employeesportal.info Open in urlscan Pro
64.31.40.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fmcrmfrtrackeu.fmsendfreecrm.eu/v1/clk/Ra2zOJINSf-sDYF8I8JWXw,KHogSk05Qum_TdAuv_ca_g,0,aHR0cHM6Ly9lbXBsb3llZXNwb3J0YWwuaW5mby8uY...
Effective URL:
https://employeesportal.info/.apps/
Submission: On July 25 via manual (July 25th 2023, 7:44:58 am UTC) from CZ — Scanned from DE

Summary HTTP 86 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 14 domains to perform 86 HTTP transactions. The main IP is 64.31.40.18, located in United States and belongs to LIMESTONENETWORKS, US. The main domain is employeesportal.info.
TLS certificate: Issued by R3 on July 2nd 2023. Valid for: 3 months.

This is the only time employeesportal.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.194.54.41 18.194.54.41	16509 (AMAZON-02) (AMAZON-02)
14	64.31.40.18 64.31.40.18	46475 (LIMESTONE...) (LIMESTONENETWORKS)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
86	23

1 18.194.54.41 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-54-41.eu-central-1.compute.amazonaws.com

fmcrmfrtrackeu.fmsendfreecrm.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 64.31.40.18 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: s25.hosterpk.com

employeesportal.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

feedburner.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	criteo.net static.criteo.net — Cisco Umbrella Rank: 605 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8921 csm.eu.criteo.net — Cisco Umbrella Rank: 8648	357 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	274 KB
14	employeesportal.info employeesportal.info	90 KB
10	google.com cse.google.com — Cisco Umbrella Rank: 3674 feedburner.google.com — Cisco Umbrella Rank: 139554 www.google.com — Cisco Umbrella Rank: 3 clients1.google.com — Cisco Umbrella Rank: 666	175 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 120	29 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 1815	21 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8549 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9655 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16032	59 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	197 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 261	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1178	612 B
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	1 KB
1	fmsendfreecrm.eu 1 redirects fmcrmfrtrackeu.fmsendfreecrm.eu	205 B
86	14

	Domain	Requested by
15	imageproxy.eu.criteo.net	ads.eu.criteo.com
14	employeesportal.info	employeesportal.info
9	static.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	employeesportal.info pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	www.google.com	cse.google.com www.google.com employeesportal.info tpc.googlesyndication.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	region1.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	employeesportal.info www.googletagmanager.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cse.google.com	employeesportal.info www.google.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com	employeesportal.info
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	feedburner.google.com	employeesportal.info
1	fonts.googleapis.com	employeesportal.info
1	fmcrmfrtrackeu.fmsendfreecrm.eu	1 redirects
86	24

This site contains links to these domains. Also see Links.

Domain
feeds.feedburner.com

Subject Issuer	Validity	Valid
www.employeesportal.info R3	`2023-07-02` - `2023-09-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://employeesportal.info/.apps/
Frame ID: 1828A314301F2C271BF2594EDBB4DE5E
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: 6EA95FD670C45ECBF72718EFF1E2E399
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4498645750793167&output=html&adk=1812271804&adf=3025194257&lmt=1690271093&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Femployeesportal.info%2F.apps%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690271093090&bpp=3&bdt=760&idt=363&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1889531420073&frm=20&pv=2&ga_vid=1673861789.1690271093&ga_sid=1690271093&ga_hid=1929287391&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076299%2C42531706%2C44788441%2C44792013%2C44796826%2C44797784&oid=2&pvsid=3166009074268818&tmod=1626067776&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=380
Frame ID: 955CD79AFC1971965C73972A006C8731
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4498645750793167&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.736490994~rp.1&daaos=1690192876520&epr=2&w=1200&fwrn=4&fwrnh=100&lmt=1690271094&rafmt=1&to=qs&pwprc=7255017128&format=1200x280&url=https%3A%2F%2Femployeesportal.info%2F.apps%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690271093991&bpp=3&bdt=1661&idt=3&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D879cc9bf9d923b64-22d7c36dece2004e%3AT%3D1690271093%3ART%3D1690271093%3AS%3DALNI_MYx51kYAXqzQZ97b-awK-6eoUKDZg&gpic=UID%3D00000d12c6b80fc2%3AT%3D1690271093%3ART%3D1690271093%3AS%3DALNI_MYdVmcZzFXSR_ND6UtveLyyWXrBSQ&prev_fmts=0x0&nras=2&correlator=1889531420073&frm=20&pv=1&ga_vid=1673861789.1690271093&ga_sid=1690271093&ga_hid=1929287391&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076299%2C42531706%2C44788441%2C44792013%2C44796826%2C44797784&oid=2&pvsid=3166009074268818&tmod=1626067776&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sLII8n189e&p=https%3A//employeesportal.info&dtd=11
Frame ID: 2CB2D7C844EDD1991F640218CBAFE1C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: C57542CBD1D2609ECBD74F57B8464474
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZL99dQAH8-sK7biNAAtc0Z6UxpbqfUSTvTGHNA&u=%7CJE%2Fgmh8AYyywIUxv3KpnMO%2BkljM5Jjmy%2F%2BTwT%2FoEdpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qRSnQQR5jqh_O5lv7N6XOcZffB5SQmru9X4Ee76NK_vjUm6YoyV4d_2KQgSLblLN3O9IXjfYCEsJbmzd1eUOAIp7Z5L1FYuG3NZPO3sLaPibfVLWl5DmefUtvDDCRei0hZWDxQAA8gsYAY8eW4TFR_VgFylbRY5MiFBF-nzu2OYGLCd43JtTdcd8bbDf6_fpPuqcO0dI8ySeF8JxUun7SpUU5be7TOv4CtiSbJOIc1O875AsjfBJEak3IJSL0vWLFke9E2I1irsE36dhppbfniX9DJkBveMKNr79r1nZRxli0RMmbKQcZFcy5diRFjq60vI4fNLm3SWHX-q6IFb8DAL8rv4jwxl_AeAn4aOjp6sdonOPTqB_jfvKVqVsFh6_LqqLi8AJo9ak2lVyKnU5GXOOnPiHHIqYkVyyeK9ctRLtaOqdF6PVSnOegKRI5CtMaAsJWK5dom43Q2suiRIncovYluSwu9ZW9a-XOfJ3xV1CcMeT7ckAylqqAm5wk8WrK87Za_lC-wXSZqIyz72dNgH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu5lydX2_ZOvnH43xtgfRua3wDsme0rFclcmU93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDQ5ODY0NTc1MDc5MzE2N8gBCakCmEq0bveWsj6oAwHIAwKqBNsBT9CX_viDZFqxR-xFedkVP2YG6zgu4wgar-Kz9kfISoeWBxh2bhYcYdnmKKAfRaDKpE1eCU823zULV67Zo4UVj-Nw4bbjd52omtQhOzuiBHF78utxS2PTwlYe7g3kF1nMofayGbCNomGYCoad64wbvRimR1lzF9-ypi73jKs_G04tgmMLyRyOOCLX3DqhAm0eQcHkmY0iaistpBs5QW8xh410IFfvRlb8ru3Dm3lqOIbHiwmFtsv82fsVxsIdyIEZGk1J-irWWc5dJ5b2d7XpN59Q0SX9iKLnMmJOgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3x1k8c6z8YEKPSbNiMExlmaGd86w%26client%3Dca-pub-4498645750793167%26adurl%3D
Frame ID: 6CE39B01F904ABDB561E73D6ACCD5420
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 98373DD39BEAD4CECC213986FBF5BBC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A2034453D31F3806CBC41DD49472DB3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - EmployeesPortalsuchen

