SsVtY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANYZK7yZCdRqyzeoIj61fdkFcm4m2H1tVj-8S_x2BkGeOcV-RfWoLdy8DhuvBe6SalbGWo6Sh9safCrxXVsEv9-FUnECOtIwTFU6Vb6W8y9Nx90jrkBwMfh0AZJ18iQ_qahVMCb9ZIE0KUHLaG4wXb8jmyiAa-umEqPv5CNnYxy2xlYSVOrE0NF93VnS_CIAhbv-UEmi65XCSubDy34-InUDVdkhZX-T0HO4K-qX8eUBwrtzGLnOIE81z9SC4uevWkdrTMa7kzY4bNPivthJlzgSQ58r3jZM9ROxUuq26hAuitAuRhwj1X-tNUzE81qZZNdHw83TbFXFBhog6YY9tZb9ERO4NAP5OVLmrL06L5VbfoWAkdjXiHX9vn7yIZxMuwdJPbLRlgh93BuSvl6HcmT0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV_QVeaOEYu3cGNS50_wP05SIkAvJntKxXPXalvdwwI23ARABIABgleKigrAHggEXY2EtcHViLTExNjc0NDkwMjI1NTU1MDigAdW20uoDyAEJqQKrjVQYHayxPqgDAaoEsAJP0FeAH7QX2G06-U4C99cSstth70Hw01VXeZgfCFDWaKXoMietOeEa9QYRQKocqqDffz5lRv0XdhDVAcwCccDuwXDTfEV__tkyVk0kt2UbP_UOKCLTNphYM8lfabkculNIz8j68hQGvvMDeRDq_cJAFfj52O5VeEuDHsVb_s5DuLlwrsMJmgRmElXe2QntT4cEzsiSIaTEVc8oTWZgpLgSkHsP-bWkBSzzqZcgcvyvKDWkUoIdOhZux1pSUARq2Pf_-fvhvUX2XQ91KyPiEsTVkWgLYZpMOTtESIDb2sTPq8y_LurlOBHjHi4gKqlHAMhCE94cIekpt_Ska0BAZuLdI_7sfYaboGtN1MHKNcJQGs7N1u-K1165uCsFzsnYWsPokXdZEScGvdjE7rIWN3PfgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3TqlZXI-XRKqWFk9Ykzx6SiD7spw%26client%3Dca-pub-1167449022555508%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:50 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: z7sb16A1tzynQVLVGkI0MLSu_Tbb3m6jtQvIErw3V3UAzNtr11MS5w==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame EFB0 43 B
347 B 53ms
52ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=uyYzr6Igar3PdS5R9BM-mVDRxQW_u5V9SWqdSOsUTJSSy_WciSgFmGEu6h-ZwUbUQsQ9SAujh9EfDAec_OsUZkzQGinGHQLg_mvpI0qS5vCwzxyGf340-F4GI4xMf26Vq_DmZlUAeWId44MjT6K453fWN3ozeNGgGzEDJQIdQfqmwBGVy2Bu3XzyOf4mV_qHqjG-9v9aWqtPqCMTpcTbNvjAwvF6YMA9CHITvOdG46FaAZ_nBea6MIyyObjpykknuiY-MxdKMmMETx1DS46mkVIHhiVegG7EtbPxJws_7ljviNpfwF8Daxi9gScULxhStugV5B1ZYlQfFhXHb4OGYrAaQiOcu7eAjEx2Nbrgg2IZMhfyq3EUaab9-P4VVqQon12uUEO34_M4xGWXao7N5diOtDLFhKZ9ClFynRBaeJxnTPBmfIoLd00vbQ0-cVe5g3hU1A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:49 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3071360
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET dpixel
cms.quantserve.com/ Frame E7B2 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7B2
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLCbPXqK_-ImGhWy9bjJzcbzdE5S1We-Vz0pDJ...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9TamVnQUFBUTNrRndRaQ&google_push=AYg5qPLCbPXqK_-ImGhWy9bjJzcbzdE5S1We-Vz0pDJ3U9r_NjdZh06SLq6ea7G0SEu1Ruc-gHLKx5xSIPYX_DZrGtevhtt7WCo

170 B
188 B

133ms
56ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9TamVnQUFBUTNrRndRaQ&google_push=AYg5qPLCbPXqK_-ImGhWy9bjJzcbzdE5S1We-Vz0pDJ3U9r_NjdZh06SLq6ea7G0SEu1Ruc-gHLKx5xSIPYX_DZrGtevhtt7WCo

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW9TamVnQUFBUTNrRndRaQ&google_push=AYg5qPLCbPXqK_-ImGhWy9bjJzcbzdE5S1We-Vz0pDJ3U9r_NjdZh06SLq6ea7G0SEu1Ruc-gHLKx5xSIPYX_DZrGtevhtt7WCo
Date: Wed, 18 May 2022 07:42:50 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame E7B2 43 B
356 B 151ms
47ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENIVhjJGsUGkqHkdF2qxf70&google_push=AYg5qPLGZNFBbnuI5uZgc1ndVfuSdvuIOCfm5tOoPtGMCE7IbLszaqjDKGYx8J_Y07oTa-tvOHrSfMbcrJHbfOjv3xfPPtj6EWQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&adk=1419306527&adf=1359297430&pi=t.aa~a.6521833~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&to=qs&pwprc=8061188151&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769591&bpp=2&bdt=1106&idt=2&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e78b3b640908b42-22cc796097cd0039%3AT%3D1652859769%3ART%3D1652859769%3AS%3DALNI_Male8IPHuSjGfejBKc1RFNdamjEQw&prev_fmts=0x0%2C730x280%2C730x280%2C350x280&nras=2&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ChuF7widBf&p=https%3A//webdigitalonline.com&dtd=41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:50 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E7B2 43 B
350 B 168ms
53ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA4_1XpY0eybxs1UTNU3TxU&google_cver=1&google_push=AYg5qPLjRT7bBh3WPjXPq679eSC9vES9Crs7oFkQIxo9haVoBFQaQz4kqAMqty9-EGWSzpN-7_uDZMiPJFpiFrM_7kM4McAdJarK
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1167449022555508&output=html&h=280&adk=1419306527&adf=1359297430&pi=t.aa~a.6521833~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1652859767&rafmt=1&to=qs&pwprc=8061188151&psa=0&format=350x280&url=https%3A%2F%2Fwebdigitalonline.com%2Fpage%2Fbusiness-services%2Fdowngrade-quickbooks-company-file&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652859769591&bpp=2&bdt=1106&idt=2&shv=r20220511&mjsv=m202205120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e78b3b640908b42-22cc796097cd0039%3AT%3D1652859769%3ART%3D1652859769%3AS%3DALNI_Male8IPHuSjGfejBKc1RFNdamjEQw&prev_fmts=0x0%2C730x280%2C730x280%2C350x280&nras=2&correlator=639530836683&frm=20&pv=1&ga_vid=855922387.1652859769&ga_sid=1652859769&ga_hid=817987963&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1697&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067624&oid=2&pvsid=3788120061096202&pem=137&tmod=1013175513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ChuF7widBf&p=https%3A//webdigitalonline.com&dtd=41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:49 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2n9401b10h47dt070cun1ag4qs42m2i8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7B2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTKYzsW1TISdUt3Z_4QdmA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
49ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTKYzsW1TISdUt3Z_4QdmA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJWNjkTxDSzhkX-cyVsZ98DMbt5UCy-dwlB5F9ZOq5S_uV1QUXOxZepSFNEkWhJiDdfur2X_vn_ZtjqUQyidQlcN0G9_UU