Page URL History Show full URLs

http://fmcrmfrtrackeu.fmsendfreecrm.eu/v1/clk/Ra2zOJINSf-sDYF8I8JWXw,KHogSk05Qum_TdAuv_ca_g,0,aHR0cHM6Ly9lbXBsb3llZ... HTTP 302
https://employeesportal.info/.apps/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

86
Requests

100 %
HTTPS

87 %
IPv6

14
Domains

24
Subdomains

23
IPs

4
Countries

1313 kB
Transfer

3099 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://feeds.feedburner.com/EmployeesPortalLargestInformationNetwork

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fmcrmfrtrackeu.fmsendfreecrm.eu/v1/clk/Ra2zOJINSf-sDYF8I8JWXw,KHogSk05Qum_TdAuv_ca_g,0,aHR0cHM6Ly9lbXBsb3llZXNwb3J0YWwuaW5mby8uYXBwcy8,1,N18xXzIwODYwNTQ3Mjk0OTgwNTU2Mg,dXYx,U0lHMQ,MTAwMQ,MIbf50C0IIiIcKw0Ynl0DF2dJZgyUpIhhnRuq2ihYRw HTTP 302
https://employeesportal.info/.apps/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
employeesportal.info/.apps/
Redirect Chain

http://fmcrmfrtrackeu.fmsendfreecrm.eu/v1/clk/Ra2zOJINSf-sDYF8I8JWXw,KHogSk05Qum_TdAuv_ca_g,0,aHR0cHM6Ly9lbXBsb3llZXNwb3J0YWwuaW5mby8uYXBwcy8,1,N18xXzIwODYwNTQ3Mjk0OTgwNTU2Mg,dXYx,U0lHMQ,MTAwMQ,MIb...
https://employeesportal.info/.apps/

31 KB
9 KB

1387ms
943ms

Document
text/html

64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 2b3d4a9c02989a1c9241de87f9d6ac11d44f90e1370fb13ad4488c544bcb985b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 07:44:52 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://employeesportal.info/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Connection: keep-alive
Content-Length: 114
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Jul 2023 07:44:50 GMT
Location: https://employeesportal.info/.apps/
Vary: Accept

GET
H2 200 style.min.css
employeesportal.info/wp-includes/css/dist/block-library/ 95 KB
12 KB 138ms
136ms Stylesheet
text/css 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 00:10:02 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 11775
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 classic-themes.min.css
employeesportal.info/wp-includes/css/ 291 B
197 B 294ms
293ms Stylesheet
text/css 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 00:10:02 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 164
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 screen.min.css
employeesportal.info/wp-content/plugins/table-of-contents-plus/ 1 KB
434 B 295ms
294ms Stylesheet
text/css 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2302
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Thu, 09 Feb 2023 11:04:50 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 378
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 183ms
66ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%3A400%2C400italic%2C700%2C700italic%7CCopse&ver=6.2.2

Requested by

Host: employeesportal.info
URL: https://employeesportal.info/.apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b15282ee7c5d0da89e8c0f7cd7bd8a855a7df6787b7df09530987520e85f4911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 07:44:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 07:44:52 GMT

GET
H2 200 style.css
employeesportal.info/wp-content/themes/magazine-premium/ 65 KB
13 KB 295ms
294ms Stylesheet
text/css 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-content/themes/magazine-premium/style.css?ver=6.2.2
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: 9acc5416c4c2085d831cadfad2ab96a44ed91f14ed057b543ec2ff89041ee0a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Mon, 16 Sep 2019 12:21:39 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 13508
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 font-awesome.css
employeesportal.info/wp-content/themes/magazine-premium/library/css/ 28 KB
5 KB 296ms
295ms Stylesheet
text/css 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-content/themes/magazine-premium/library/css/font-awesome.css?ver=4.3.0
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Mon, 16 Sep 2019 12:21:37 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 5400
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 jquery.min.js Show response
employeesportal.info/wp-includes/js/jquery/ 88 KB
30 KB 296ms
295ms Script
application/javascript 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 00:10:09 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 30376
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 jquery-migrate.min.js Show response
employeesportal.info/wp-includes/js/jquery/ 13 KB
5 KB 297ms
296ms Script
application/javascript 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 00:10:09 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 4603
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 210ms
88ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-144297853-1

Requested by

Host: employeesportal.info
URL: https://employeesportal.info/.apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

178f8624fb0632d3aa3bb0e58c21ebf453280980ee043b019e8204c98136431c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49281
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 07:44:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 226ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4498645750793167