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTKYzsW1TISdUt3Z_4QdmA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJWNjkTxDSzhkX-cyVsZ98DMbt5UCy-dwlB5F9ZOq5S_uV1QUXOxZepSFNEkWhJiDdfur2X_vn_ZtjqUQyidQlcN0G9_UU
date: Wed, 18 May 2022 07:42:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET sync.php
pixel.rubiconproject.com/exchange/ Frame E7B2 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E7B2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtOjQ5FMceD42_R4if_8ms&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAtOjQ5FMceD42_R4if_8ms&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoSjenrFQoKN3ZD2yToU_gAABK8AAAAB&google_gid=CAESEAtOjQ5FMceD42_R4if_8ms&google_cver=1&google_push=AYg5qPJgxKJ9n-Y4HXeXIC9ljBNCc8p_dN_qx...

170 B
188 B

82ms
49ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoSjenrFQoKN3ZD2yToU_gAABK8AAAAB&google_gid=CAESEAtOjQ5FMceD42_R4if_8ms&google_cver=1&google_push=AYg5qPJgxKJ9n-Y4HXeXIC9ljBNCc8p_dN_qxzxsjNUI-BlEJUiWA_Vjd8qRjR4C01Bp8ztIyOBYI3TnGC34R21OeH3Lz4KPQCc

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 May 2022 07:42:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoSjenrFQoKN3ZD2yToU_gAABK8AAAAB&google_gid=CAESEAtOjQ5FMceD42_R4if_8ms&google_cver=1&google_push=AYg5qPJgxKJ9n-Y4HXeXIC9ljBNCc8p_dN_qxzxsjNUI-BlEJUiWA_Vjd8qRjR4C01Bp8ztIyOBYI3TnGC34R21OeH3Lz4KPQCc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Wed, 18 May 2022 07:42:50 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E7B2 0
232 B 149ms
45ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ltbc944EdBDI11dwbFlrw229jU__8QO4CQBK_fGS0YP_5rAvdouZ2YEtzehMbyU-TxUZRw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame EFB0 12 KB
6 KB 48ms
48ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EFB0 7 KB
7 KB 66ms
60ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30329345
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6722
expires: Thu, 04 May 2023 08:31:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EFB0 1 KB
2 KB 65ms
60ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoZenjob-GmbH-Extern-253922DE-2205131531.gif%3Feb%3D1&v=3&w=400&s=lp0pCR0WxEkaS3DzcFeHomIL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8ab72c25d71e12f99d7b3588afdbf14c8766294a33871a3484698cfe05605b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2203768
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1480
expires: Sun, 12 Jun 2022 19:52:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EFB0 9 KB
10 KB 65ms
61ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoHamburger-Schulverein-v-1875-e-V-79400DE-2003260923.gif%3Feb%3D1&v=3&w=400&s=yA4OksRSKjW5u7Xi8gyr0A3N&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d6fda7c6f2eb90e2e02b1d6e1fef20e1ee7097d1463cab678f4360071f5f3eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=286598
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9476
expires: Sat, 21 May 2022 15:19:29 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EFB0 0
127 B 46ms
42ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=cinKdviZryWald9g-mOoXn6kkThBqiQZxozD6ybbOQoryP6iqmJp9gwggLVjD9Xc_C9XjcdYbO78arsXtUhEz9-ZT2Iyz2NGh4UtCnuQ167O_mrfypoy2LU4G0ieA1IcotjcB5UeR7WDtQKJ7_HkbgZJMzNNndtrUfiT78kVYLxJIhsernIhLo61ptWyWD6SxQslu0B2Dj4Zn-dML1h8anKv_0REmbuWdhfXdIbdUBFr6-NbJAjS7VBr-Nw6yMPsXElP_A&sds=2&rev=81468.6&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 May 2022 07:42:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EFB0 2 KB
1 KB 47ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame EFB0 2 KB
1 KB 47ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DAB6 12 KB
6 KB 49ms
49ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 5 KB
5 KB 49ms
48ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=1VjkrEGz0-tU4Tlj32yh-jEc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28834917
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5106
expires: Mon, 17 Apr 2023 01:24:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 1 KB
2 KB 54ms
53ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoZenjob-GmbH-Extern-253922DE-2205131531.gif%3Feb%3D1&v=3&w=800&s=2YWmmemMVkt5rs-hvCdzD5jQ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8ab72c25d71e12f99d7b3588afdbf14c8766294a33871a3484698cfe05605b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2203768
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1480
expires: Sun, 12 Jun 2022 19:52:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 1 KB
1 KB 51ms
50ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FO%2FlogoOHB-System-AG-DE.gif%3Feb%3D1&v=3&w=800&s=TMgR2M965CHEqMtN_EBXYpLu&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7128f4daba0c40c092a48e2b5ab9b3fd1fceda329d766eb9183cff1e141231d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1291007
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1188
expires: Thu, 02 Jun 2022 06:19:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 3 KB
3 KB 56ms
55ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoConcentrix-Germany-169413DE.gif%3Feb%3D1&v=3&w=800&s=UN8ephX_VkECacZLWtRXXEwt&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=129631
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3064
expires: Thu, 19 May 2022 19:43:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 2 KB
2 KB 59ms
58ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoVolkswagen-Infotainment-GmbH-148893DE-2108271431.gif%3Feb%3D1&v=3&w=800&s=V7dfRLh8LkIUW25_MU5IPw6V&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a7e8227efd35d01dc33f80ade6cf28dafbde7e35ad8c0c203b85fc11d2232152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1916
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 2 KB
2 KB 58ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoFinanz-Informatik-GmbH-Co-KG-142521DE.gif%3Feb%3D1&v=3&w=800&s=5RzRxTVYf2ohs2ENySm2vUGx&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