Requested by

Host: employeesportal.info
URL: https://employeesportal.info/.apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a643052fa74ed7d8fff1c2b33a2d6c97f0dc9a53a9771adebefd889d483f998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeesportal.info/
Origin: https://employeesportal.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51066
x-xss-protection: 0
server: cafe
etag: 3445110921234409524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 07:44:52 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 238ms
86ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=99cce78416d75082b

Requested by

Host: employeesportal.info
URL: https://employeesportal.info/.apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

aa5e8d17a23a960dd4eb5fad38e74684683fa1d6a5064a6fe88d0f46650f9689

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-hPvsMF4G5ZvnDx9-o40-Xw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-hPvsMF4G5ZvnDx9-o40-Xw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Tue, 25 Jul 2023 07:44:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2391
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Tue, 25 Jul 2023 07:44:52 GMT

GET
H2 200 employeesportal-info-1.webp
employeesportal.info/wp-content/uploads/2023/01/ 2 KB
2 KB 138ms
137ms Image
image/webp 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeesportal.info/wp-content/uploads/2023/01/employeesportal-info-1.webp
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: 04cfbc16aca4ed494d415ba2685c448e8b73a84ad1e3663c7ad163123930556e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
last-modified: Mon, 02 Jan 2023 13:14:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1836
expires: Wed, 24 Jul 2024 07:44:52 GMT

GET
H2 200 404.png
employeesportal.info/wp-content/themes/magazine-premium/library/images/ 4 KB
4 KB 138ms
137ms Image
image/png 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeesportal.info/wp-content/themes/magazine-premium/library/images/404.png
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: 2df57c74718d9b607118a4d571c90dd48d91e7d42ecd3299413cf5f24f15ea59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
last-modified: Mon, 16 Sep 2019 12:21:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 3630
expires: Wed, 24 Jul 2024 07:44:52 GMT

GET
H2 200 feed-icon32x32.png
feedburner.google.com/fb/images/pub/ 1 KB
2 KB 206ms
67ms Image
image/png 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://feedburner.google.com/fb/images/pub/feed-icon32x32.png

Requested by

Host: employeesportal.info
URL: https://employeesportal.info/.apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/pichu-static
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1441
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="pichu-static"
report-to: {"group":"pichu-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/pichu-static"}]}
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
expires: Tue, 25 Jul 2023 07:44:52 GMT

GET
H2 200 front.min.js Show response
employeesportal.info/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 136ms
136ms Script
application/javascript 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2302
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Thu, 09 Feb 2023 11:04:50 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 2198
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 bootstrap.min.js Show response
employeesportal.info/wp-content/themes/magazine-premium/library/js/ 8 KB
3 KB 136ms
136ms Script
application/javascript 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-content/themes/magazine-premium/library/js/bootstrap.min.js?ver=2.2.2
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: f0208d105f5904ec61e4aae58da757c106bc05c0f93d36efdc2b7c48cfbbe1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Mon, 16 Sep 2019 12:21:37 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 2575
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 theme.js Show response
employeesportal.info/wp-content/themes/magazine-premium/library/js/ 2 KB
861 B 137ms
136ms Script
application/javascript 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://employeesportal.info/wp-content/themes/magazine-premium/library/js/theme.js?ver=6.2.2
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: d809f67b885654970b94fbb8dad59d584b92c9e1eafe5e2f3c135bd008dbd61f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
content-encoding: br
last-modified: Mon, 16 Sep 2019 12:21:37 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7776000,public
accept-ranges: bytes
content-length: 828
expires: Mon, 23 Oct 2023 07:44:52 GMT

GET
H2 200 Backgroun-Employeesportal.jpg
employeesportal.info/wp-content/uploads/2020/04/ 5 KB
5 KB 136ms
136ms Image
image/jpeg 64.31.40.18
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://employeesportal.info/wp-content/uploads/2020/04/Backgroun-Employeesportal.jpg
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.31.40.18 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: s25.hosterpk.com
Software: LiteSpeed /
Resource Hash: 3a96dc3813f87c972b8c2f99e48dff34d900ac84de947ebf274c4b5617c0b28b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/.apps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:52 GMT
last-modified: Fri, 24 Apr 2020 08:30:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 4791
expires: Wed, 24 Jul 2024 07:44:52 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 180ms
58ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%3A400%2C400italic%2C700%2C700italic%7CCopse&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://employeesportal.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 266364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 05:45:28 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/827890a761694e44/ 308 KB
103 KB 189ms
66ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/827890a761694e44/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=99cce78416d75082b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64c2d3836446d44b0a544580f03249825afbc4a0f307d80b811a2538442be91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 21:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104914
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 16:35:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 19 Jul 2024 21:29:03 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/827890a761694e44/ 41 KB
9 KB 181ms
59ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/827890a761694e44/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=99cce78416d75082b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 19:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 16:35:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 19 Jul 2024 19:29:32 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 180ms
58ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=99cce78416d75082b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 25 Jul 2023 08:05:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 89ms
88ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z522VRRJC1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144297853-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d9099dc99e7463b6cb49bea0afed3da5af72b655a3317b865b7d537f3050c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81125
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 07:44:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 93ms
30ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144297853-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 06:50:46 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3247
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 25 Jul 2023 08:50:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
69 KB 107ms
107ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CLKW62JDG0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144297853-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa7ee3b51d5cee4aac56a3ea9c4e35fbe0135c7c46a76dba06da3af914cc5598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70781
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 07:44:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 363 KB
124 KB 235ms
125ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4498645750793167&plah=employeesportal.info&bust=31076299

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4498645750793167

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

116cca2e9316478e58d451cfdec38661ae923f869dd9dba0c2292c6c403f1c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127311
x-xss-protection: 0
server: cafe
etag: 17459248638212089226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 07:44:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame 6EA9 10 KB
5 KB 180ms
57ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4498645750793167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeesportal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 23:46:54 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 23:46:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 36ms
34ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1929287391&t=pageview&_s=1&dl=https%3A%2F%2Femployeesportal.info%2F.apps%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20EmployeesPortal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=155688214&gjid=1279252078&cid=1673861789.1690271093&tid=UA-144297853-1&_gid=2128415240.1690271093&_r=1&gtm=457e37o0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=856276408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeesportal.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 07:44:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employeesportal.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 105ms
35ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144297853-1&cid=1673861789.1690271093&jid=155688214&gjid=1279252078&_gid=2128415240.1690271093&_u=YGBACUAABAAAACAAI~&z=1428871200

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://employeesportal.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Jul 2023 07:44:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employeesportal.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 98ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z522VRRJC1&gtm=45je37o0&_p=1929287391&cid=1673861789.1690271093&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1690271093&sct=1&seg=0&dl=https%3A%2F%2Femployeesportal.info%2F.apps%2F&dt=Page%20not%20found%20-%20EmployeesPortal&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z522VRRJC1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 07:44:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employeesportal.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 71ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CLKW62JDG0&gtm=45je37o0&_p=1929287391&gdid=dZTNiMT&cid=1673861789.1690271093&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690271093&sct=1&seg=0&dl=https%3A%2F%2Femployeesportal.info%2F.apps%2F&dt=Page%20not%20found%20-%20EmployeesPortal&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CLKW62JDG0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 07:44:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employeesportal.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 144 KB
53 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/827890a761694e44/cse_element__de.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61113433b0dcf2cdeb032579c7e7b9ce46cd9fb8d773ae71fa3569593bb3821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "9568552520292168301"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Tue, 25 Jul 2023 07:44:53 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 58ms
57ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/827890a761694e44/default+de.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/827890a761694e44/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 15:23:39 GMT
x-content-type-options: nosniff
age: 231674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 21 Jul 2024 15:23:39 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 57ms
57ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Requested by

Host: employeesportal.info
URL: https://employeesportal.info/.apps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:19:56 GMT
x-content-type-options: nosniff
age: 393897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1512
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 19 Jul 2024 18:19:56 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
41 B 131ms
110ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: employeesportal.info
URL: https://employeesportal.info/.apps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
612 B 195ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=employeesportal.info&callback=_gfp_s_&client=ca-pub-4498645750793167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4498645750793167&plah=employeesportal.info&bust=31076299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8d3c8befb5d970376d5bfea7acffe07057609eb6e8c663572530233b8452ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 955C 62 KB
19 KB 476ms
476ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4498645750793167&output=html&adk=1812271804&adf=3025194257&lmt=1690271093&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Femployeesportal.info%2F.apps%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690271093090&bpp=3&bdt=760&idt=363&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1889531420073&frm=20&pv=2&ga_vid=1673861789.1690271093&ga_sid=1690271093&ga_hid=1929287391&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076299%2C42531706%2C44788441%2C44792013%2C44796826%2C44797784&oid=2&pvsid=3166009074268818&tmod=1626067776&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=380

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60fdee1e8da3ae599a85a52d975f9ef8ed355943de1d6078ad4bc732dc830865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeesportal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19530
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 07:44:53 GMT
expires: Tue, 25 Jul 2023 07:44:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 154 KB
52 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/reactive_library_fy2021.js?bust=31076299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff5471d0afd8bde2e686c7f7851f1a5415d136c9c3f2adc34a5e80811c00104c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53527
x-xss-protection: 0
server: cafe
etag: 10803049052026918328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 07:44:54 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CB2 436 B
238 B 529ms
528ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4498645750793167&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.736490994~rp.1&daaos=1690192876520&epr=2&w=1200&fwrn=4&fwrnh=100&lmt=1690271094&rafmt=1&to=qs&pwprc=7255017128&format=1200x280&url=https%3A%2F%2Femployeesportal.info%2F.apps%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690271093991&bpp=3&bdt=1661&idt=3&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D879cc9bf9d923b64-22d7c36dece2004e%3AT%3D1690271093%3ART%3D1690271093%3AS%3DALNI_MYx51kYAXqzQZ97b-awK-6eoUKDZg&gpic=UID%3D00000d12c6b80fc2%3AT%3D1690271093%3ART%3D1690271093%3AS%3DALNI_MYdVmcZzFXSR_ND6UtveLyyWXrBSQ&prev_fmts=0x0&nras=2&correlator=1889531420073&frm=20&pv=1&ga_vid=1673861789.1690271093&ga_sid=1690271093&ga_hid=1929287391&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076299%2C42531706%2C44788441%2C44792013%2C44796826%2C44797784&oid=2&pvsid=3166009074268818&tmod=1626067776&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sLII8n189e&p=https%3A//employeesportal.info&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e061e1631e80e5467587c66c5b7d8bbcd9aa0adb68e8b32fe9295c3aab47288b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeesportal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 07:44:54 GMT
expires: Tue, 25 Jul 2023 07:44:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759875%2C44759926%2C44759842%2C31076299%2C42531706%2C44788441%2C44792013%2C44796826%2C44797784&hl=en&pvc=3166009074268818