302ec75ee9ac9c4902c4f405d7afe87e20c528b604474ffb1e5306b3ab1b8375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2244998
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1600
expires: Mon, 13 Jun 2022 07:19:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 2 KB
2 KB 57ms
56ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FK%2FlogoKPMG-AG-Wirtschaftsprufungsgesellschaft-Berlin-8038DE.gif%3Feb%3D1&v=3&w=800&s=qLQ5dbqX_hSP7QpkzwsM5roO&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ed7e36bbfdc81471c0197939b78fee25d2237d860623cb1d5f146ff1e6b984d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2120
expires: Wed, 18 May 2022 07:42:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 2 KB
3 KB 56ms
56ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoAmprio-GmbH-201935DE-2106231706.gif%3Feb%3D1&v=3&w=800&s=HokYZuKMzPY0PkFyJnXtNULS&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=351340
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Sun, 22 May 2022 09:18:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 2 KB
2 KB 58ms
58ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoWurth-Elektronik-eiSos-GmbH-Co-KG-75178DE-2204111608.gif%3Feb%3D1&v=3&w=800&s=D9wxTIpRKc1e1etm8IIwz08n&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a939262dce5b5f8ace3905f30f82dfa35cd4f3ade671f44be71b0850c8258c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2030970
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1792
expires: Fri, 10 Jun 2022 19:52:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 9 KB
10 KB 57ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoHamburger-Schulverein-v-1875-e-V-79400DE-2003260923.gif%3Feb%3D1&v=3&w=800&s=3DhRf62B6vFdYzcsVKLuaBp7&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d6fda7c6f2eb90e2e02b1d6e1fef20e1ee7097d1463cab678f4360071f5f3eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=286598
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9476
expires: Sat, 21 May 2022 15:19:29 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DAB6 0
127 B 41ms
41ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=wKeKhPiZryWald9gie2RqmJgDQUxwgO1fwgfk2EpLS28wo2yLaXqs2GBn2l4Wk5KxktkFp_wMl7cmhfh2f867QRTleKRRP1CF-DWoyUqel-X6fvnHgS3vVKKQ_FsLS0lwHqw5NZcE14OWIns-5EJH5183TH3ja4eyJSQ-lBOcVGTuByQMGufPcdBfhSi4wr099EhxWEDQfp6eWr2_K5RxPhr-Fjf9G544gs4CyqCO9fRZI4pX8J1reAXJ5WpY7GIDcU9xw&sds=2&rev=81468.6&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 May 2022 07:42:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DAB6 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DAB6 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 07:42:50 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame EC74 3 KB
4 KB 147ms
61ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Wed, 18 May 2022 07:42:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6794801
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWjc5Zg7BA%2FjFcQttWTGhaxwuXOBQh80zJ9aOIFy09lERBJ%2Bus%2BhnlMwmjYoQBbyN6i2%2FUUWV%2BbXasFZQu1uK9D3is%2B4v7aarSUrF37%2B2YT7RPEQe52L7Ho%2BTBImzOQtMDwuZDvGOSVLTmQwXYneG93v"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 70d2f55ebb0d9177-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame E3E1 2 KB
2 KB 47ms
47ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1721064
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 70d2f55e4ba991e9-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 18 May 2022 07:42:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 18 May 2022 08:42:50 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQfx8AIEyFn7jXaIURWGJPyQBRmFj8QCJjD30ZC3v6veTuiFqq4ed9KdiwU85t8Xe0rvPFOWncb0Mh9rs5tWlujHv4nVWcYMerpX%2F9DEgMShx9iZnRuJiAP2lLLgy1MaChPq2Sw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdtyt0YYJGM7L4Qh4KppAxdHUa6qSHGwk_MVt1bnpkWR4u_j_tebe8lZvHDpkzKsfKnRm3Uay31h5MKGRnI-yLI

POST
H2 200 rs Show response
ad4m.at/ Frame EC74 2 KB
1 KB 388ms
88ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7711a634a919ab91876c54d4c5230750d0dcbc458ed5b4e878fe1c49c6637587

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 70d2f563cd06913c-FRA
date: Wed, 18 May 2022 07:42:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iqpu4lIfarUoaQC3UUPeR%2BGXtcq2UYLuS4dR9dSaLKVLTh5FMrAoF6QEu3aaoAOSFfTleI7eQxFehQR%2BtzIUVz2OQrPgOGcMiT3OI4lpLJwSYXrF2%2FPfX%2B3olxwZ94uvRRSstQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-lm43

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 488ms
109ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70d2f5611fac913c-FRA
content-length: 24
content-type: text/plain
date: Wed, 18 May 2022 07:42:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2pLji%2Bf1vVWx2ExIgRIMzqVkRXUlPos13YO%2FVvUxKu63gbGiyKiOngqAz9FPUqBFO%2B2VCR1U5aJ%2FwfgPLa0uOU8MdHhR3Ca3FFvTHZaUcjDbbtQ%2FD5O1AtiPo%2Fs4rOYHL24lgQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-lm43

GET
H2 200 arlinablock.js Show response
cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/ 89 KB
61 KB 132ms
51ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js

Requested by

Host: webdigitalonline.com
URL: https://webdigitalonline.com/page/business-services/downgrade-quickbooks-company-file