Requested by

Host: employeesportal.info
URL: https://employeesportal.info/.apps/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 07:44:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame C575 10 KB
4 KB 58ms
57ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeesportal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 07:00:56 GMT
etag: 12368291122986407432
expires: Tue, 08 Aug 2023 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6CE3 190 KB
58 KB 164ms
102ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZL99dQAH8-sK7biNAAtc0Z6UxpbqfUSTvTGHNA&u=%7CJE%2Fgmh8AYyywIUxv3KpnMO%2BkljM5Jjmy%2F%2BTwT%2FoEdpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qRSnQQR5jqh_O5lv7N6XOcZffB5SQmru9X4Ee76NK_vjUm6YoyV4d_2KQgSLblLN3O9IXjfYCEsJbmzd1eUOAIp7Z5L1FYuG3NZPO3sLaPibfVLWl5DmefUtvDDCRei0hZWDxQAA8gsYAY8eW4TFR_VgFylbRY5MiFBF-nzu2OYGLCd43JtTdcd8bbDf6_fpPuqcO0dI8ySeF8JxUun7SpUU5be7TOv4CtiSbJOIc1O875AsjfBJEak3IJSL0vWLFke9E2I1irsE36dhppbfniX9DJkBveMKNr79r1nZRxli0RMmbKQcZFcy5diRFjq60vI4fNLm3SWHX-q6IFb8DAL8rv4jwxl_AeAn4aOjp6sdonOPTqB_jfvKVqVsFh6_LqqLi8AJo9ak2lVyKnU5GXOOnPiHHIqYkVyyeK9ctRLtaOqdF6PVSnOegKRI5CtMaAsJWK5dom43Q2suiRIncovYluSwu9ZW9a-XOfJ3xV1CcMeT7ckAylqqAm5wk8WrK87Za_lC-wXSZqIyz72dNgH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu5lydX2_ZOvnH43xtgfRua3wDsme0rFclcmU93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDQ5ODY0NTc1MDc5MzE2N8gBCakCmEq0bveWsj6oAwHIAwKqBNsBT9CX_viDZFqxR-xFedkVP2YG6zgu4wgar-Kz9kfISoeWBxh2bhYcYdnmKKAfRaDKpE1eCU823zULV67Zo4UVj-Nw4bbjd52omtQhOzuiBHF78utxS2PTwlYe7g3kF1nMofayGbCNomGYCoad64wbvRimR1lzF9-ypi73jKs_G04tgmMLyRyOOCLX3DqhAm0eQcHkmY0iaistpBs5QW8xh410IFfvRlb8ru3Dm3lqOIbHiwmFtsv82fsVxsIdyIEZGk1J-irWWc5dJ5b2d7XpN59Q0SX9iKLnMmJOgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3x1k8c6z8YEKPSbNiMExlmaGd86w%26client%3Dca-pub-4498645750793167%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

230361ea8d8b457930d3c6e58aa58978bb71a537de1ea8990a174f6a5b992628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 07:44:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=j9P_Mm6e8oBwpLEqVoGFIezbAbIYGqFlI-5fvjbW7zFqHlUSOpVwVftqXdjfPMqz6NsFCYP2JDxX2L2Xy2xLyeaVenakeH68AdRvk1dJbUOWrDos-V2FfEPsYCLkOg0L62-2OHr62BKmEs1guX_Yb5CI3C9qwh7owVGr79UmCIG47Ww9dxIMb-JdyeE7cJe1PfDTyrB0wwxD619ztTdRoPsYb9Kc5hioq4zByKn7jj28gKee1C_JWYGG5SspV9QCrvvPDw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 68548120
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame C575 3 KB
1 KB 186ms
64ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:05:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame C575 20 KB
9 KB 179ms
57ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 22:19:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C575 179 KB
57 KB 198ms
76ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 07:44:54 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6CE3 2 KB
1 KB 136ms
44ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZL99dQAH8-sK7biNAAtc0Z6UxpbqfUSTvTGHNA&u=%7CJE%2Fgmh8AYyywIUxv3KpnMO%2BkljM5Jjmy%2F%2BTwT%2FoEdpE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5twBJ-vtli4qRSnQQR5jqh_O5lv7N6XOcZffB5SQmru9X4Ee76NK_vjUm6YoyV4d_2KQgSLblLN3O9IXjfYCEsJbmzd1eUOAIp7Z5L1FYuG3NZPO3sLaPibfVLWl5DmefUtvDDCRei0hZWDxQAA8gsYAY8eW4TFR_VgFylbRY5MiFBF-nzu2OYGLCd43JtTdcd8bbDf6_fpPuqcO0dI8ySeF8JxUun7SpUU5be7TOv4CtiSbJOIc1O875AsjfBJEak3IJSL0vWLFke9E2I1irsE36dhppbfniX9DJkBveMKNr79r1nZRxli0RMmbKQcZFcy5diRFjq60vI4fNLm3SWHX-q6IFb8DAL8rv4jwxl_AeAn4aOjp6sdonOPTqB_jfvKVqVsFh6_LqqLi8AJo9ak2lVyKnU5GXOOnPiHHIqYkVyyeK9ctRLtaOqdF6PVSnOegKRI5CtMaAsJWK5dom43Q2suiRIncovYluSwu9ZW9a-XOfJ3xV1CcMeT7ckAylqqAm5wk8WrK87Za_lC-wXSZqIyz72dNgH&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu5lydX2_ZOvnH43xtgfRua3wDsme0rFclcmU93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDQ5ODY0NTc1MDc5MzE2N8gBCakCmEq0bveWsj6oAwHIAwKqBNsBT9CX_viDZFqxR-xFedkVP2YG6zgu4wgar-Kz9kfISoeWBxh2bhYcYdnmKKAfRaDKpE1eCU823zULV67Zo4UVj-Nw4bbjd52omtQhOzuiBHF78utxS2PTwlYe7g3kF1nMofayGbCNomGYCoad64wbvRimR1lzF9-ypi73jKs_G04tgmMLyRyOOCLX3DqhAm0eQcHkmY0iaistpBs5QW8xh410IFfvRlb8ru3Dm3lqOIbHiwmFtsv82fsVxsIdyIEZGk1J-irWWc5dJ5b2d7XpN59Q0SX9iKLnMmJOgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3x1k8c6z8YEKPSbNiMExlmaGd86w%26client%3Dca-pub-4498645750793167%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6CE3 2 KB
1 KB 137ms
45ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6CE3 308 B
636 B 135ms
45ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6CE3 293 B
621 B 134ms
44ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6CE3 43 B
348 B 103ms
32ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zYeoCXsnO68UYrYiDu2RaQt1qcxhmjXD6QPh0B90kbszpqS5YnElvDKsy3DGeTLEoipKizUcH0fqSAe1C8bhJtbQAMLXP_YPjrM2D_Uc28B7SD3sLhuTHvp7WMSIu0-9GhUvEniMCokAD7Jdf7zlBz_OwCt1JKEIHpc60wqPvPb85uKJ9g0rE8p0BdyXODceJ7m9eadGNvtKJ63m2QuDEO7FaFonVskhYnm_yqQTaV4Iqkm9q0cc-HHVZeafAu63DeGuXAjvXAHKDQMltVrcnNDx82ru4UVGj-bzPNcpnwhG5DkSiTQmmxzN-S2BzUZL8yjGHHx22kDGIfvFWjNTYziYE80GrTcsWyCmfuSQgK_avkWcO5H6h7-WGZU81bHYq0j_6PM3gY42AhynlSMm2VqwwKKM6a5RyKVfZ0lqU1ydo44q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1773278
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 6CE3 38 KB
38 KB 176ms
88ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 6CE3 46 KB
46 KB 225ms
137ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6CE3 12 KB
5 KB 101ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 381646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBIhuiOMeVDQ3SfeQqvbEnCYekC2tBOaREhnSh4%2BXMDrVfug9FcWHocf9Ag0RA8HjehmGV6xxbX8I9C0btFSumup7obVlzhHZSS5pL%2BxpgDOPzbPDg5PndN%2BMwOmXuhfX%2BqBLhjkkVG%2B5ctnzZWxvrWz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ec2c7c52da5698b-FRA
expires: Sun, 14 Jul 2024 07:44:54 GMT