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7479748bad5793b25b90b43aec31d698a6dc56b094c4b5d26ac884bce952931c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32547
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19135-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"162b7-J7GuEbwR9hTtBO1SIcoyA3ddHw8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLgLpaIvGv%2Bhb4zrJ6J1fXwrth4L08%2FIcWlqzxqGa%2BxRzQ7bLb8I6SJ9Rkzlek2xOLPkleGw%2F6NZMFpDem48SLiuIGCrsgNucTLgVcRgud81J6hIJY564ZV6580HWKb0bVmc4TI0fnt0huF1aow%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 70d2f55f9f385caa-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 127ms
51ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0867b27664fa8f50f069dd672051548be87a89ab675631655add3833f5c9d451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10505
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
55 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/Arlina-Design/quasar@master/arlinablock.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2130d56ee8a92dd629239d308023351765bd5f05ff28fd3c8e0e0ff675639616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56188
x-xss-protection: 0
server: cafe
etag: 2412368557715827654
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 May 2022 07:42:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 May 2022 07:42:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B56 13 KB
5 KB 39ms
37ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:18:40 GMT
expires: Thu, 18 May 2023 07:18:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DF4D 783 B
534 B 132ms
53ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e58e964fcfcd0a35b434d2dfed57a44da51e4604ba5cf1faeed61084f7f35a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EixwJs_o6hQ8zvYEnyIJ9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://webdigitalonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-EixwJs_o6hQ8zvYEnyIJ9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:51 GMT
expires: Wed, 18 May 2022 07:42:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B56 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 13:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 13:28:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF4D 0
0 86ms
86ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=3788120061096202&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6B56 0
9 B 37ms
36ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QPaetQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B20 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugk5_w7MLm-nQQKKZU_3XBiKd0svwxh6wQ5jsazrrdslec5bK-7-d_e8kcDvGBwbm0ofUnbH4yjsizSazD1RYQ&sig=Cg0ArKJSzEQGR76znDnoEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=184,825,1001,1001,1001&tos=184,641,176,0,0&v=20220516&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652859769670&rpt=446&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C5A3 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthtg5SkJmFGyYm5eVLLnRC8-3Hj6Uk0HEjBQsmbvdTWUfxF9tI-_NtOzNW6utKXOZPLGx0IrEUuWhLn8H7NPcbSQ&sig=Cg0ArKJSzNiBGE9fFsq8EAE&id=lidar2&mcvt=1002&p=0,0,280,350&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220516&bin=7&avms=nio&bs=0,0&mc=0.85&if=1&vu=1&app=0&itpl=20&adk=2527475&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652859769421&rpt=766&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2011 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaGfpE4xJ3gavEkgzDFCAhOSiEVImNcnB9DE7-lwN4hp0HCp1F3AcTlnXxO5jEkVypEVkT4xhemoBfbYzYXl57&sig=Cg0ArKJSzKTSwJEjLWNFEAE&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220516&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=395207145&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652859769291&rpt=933&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 07:42:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D21C 0
127 B 43ms
42ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 May 2022 07:42:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame EFB0 0
127 B 41ms
41ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 May 2022 07:42:51 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 567E 12 KB
5 KB 57ms
56ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc5652b24306d956492c34a6541994ec1a461fa42e0c34fa3f3c9873c65a6a59

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h336cez2csjysxemsjhbfwhcyby78ptvxrycvkd7hygds05fged2chqfb25gt4hsp5g7qabhgzfvfdceq48b6vz2a6k83m9hge4brkysnw23rke1mabrtq0wfe05z4eejyvm5380cc1kc494wyfqyktvdzknsryvf842am351h841gq75gg38gjmvj522sb31zb61fdm6t3dh9281rd66q0wbt0e1tpb4ngy4f5zm36xcvwv8483y21gh60e8pfjysa564wvrw858ej9dcwdzs3v2vgxpjq6qfpqfrf80hy01hh31d3mk798gm71ntpds8cpw7tnb3nyk6bm6x5njpq89h0mqe5qgpfm4532afz5eaj0h6tp5rp3yyd90fshtpxh1r3wbq517ay2ykag6tgkwjst8m994&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%26client%3Dca-pub-1167449022555508%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70d2f5643f3891e9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 07:42:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

POST
H2 200 all
csm.eu.criteo.net/ Frame DAB6 0
127 B 40ms
40ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 May 2022 07:42:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.20/one-ad/ Frame 567E 85 KB
11 KB 50ms
49ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.20/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:51 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 138780
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86961
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Mon, 16 May 2022 17:09:51 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 70d2f564a80291e9-FRA
cf-bgj: minify

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 567E 8 KB
9 KB 96ms
86ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Wed, 18 May 2022 07:42:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471506
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtIsRvAFNQrb7rIG3bsmpyYtKq2KQNT3DWjdiEd0GaaQs-BkdKrEgmAvf9JDz2VfekZWqliVvnuTqDUOV35vl8GRw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwHSMNRSzcd3QNXIF4UJcZVzI9iKIJTG0Xl%2BVeucCMYCv9T5kS6qIX3FwKByfc%2FsLB8fgxF8FBve9KN3pRXFQuqmMbhaj%2FyEUErSnP7bxbEH5HrrT2lSUSddJHed9zcAUjToVcP%2FfGubODDP"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Thu, 19 May 2022 07:42:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 70d2f564b9fa9b4f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 567E 93 KB
94 KB 95ms
87ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=kgeS2g==, md5=b93XIEsKCkA/WEJIvaEtcg==
date: Wed, 18 May 2022 07:42:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 465726
cf-polished: origFmt=png, origSize=155400
x-guploader-uploadid: ADPycdsoimATTraF1Z885CGQY-zR1cNgdjrBatqhmb608NqUugT2rTzYscH5EMJHBsvMnhiiK7hxlqGeb813A-Kc4Pg8TQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoV9cjJ5KRUGw0jj1yjQraOYoRO3r38mmG96deAuCfnSwfdUwLsAynYUxv%2Biyu5wSUPfvIvAo1LVnhDcpAsZaHkot4%2FmNEOqgKjPiwQOLi5Jrp8i5fK2GohxxYHArC9boiSqH1JQN7SV6kGe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648136736276206
content-type: image/webp
expires: Thu, 19 May 2022 07:42:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 155400
accept-ranges: bytes
cf-ray: 70d2f564b9f99b4f-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 567E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CN2WurzG6PcCFUSx3gode2IGSw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3oneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&gdpr_co...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1652859771_1f32a980-d67e-11ec-977a-2266206bbad7

0
518 B

134ms
41ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1652859771_1f32a980-d67e-11ec-977a-2266206bbad7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 07:42:51 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Wed, 18 May 2022 07:42:51 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1652859771_1f32a980-d67e-11ec-977a-2266206bbad7
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 567E 38 KB
38 KB 54ms
46ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Wed, 18 May 2022 07:42:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 473024
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdudGi_sAxh89sUP7yueiCzC5mkYQsAkanDr0Yz5ixSykQ4mwHJtmeeQwgOnB7TMUvKivqJD_R91lePM9OrOzl9V6U7lgTlG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB3BRm%2BclhYeC4Q9JWtr5GeQu5uGqUntq0OEXCv6DtutOLHV77HYlHirt9x4vZeua%2BXWp8nD5HFuFCzu5Lo3690H3m%2B0VxafgIq%2Bo%2FfQLs2ETyUdBX64AlC0qSAcrSEq9vRnWP%2BUiJMD1ubT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Thu, 19 May 2022 07:42:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 70d2f564b9f49b4f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 567E 84 KB
84 KB 55ms
48ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Wed, 18 May 2022 07:42:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 765870
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdurVX_TQllJqq9NCW6CCnJhtUBuEYviYLcJ9o5JewjDiNHuXcYN19gc7beLhxzBmbbdTuJnZ5pv0IrAlbaM2pWlyJLPnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85737
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwxAzUhHMVKvRee7QUBFyYmBWrKfvZPzHZnQwgAF%2BBrvbi0tTlt%2Bg1Q1BbLGNOFI3%2FSCbGxlyqXFYEOzU%2BqIin2ngf0wWGbTshmtKXIWnTKO0q9glJ3oJgiaJRwVVU9r8wWcBreDSHLoDPb0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Thu, 19 May 2022 07:42:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 70d2f564b9f79b4f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 567E 16 KB
16 KB 94ms
87ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date: Wed, 18 May 2022 07:42:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 472990
cf-polished: origFmt=png, origSize=39979
x-guploader-uploadid: ADPycdtCOCXIUholshl4oXcSMilJVfZxZ2NaElDp8fjIC6g8VMySish3F-IMtiDB-fFsrid_kSV4OUr7Few6wDvR8tpBumDMOb-S
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ia84t4N%2F3qSaZjcv2%2BKNhZC1Z%2FP2uB3dE%2FcaHDh0vjKfkfMXHz%2FUDEbl33KzGK18aXAZU9pNKc6dYMgZItaTVr8Xc0A4sOHqlf4Ipux0WCKTDAGdriOlJb08HUWVFZhOTPdD2laJ8Zh43lIa"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698475785088
content-type: image/webp
expires: Thu, 19 May 2022 07:42:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 39979
accept-ranges: bytes
cf-ray: 70d2f564b9f69b4f-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 CA35DB040CB8C5ED1192C48CDBAE325A37E21AF74F6A26D75DD2C8541657D2DE12CD68F68AB3432BF7F0B71244C3A958AD3C76971F8D26B170CD75EDB1D0FC90
assets.ad4m.at/ Frame 567E 20 KB
21 KB 93ms
86ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/CA35DB040CB8C5ED1192C48CDBAE325A37E21AF74F6A26D75DD2C8541657D2DE12CD68F68AB3432BF7F0B71244C3A958AD3C76971F8D26B170CD75EDB1D0FC90
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68e40852527c1f28682b1c4a8715dcaba615264d92ec50615744a2c21e90a13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-goog-hash: crc32c=ms9cAg==, md5=CE5c7L5VWa5ws5REMc8kpA==
date: Wed, 18 May 2022 07:42:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468663
cf-polished: qual=85, origFmt=jpeg, origSize=61317
x-guploader-uploadid: ADPycdsbpiO8dj1tJ-UXNXrJVYTosh2wfNQjj6hsopqvQWKC6Xct7qCsPNjwXxaxNLS6coiafOIGvqab00e42_A5-iq8Vg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20942
last-modified: Mon, 07 Oct 2019 09:26:20 GMT
server: cloudflare
etag: "084e5cecbe5559ae70b3944431cf24a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGiyur0hZ%2Fd9bhYyPunoZIkpKnHktYccqObwou%2F3jh8JwiF4N%2Be5fEbAYhTdAmVbIOQ2PONBdWiG6pFsRHWUuD9QuXKm6RKkPg8Vt01GJJzS4i0MY%2Bw3qhGdIAx7hjU4zOVDWc64ftXdGj7%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570440380010734
content-type: image/webp
expires: Thu, 19 May 2022 07:42:51 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 61317
accept-ranges: bytes
cf-ray: 70d2f564b9fb9b4f-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

ztpv.php
www.conrad.de/ Frame 567E
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&gdpr_cons...
https://www.zenaps.com/cshow.php?pvr=1f169600-d67e-11ec-977a-2266206bbad7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJr...
https://www.conrad.de/ztpv.php?awc=11354_412871_1652859771_1f169600-d67e-11ec-977a-2266206bbad7&insert=AW&&gdpr=0&gdpr_consent=

0
696 B

186ms
96ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1652859771_1f169600-d67e-11ec-977a-2266206bbad7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:52 GMT
via: 1.1 varnish (Varnish/6.6)
cf-cache-status: DYNAMIC
server: cloudflare
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type: text/html; charset=UTF-8
content-encoding: br
cache-control: no-cache
x-varnish: 230669803
cf-ray: 70d2f56758bd5b86-FRA
expires: -1