GET
DATA 200
OK truncated
/ Frame C575 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e173df1d18782b31a6c00f07ccab064172607fdf75ca804c48f9dca7b7ff86c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6CE3 12 KB
6 KB 75ms
75ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 3 KB
4 KB 163ms
45ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&s=Ackyfm9upFnGEXtt_9SCLcID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3552
expires: Sat, 08 Jun 2024 06:38:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 36 KB
36 KB 264ms
145ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4837262%2F56e404bad853466788e2ef1fcaf4edfd_img_horizontal_1.jpg&v=3&w=1200&s=bKr1N2NPz1EHoh22m0b2GRLK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8da0f927bf4a5774c05eb64aec80a34cfbe3569cbe92879b76f2f2d11b5c02dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 36448
expires: Fri, 05 Jul 2024 13:43:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 22 KB
22 KB 210ms
91ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22015202-ua8EQNm6.jpg&v=3&w=400&s=Aupm5gs2lbuGM1nN4Yw_k465&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

41a6c3a3843205edeba07f6926145d5a67a09a1892c750c264606c60d96afe7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22792
expires: Wed, 26 Jul 2023 18:34:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 18 KB
18 KB 237ms
118ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23110393-EqsnmzLB.jpg&v=3&w=400&s=G2GgEGLixOKl3MvLT61k9Z24&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6f694a686abcf63fe4fe6456a8de9842c15830766d9f06117aa9bd034bdb3fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 18698
expires: Fri, 28 Jul 2023 06:59:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 1 KB
2 KB 302ms
184ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&s=LMbwVQqqZkIT_OqRJg0FwumN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 1366
expires: Mon, 10 Jun 2024 09:08:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 38 KB
38 KB 290ms
171ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1680425340%2F23069328-MVN3JVmL.jpg&v=3&w=400&s=ilR48PYeYQ3P8KwG0UTHecll&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d7105ecdafb44d87a649f5284444b6af00b06476f15fcc6d0bca6e84c7b77475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 38792
expires: Sat, 29 Jul 2023 05:52:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 18 KB
18 KB 182ms
181ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21119134-4DOoeLEN.jpg&v=3&w=400&s=xkjcCpUQBebHoNE7gbT2-Rhh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

02a784b94641b6f0cc2153720bc8286049551752625ba2c3ccfafa6136ffa2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 18136
expires: Wed, 26 Jul 2023 15:35:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 13 KB
14 KB 176ms
175ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1683061203%2F23081549-4Alk4w4O.jpg&v=3&w=400&s=MYoJK88RWHFkkRaFqCrPy0xZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

768e2aff40935e3d020646d4fd7d2c8fc45708f3c23d680dc2b70e1127d6f436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13796
expires: Fri, 28 Jul 2023 06:53:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 8 KB
9 KB 188ms
188ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23079908-tXTn3de8.jpg&v=3&w=400&s=0R1VhdItexM4y14doIUaKasr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e58d6e80144fcd187075236af2251ea834e96f4678e7fb81974a68a15d77b5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8540
expires: Fri, 28 Jul 2023 10:45:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 16 KB
16 KB 195ms
195ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23027546-4fF9H1kH.jpg&v=3&w=400&s=ThBY2K9Kgn_WdkzMqdFtUylN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

85ae11a6f5a4a043b1482fb6336b013a76f789314d5cee2e4eb9de5bad2fcb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 16484
expires: Wed, 26 Jul 2023 05:37:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 6 KB
6 KB 189ms
188ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1677272401%2F23024998-ddNa8tbG.jpg&v=3&w=400&s=oDpBmOrSrANL4cUa-A9UgxIo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b133edd0ea88b9b6d1a96ad96a031d0669cdc1b2e186b5f9adcb2742ac522b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 6398
expires: Wed, 26 Jul 2023 13:48:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 18 KB
18 KB 218ms
217ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1683061202%2F23081536-8F3T7TsW.jpg&v=3&w=400&s=ln_g4jmIO9qtSRyxbBshsd8x&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

88c7cd764e27f4b26dc614de935ea9f88cf8331676c77957704ddb6785476dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 18152
expires: Sun, 30 Jul 2023 11:53:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 24 KB
25 KB 203ms
202ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21043581-CIC7OQ8p.jpg&v=3&w=400&s=JQmdHx5oL_L3P-PnPa1AM7pF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