Redirect headers

Date: Wed, 18 May 2022 07:42:51 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1652859771_1f169600-d67e-11ec-977a-2266206bbad7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 567E 1 KB
2 KB 378ms
192ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hvrn78tj76hfbhm4j1m2c0xdt2db0b12egkzwvy7a9rb46tgj9rswcwwwbqzb75hvtzqxr7sj2htprhfsfndg02vqab0xm8rnq7avwxhw18k0w5vkntw2jzqppnyqymnnbehac6d9fdw91ff7m4f7exkwn75psdyx81vb6wfrr7emq7nr0avnjz17htp5921q3q2c47q87ma2b98tgd6165sgq7bfw771fpts6kt209pv2jg3x0835bmyy2pzjczmyfy3c2wm8gqj4p5hnmhpx8y42m3zbaznh8c8e5sv51jrv3k88re%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%252526client%25253Dca-pub-1167449022555508%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 9dcd51e407e48dde7fe6bc9be3790bf5599ee59d3cd14282b0b675e06cbf9b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 07:42:51 GMT
Last-Modified: Wed, 18 May 2022 07:42:51 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1484
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
80ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=3788120061096202&bg=!QUKlQgbNAAZL3OSAa9w7ACkAdvg8WlSZ-i1GfS12Huolv2AwSGvI0GnB2Q43OtdS8ntW9AUAMsy76AIAAABoUgAAAAFoAQeZApul-jdEKsKCZ8NpM3ZDfBfnS9vIP29XTW6iDoTpjDYANGIcrKQPTfz21gPcbfIprTMh2vIenuVnUYWBB8bbfaLqt1vnIKBtu-k7j278n3_Jq010RbqdHw8zUMkZcqZIDxy7PU5CsSQdQQbsJ-3Th59uCCQAGzBb-kglv_xUzK86BfZLrYtidcb_W3YZkDcDzSKpoSs-7b1pWulcRj_Cxtk9kcLqi0A6AMoW-k95jjGZBqjaRCmi86eSo943HprpibJl-Fx_SqZvuLjdF0MgStNFVvHs0ObFUBhPUqC4qBtjT07X6gMcJEgbzYPX9WwJB64vbL_OSXJhiJgnANaXnptFwXVVvzgKBWV5ZaHkgoA9iN5a5cu4VeDPIfbVFZZ6e3Mas3raecjM1OL9Jro9jPj1sGzoUEthZQWfZbTCP-FGbUY14z6sqtNKjGNqy4JDFRFB57TPzDLKKoMmgkRMS-r1iVJHVMuOw2PmpqK8N05dDSTgFv8d2KFaNQ__xXCl52_RY-HyA0V2YP9_gLRDJKWq_WLYcmD2iV9Ez5qNet81-jgLo78R0UHaUWUVCZdKyTqGweecjopHXv9IAWFEPISwG9SK1NZe3kHPmn7ahYr8Qc_YMURboNXMgkbNyWbUsVVrzkAMIaN1YJUcQBztqp9v8K9Uy7ASUZnFnx0vBwII55KD8RGSYvzPWWV8i72To7LtGucPP1GIxQxoNUbF1KtLxh6yOfBDDUrDQZK8iPhJCDIOSVPSjzZA9vWGFzsBUMGIFRqfD-2K-H88V1UWVPm5MS0Hc85bPllhTv4A8I9Fdzl9gN9-g1mj6INxG4GBZSh3nh1IAwPUCUToAaS-Jw2YByCBnzVrU3Ge9IU3by6wdOE6JH17lJhMqHln
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webdigitalonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 567E 51 KB
51 KB 142ms
43ms Script
application/javascript 143.204.215.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hvrn78tj76hfbhm4j1m2c0xdt2db0b12egkzwvy7a9rb46tgj9rswcwwwbqzb75hvtzqxr7sj2htprhfsfndg02vqab0xm8rnq7avwxhw18k0w5vkntw2jzqppnyqymnnbehac6d9fdw91ff7m4f7exkwn75psdyx81vb6wfrr7emq7nr0avnjz17htp5921q3q2c47q87ma2b98tgd6165sgq7bfw771fpts6kt209pv2jg3x0835bmyy2pzjczmyfy3c2wm8gqj4p5hnmhpx8y42m3zbaznh8c8e5sv51jrv3k88re%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%252526client%25253Dca-pub-1167449022555508%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__asuid4BEk-vkfhOZK288soGfnHIa7YeJrUmnLasuid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-33.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 9549
etag: "101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 18 May 2022 05:03:44 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 52083
x-amz-cf-id: 00E-tctXjtXm43r6OC-lYPeJtA1PrtDhTrn4wQw7_Q-qTRDaEkLneg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 567E 85 KB
85 KB 192ms
69ms Image
image/png 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid5kZuXfEfKWkapH7HMt3tE3QaYSktVj2f1oneid__asuid7WZfZcGM7WF8OaxmRIZafmNcpUtOUCY7asuid__webplexmedia_advancedad_Desktop_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C24673%2C14019&b=Mxefzfrf1zRuWHEHGtDt2jpCBS4Tb6ku3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=62Zcef3f6wmheHmHYtEC5kmtYS1T2qJs7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=300&d=250&e=4BEk-vkfhOZK288soGfnHIa7YeJrUmnL&g=5bb0ce067601311087aa9e9f59a3294a%2F4868882851274342257&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1652859771507&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kk3gdbq38m3cxpbje1ve1re6a9z74fdacf2jk9fg7202gkm6bzmedr4qceamc043r2z9dbjhg9ngtp1w9w62cetn44hgtc8dkcrcer66br5733j9faa1sx5cjbqwd3a4tsgkxaw0vqnr266xxcvtasvmn3rt2zza6d0b5tkmwmtrz5574y06hb6dq525xqmctgbftf0rdkx26ek2cs101bmpf7mnpjnsg49y4pvfpyvn5zb659tmx9emq47carzaqx3ayfth5j2r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkZpUeaOEYqiVLKvFzLUP-ramgAiQ4YGEXLaoworwAsCNtwEQASAAYJXiooKwB4IBF2NhLXB1Yi0xMTY3NDQ5MDIyNTU1NTA4oAHCrujdA8gBCakCq41UGB2ssT6oAwGqBLUCT9C-ARtlZ4qK7AN-zUF9TgB3OSdGptDFponhJW-Nq4mMSEdrC9CmCp5yMfsOujShbSff_XpDp5xg9dYmhmFHxReQyC4T15V2S2ucxvxQoGBMt9u7NGXtUcjF45PVUVeuTbtTcTODnuAlbxMT-pr64di79F_NBwwuiBlOP5wUhQbElxS_MeGhGluTUUT39cwg6g1qWpqOBRRhoIVYQssBY4er3IA9y1F6nWNBX5KCL4wXY2mrxZgzr4GKoErKDDJWbKb9tDTPJfCq5HfOtbXU2IKWO2re0de-q9mZAQm7mTFItGa3nydLFi6Vf3gfeGKciRsLCq5ePH8D0_tFguuYHfY1z4_Xw8KiYcgM1ZvRsxZLD5UqAgxBrjBOAT6EQIUy9iIK-OXWJT7bgB8edXW_NupMMXA5gAbxur7BzIOftfwBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LAgiENRR4CaCtZtI0jxFJWOkuFQ%2526client%253Dca-pub-1167449022555508%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 May 2022 07:42:52 GMT
Last-Modified: Wed, 18 May 2022 07:42:52 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 567E 16 B
232 B 110ms
110ms Fetch
application/json 54.76.212.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-212-160.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 18 May 2022 07:42:53 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 202ms
59ms Preflight 54.76.212.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 18 May 2022 07:42:53 GMT
server: nginx