22bc2a37ea233e66050cd324054c870628cb8a3fb5e930edf9189ff1a8c94824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 24954
expires: Thu, 27 Jul 2023 19:30:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 19 KB
19 KB 212ms
212ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20273630-5hG9CeqT.jpg&v=3&w=400&s=dQc6G3A43CjYcmhqRE6IZbxA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0f65a8cbd6397b459e6b4e671505cb4ebfcfdfad4a5f6923dd805baccd26fac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 19204
expires: Wed, 26 Jul 2023 17:45:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6CE3 16 KB
16 KB 201ms
201ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19092693-m1gRXBOh.jpg&v=3&w=400&s=3JrwiCzCKYcM2YAW2Z_FRhZz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d58b7fe3533855b0d12468680147f9366e6b84c99056e9f6a00977cfa4dd0fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 15902
expires: Wed, 26 Jul 2023 15:45:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6CE3 0
128 B 135ms
44ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=j9P_Mm6e8oBwpLEqVoGFIezbAbIYGqFlI-5fvjbW7zFqHlUSOpVwVftqXdjfPMqz6NsFCYP2JDxX2L2Xy2xLyeaVenakeH68AdRvk1dJbUOWrDos-V2FfEPsYCLkOg0L62-2OHr62BKmEs1guX_Yb5CI3C9qwh7owVGr79UmCIG47Ww9dxIMb-JdyeE7cJe1PfDTyrB0wwxD619ztTdRoPsYb9Kc5hioq4zByKn7jj28gKee1C_JWYGG5SspV9QCrvvPDw&sds=2&rev=87574&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 07:44:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6CE3 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6CE3 2 KB
1 KB 50ms
49ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 19 Jul 2024 07:44:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C575 0
19 B 102ms
101ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce8CxdX2_ZOvnH43xtgfRua3wDsme0rFclcmU93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDQ5ODY0NTc1MDc5MzE2N8gBCakCmEq0bveWsj6oAwHIAwKqBNgBT9CX_viDZFqxR-xFedkVP2YG6zgu4wgar-Kz9kfISoeWBxh2bhYcYdnmKKAfRaDKpE1eCU823zULV67Zo4UVj-Nw4bbjd52omtQhOzuiBHF78utxS2PTwlYe7g3kF1nMofayGbCNomGYCoad64wbvRimR1lzF9-ypi73jKs_G04tgmMLyRyOOCLX3DqhAm0eQcHkmY0iaistpBs5QW8xh410IFfvRlb8ru3Dm3lqOIbHi0uHl1l7VmcGeV4Ja1EkvLVA7iBgU-BFpSI-ShMbiIF8yaBXDLFYgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ0OTg2NDU3NTA3OTMxNjcYAA&sigh=tznmRK25lZ4&uach_m=[UACH]&cid=CAQSGwBpAlJWz9VuiomDJR8xJ1WaBKRMZGOXvJ5fDBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Jul 2023 07:44:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C575 0
126 B 142ms
45ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAAjHzbsLuXIbAQdH2_ZCQ_BTzPwcj2bmQAABIAAAoKQVFVQkR3RUJEdw&wp=ZL99dQAH8-sK7biNAAtc0Z6UxpbqfUSTvTGHNA&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 169626
server: Kestrel
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 105ms
105ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

852d572d82d40d15c4b90b15811667a9fd06da97ec3be1036ae258755509314d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11711
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 07:44:55 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9837 13 KB
5 KB 59ms
58ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://employeesportal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 07:16:37 GMT
expires: Wed, 24 Jul 2024 07:16:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2A20 783 B
535 B 68ms
68ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3887ffe7512f547603ae2b15fcfe52f3baa7786ab55617def2ea7c0b6360c491

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-82saPfEBX6FpPFnPEGOlDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://employeesportal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-82saPfEBX6FpPFnPEGOlDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 07:44:55 GMT
expires: Tue, 25 Jul 2023 07:44:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2A20 0
0 87ms
87ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=3166009074268818&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 9837 38 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 17:48:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 136561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Jul 2024 17:48:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9837 0
10 B 57ms
57ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1E0htA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 07:44:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 6CE3 0
127 B 44ms
44ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 07:44:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C575 42 B
64 B 91ms
91ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPuh6EdtiKyi1havKqdkq1zDOYXl5FRDgUA6pQGgTlgfvvLfncfq3I2eGBXHOAdnF95fiVztMB5rS3PTjO2xHDTe8&sig=Cg0ArKJSzLZ69t-LUKAYEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=245,922,1000,1000,1000&tos=245,677,78,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690271094094&rpt=543&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 07:44:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=3166009074268818&bg=!KCulK3_NAAZsPphkTD47ADkAdvg8WkM6cOwbkDAPN7YRZvBQsI07QK4eVQfFmttaOw5zcURIc0lEqHruWE14kBW-RS8C3LU2ft0CAAAASFIAAAAIaAEHmQLZkXtmM289D-1L-7FAP2kYWlTDzY36bKTiDH5PuJmJSJUmD4hy83Ed6S_EuO8RRF1YDWkmX76o9vrUUnkQYSBBYf6MhIznC4o906IAXi5Xl0EF40pledgmSJqhxxBXAI0MqMF_sgEypQhrApdc3mkh-_P5dcxZ8xL1TxtWHmpix_DPlhGavGD4KBeEaR3OoRaNEJZ1YJz4A7BCA1u6b2RzRVhJyRhlgnxvPlSotj8fCkTyHXq2aQMO4WGb2rWRP1kitUwOTfWZyQdaFy9yzID1Kj5FDLSoxbcN8q-8e74Tl8nFEKyzTx2RGhzqTiuGJpSnvcjzISS3IteNsJEDqadR0AbUksmrEv0Lw5eZUNkt1W4Wzs7vlZrGKdui6IoFND62rqemRZ6ROMQh-Ccs8GpOHFMc8hoks5Yx8hvGhP37MqwilhIsNckjNBydBC4kcN3yTD0Xjs8p-O-4kYEdBRXRakhJsO-EigSmeiWgczsVgyZK6wSs_7qsPOvMwAJjehRum3THUFTPreAzhfG0GCa7xwUc27kugeh-M1ky2ObFIlNIWznGS6qjaRYKWttGmmunKv_rsKMBODCO4uGbg1Jv25mJZDYuufJF225wjkMKmYBs3NxLRYxqy0gdgQP5jgwZTFubTo0hTK-HerGcnvD495JBM7ykNbfOpxef2fRdbP9RLehUMpL1KAU-7udtzlYRxaX1DybWYJS594nBqp8pboBwS2deaoMVJw99dBeyvUfooGPZU6wJHtezP9LOj9po7mQqdtiCdQ4gnQsqzVTsb-0_HqDfD4l-TZuXw4k6SMhm2N_wOZBtCH1zGMqnaD4IGUVMyOvFfalbq0cXefG7H2t9JxZM5LFdHb4h1m0UdwK_ou2rQy_zLFQhyPGtGshpGyhzGtdgJQ_AOS1s1onO2yBI2dWNDtjQY2jhdgY8aAi7NRM2Ep638hxUfLxhN0UmXUZU-tEof1ZR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
46 B 36ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z522VRRJC1&gtm=45je37o0&_p=1929287391&gdid=dZTNiMT&cid=1673861789.1690271093&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1690271093&sct=1&seg=0&dl=https%3A%2F%2Femployeesportal.info%2F.apps%2F&dt=Page%20not%20found%20-%20EmployeesPortal&en=scroll&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z522VRRJC1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://employeesportal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 07:44:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://employeesportal.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.employeesportal.info/	1970-01-20 13:32:37	Name: _gid Value: GA1.2.2128415240.1690271093
.employeesportal.info/	1970-01-20 13:31:11	Name: _gat_gtag_UA_144297853_1 Value: 1
.employeesportal.info/	1970-01-20 23:07:11	Name: _ga Value: GA1.1.1673861789.1690271093
.employeesportal.info/	1970-01-20 23:07:11	Name: _ga_Z522VRRJC1 Value: GS1.1.1690271093.1.0.1690271093.0.0.0
.employeesportal.info/	1970-01-20 23:07:11	Name: _ga_CLKW62JDG0 Value: GS1.1.1690271093.1.0.1690271093.0.0.0
.employeesportal.info/	1970-01-20 22:52:47	Name: __gads Value: ID=879cc9bf9d923b64-22d7c36dece2004e:T=1690271093:RT=1690271093:S=ALNI_MYx51kYAXqzQZ97b-awK-6eoUKDZg
.employeesportal.info/	1970-01-20 22:52:47	Name: __gpi Value: UID=00000d12c6b80fc2:T=1690271093:RT=1690271093:S=ALNI_MYdVmcZzFXSR_ND6UtveLyyWXrBSQ
.doubleclick.net/	1970-01-20 22:52:47	Name: IDE Value: AHWqTUlfnNOGxtggPenkTuCQPRszfIs7pz8_2lokR_98JR5Ab46aVfcEADvWY_9191k