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DAB6 1 KB
2 KB 49ms
49ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8ab72c25d71e12f99d7b3588afdbf14c8766294a33871a3484698cfe05605b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 07:42:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2203765
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1480
expires: Sun, 12 Jun 2022 19:52:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKd6whE-nJg6bwGEnA-MR3Y&google_cver=1&google_push=AYg5qPIvbaSC61At24-sYzNNCiu93tpvSVeHiDgyshA42jE3uTU1apXuCMnHTXrn2lxWNwB3JgE3lHP0l0hlSvSdn4N0eY08Y7A

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBmoS2ZaLTyxCu36OpJwNfo&google_cver=1&google_push=AYg5qPKN9IxBQ4ejVPMmBhjqcs0j7AEWLn3furUJAb8oMsatwJfzAmZe3a9oB_v_DBKwuYVqbTegeawZWf1yYOlTfT45IpEFOh9n

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
webdigitalonline.com/	1970-01-20 03:07:46	Name: csrf_cookie_name Value: e9c1e73eb875c933f7332b7645fa16c5
webdigitalonline.com/	1970-01-20 03:07:46	Name: ci_session Value: 7101a8b491d65173ae185a1977ed574c4a3dc2e2
.webdigitalonline.com/	1970-01-20 20:38:51	Name: _ga Value: GA1.2.855922387.1652859769
.webdigitalonline.com/	1970-01-20 03:09:06	Name: _gid Value: GA1.2.1047944318.1652859769
.webdigitalonline.com/	1970-01-20 03:07:39	Name: _gat_gtag_UA_134444068_2 Value: 1
.webdigitalonline.com/	1970-01-20 12:29:15	Name: __gads Value: ID=8e78b3b640908b42-22cc796097cd0039:T=1652859769:RT=1652859769:S=ALNI_Male8IPHuSjGfejBKc1RFNdamjEQw
.doubleclick.net/	1970-01-20 12:29:15	Name: IDE Value: AHWqTUkDU6Iyej6FnofIGxnKmDKzRVLKOMlYyTjWcWZkqwBklTbFSrWWzJ_FM11hsv8
.casalemedia.com/	1970-01-20 11:53:15	Name: CMID Value: YoSjenrFQoKN3ZD2yToU-gAA
.casalemedia.com/	1970-01-20 05:17:15	Name: CMPS Value: 3259
.casalemedia.com/	1970-01-20 05:17:15	Name: CMPRO Value: 1199
.casalemedia.com/	1970-01-20 03:09:06	Name: CMST Value: YoSjemKEo3oA
.pubmatic.com/	1970-01-20 03:09:06	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:17:15	Name: KADUSERCOOKIE Value: 413298CE-C5B5-4C84-9D52-DDD9FF841D98
.awin1.com/	1970-01-20 03:11:58	Name: awpv11354 Value: 412871\|1652859771\|1f169600-d67e-11ec-977a-2266206bbad7
.zenaps.com/	1970-01-20 03:11:58	Name: awpv11354 Value: 412871\|1652859771\|1f169600-d67e-11ec-977a-2266206bbad7
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.awin1.com/	1970-01-20 03:17:44	Name: awpv11938 Value: 412871\|1652859771\|1f32a980-d67e-11ec-977a-2266206bbad7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 03:17:51	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1652859771_1f32a980-d67e-11ec-977a-2266206bbad7%22%2C%22sp%22%3A%22awin%22%7D
www.conrad.de/	1970-01-20 03:14:51	Name: HTLP_timestamp Value: 1652859772
www.conrad.de/	1970-01-20 03:14:51	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 03:07:41	Name: __cf_bm Value: NW1Bv.oBYZXqBQyYc9qtdWJl3TC3noC5E6j7HmFCb9E-1652859772-0-AU1pqlx+EXtVPuuRqyJtUVhxnDkeeREZG8EZVoHlL1+TQhOc6d3s7Qcc1HYdOsyQATz0/Gg7D1swpfLa2gZxG84=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cat.fr.eu.criteo.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
tpc.googlesyndication.com
track.webgains.com
webdigitalonline.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.zenaps.com
cms.quantserve.com
pixel.rubiconproject.com
104.102.29.65
104.92.94.3
142.250.186.130
142.250.186.134
143.204.215.33
148.251.139.77
178.250.0.139
178.250.0.160
178.250.2.150
192.82.242.209
216.58.212.162
2600:1901:0:76b9::
2600:9000:223c:8400:1e:a43d:b640:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6810:5514
2606:4700::6812:7e05
2a00:1450:4001:801::2004
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200e
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a06:98c1:3120::a
34.98.67.61
35.186.253.211
46.236.35.87
52.214.225.206
54.76.212.160
0795bd99912afaac03734b77bdd24feb81423d3ed23855e3cab9138aaf3de86b
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
0867b27664fa8f50f069dd672051548be87a89ab675631655add3833f5c9d451
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ae9924073f6b371be4396e294e64ff21399057e1b58e8fac1406439127ef5e1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1517b32e0fda53788ce95c0376989d7c6c9a8a5696f801387960ef699074c3d7
1e58e964fcfcd0a35b434d2dfed57a44da51e4604ba5cf1faeed61084f7f35a8
2130d56ee8a92dd629239d308023351765bd5f05ff28fd3c8e0e0ff675639616
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2b30bb9b2aa878173751a163425715919f3e43bc3c5e476458e17be842e89f02
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
302ec75ee9ac9c4902c4f405d7afe87e20c528b604474ffb1e5306b3ab1b8375
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3b2a21c9099a234c3b867beea11ce2fab1f35c9ec40e29a7ba977026a181adc8
3b2f1c14e81fcb0505906b079db6d5fa055e1ef853cf219a416e38355a619c17
3cb1c4d780b68414f4afaa1b3493cc248115efef3c3e8508db79568d517b7d70
3d8965ee1f9673ae2ab083ee9c063eea7eb04aef2e756a7e46f58337bb1caef4
41308ec15a6ce75cb12fc2e98043799c02c28262f50b1254cec591997cfe948c
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53b0053087c796bee6fb74269f3ff3e6316beb7e06309cfbccb5d52a45e69d7f
53e8fbf285bc21c815548869622bd6d4274a4ae7f6a3ca999b161efb60c5ff7a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b0db9f49a0ceed3f0d071a89b448ae02a37d381f082b50be3469f89d84a22a5
5d391ead647e6a3ce9f481f550639feffc6ee3b7d69749e2083b5de86cf31e9f
5e7a71c9eb66028e6309d4111592046858e11bb2fba002a4647f5b0b513d8d93
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
6374c8b9a86726c14cd5186f1000997daca4df7bb5c7f8928684f90e336a9d63
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7c29c5a11380b9d25194ce97eeae1e4bba0b5d0b0bc86329deae20f6ea7508
6dc725104dbe8d995a15bc815cef647af60ff2e80a6bf2425b7c06fb98ecca7a
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
7128f4daba0c40c092a48e2b5ab9b3fd1fceda329d766eb9183cff1e141231d4
7479748bad5793b25b90b43aec31d698a6dc56b094c4b5d26ac884bce952931c
7711a634a919ab91876c54d4c5230750d0dcbc458ed5b4e878fe1c49c6637587
7cc7c8294a03881bae3e31871255c3166f696c99e2564ca2d798083431916a5d
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
810661aefc324ff49f6c0b913db27e94b27f309d3fba5ee4b9dab0a710e2b32b
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
891cde09c5c693b91dc8319fe618b3d39ac1bd56de2f05fb44dd6a8dce7f1d91
8992882b548461f80c8ae3ffbfb873fe5e0a376d029fcf9a411326e8ce568a28
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab72c25d71e12f99d7b3588afdbf14c8766294a33871a3484698cfe05605b97
8d76aab5bbb46ec73c1a3508eebd05e2693a0f8e6361ab603b7f867f8c4eb820
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
970fb8a2c101291445ed4d6d8f05ca87caea82c5d7ba66ff22687cf3dcd78ca4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2968c79bc2595eaa6900ab5c16ebe21f0cce6f7a8e56ef0eb64c519be91461
9bff9eb30e83197f025b292d2d652d816ddd46262b5d29554c698c94f1e25c0b
9dcd51e407e48dde7fe6bc9be3790bf5599ee59d3cd14282b0b675e06cbf9b1c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b81c6472c52ce27272c8b39e8743c3ee2954db7907efccc2e676571e4c3b68
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a331b8b0f85a7cfa9f4824f33c1e20da64da1ad02a9dc656d27eb344554636f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7e8227efd35d01dc33f80ade6cf28dafbde7e35ad8c0c203b85fc11d2232152
a7f462e43fe896aaa5a2d99fc168e2fc5c4c9eee29b5a47144a4bfbd7e9d126d
a939262dce5b5f8ace3905f30f82dfa35cd4f3ade671f44be71b0850c8258c73
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2997497d9f3c184f1802f4f849f03814732045bb5025b0251d85d11928453f3
b2b6d597b63af5c67ae52bbfc53148bc78343e05c72c3da15966f6640876a59a
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
bf68aaf4230b227d2de67f80d23e220232dd4c3049c9a004a8d6a0b1ebf6ea8d
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c31a654938abf168fca328d9663ea83999b87ff36d18b016ea8aace1a9cb2cb1
c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c772dbc2b894f9b4b8bfdf592a2b63cc8149fe7c119fc1526dcf2ba5ee3297a6
c8506e58e532a6c51a4c7dc329abe601ffad5c4709e3798e4b845d55bc7bbf0d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb79983098cae86fa7cf2efc46d131d36bc52697ee1faeaaf2dc95bdf2e64610
cc5652b24306d956492c34a6541994ec1a461fa42e0c34fa3f3c9873c65a6a59
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d6fda7c6f2eb90e2e02b1d6e1fef20e1ee7097d1463cab678f4360071f5f3eae
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dd7d1eb9228b0dd6d77240648d5121705afb452b4b866bfcb291b11f15f70285
dd994ccb50440d9ee42008b67bda89e558a78b13c8be9a8953b15c5cd4402953
dea4721b0a1bb5e0fef365f5dde0722edae01bf0e830bfe8ed0964348d2d47a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e68e40852527c1f28682b1c4a8715dcaba615264d92ec50615744a2c21e90a13
e745230fd0a6db5790226e805856dad1f40ce2acb6a45f2eec20888c86719c88
e8e3ba0fd2e6f4f121bf0fc9e3e1fc8bfc8495f164fdeffaa1a2f48907be2ef2
ed7e36bbfdc81471c0197939b78fee25d2237d860623cb1d5f146ff1e6b984d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5eb22ff34b879e0d30c190b6eaae59d193f6fd3c63b41943ee990b886ebab21
fd179789b1e9683320a46c5be15f1ac213c6fdb361b614e47cad6d94095cdf96

webdigitalonline.com Open in urlscan Pro 2a06:98c1:3120::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

165 Requests

96 %HTTPS

59 %IPv6

30 Domains

43 Subdomains

35 IPs

6 Countries

1749 kBTransfer

4056 kBSize

22 Cookies

19 Outgoing links

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

webdigitalonline.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

96 %
HTTPS

59 %
IPv6

30
Domains

43
Subdomains

35
IPs

6
Countries

1749 kB
Transfer

4056 kB
Size

22
Cookies

165 HTTP transactions
4 data transactions