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://employeesportal.info/.apps/ Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
clients1.google.com
cse.google.com
csm.eu.criteo.net
employeesportal.info
feedburner.google.com
fmcrmfrtrackeu.fmsendfreecrm.eu
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
178.250.1.6
18.194.54.41
2001:4860:4802:34::36
2001:4860:4802:36::178
2606:4700::6811:190e
2a00:1450:4001:801::2008
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9a
2a02:2638:3::12
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::c
64.31.40.18
02a784b94641b6f0cc2153720bc8286049551752625ba2c3ccfafa6136ffa2f1
04cfbc16aca4ed494d415ba2685c448e8b73a84ad1e3663c7ad163123930556e
05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0f65a8cbd6397b459e6b4e671505cb4ebfcfdfad4a5f6923dd805baccd26fac2
116cca2e9316478e58d451cfdec38661ae923f869dd9dba0c2292c6c403f1c36
178f8624fb0632d3aa3bb0e58c21ebf453280980ee043b019e8204c98136431c
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
22bc2a37ea233e66050cd324054c870628cb8a3fb5e930edf9189ff1a8c94824
230361ea8d8b457930d3c6e58aa58978bb71a537de1ea8990a174f6a5b992628
2b3d4a9c02989a1c9241de87f9d6ac11d44f90e1370fb13ad4488c544bcb985b
2df57c74718d9b607118a4d571c90dd48d91e7d42ecd3299413cf5f24f15ea59
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3887ffe7512f547603ae2b15fcfe52f3baa7786ab55617def2ea7c0b6360c491
3a643052fa74ed7d8fff1c2b33a2d6c97f0dc9a53a9771adebefd889d483f998
3a96dc3813f87c972b8c2f99e48dff34d900ac84de947ebf274c4b5617c0b28b
41a6c3a3843205edeba07f6926145d5a67a09a1892c750c264606c60d96afe7d
4d9099dc99e7463b6cb49bea0afed3da5af72b655a3317b865b7d537f3050c46
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
60fdee1e8da3ae599a85a52d975f9ef8ed355943de1d6078ad4bc732dc830865
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f694a686abcf63fe4fe6456a8de9842c15830766d9f06117aa9bd034bdb3fe6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
768e2aff40935e3d020646d4fd7d2c8fc45708f3c23d680dc2b70e1127d6f436
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e173df1d18782b31a6c00f07ccab064172607fdf75ca804c48f9dca7b7ff86c
852d572d82d40d15c4b90b15811667a9fd06da97ec3be1036ae258755509314d
85ae11a6f5a4a043b1482fb6336b013a76f789314d5cee2e4eb9de5bad2fcb84
88c7cd764e27f4b26dc614de935ea9f88cf8331676c77957704ddb6785476dc8
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8da0f927bf4a5774c05eb64aec80a34cfbe3569cbe92879b76f2f2d11b5c02dc
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9acc5416c4c2085d831cadfad2ab96a44ed91f14ed057b543ec2ff89041ee0a4
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa5e8d17a23a960dd4eb5fad38e74684683fa1d6a5064a6fe88d0f46650f9689
aa7ee3b51d5cee4aac56a3ea9c4e35fbe0135c7c46a76dba06da3af914cc5598
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b133edd0ea88b9b6d1a96ad96a031d0669cdc1b2e186b5f9adcb2742ac522b10
b15282ee7c5d0da89e8c0f7cd7bd8a855a7df6787b7df09530987520e85f4911
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c8d3c8befb5d970376d5bfea7acffe07057609eb6e8c663572530233b8452ff3
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
d58b7fe3533855b0d12468680147f9366e6b84c99056e9f6a00977cfa4dd0fef
d61113433b0dcf2cdeb032579c7e7b9ce46cd9fb8d773ae71fa3569593bb3821
d64c2d3836446d44b0a544580f03249825afbc4a0f307d80b811a2538442be91
d7105ecdafb44d87a649f5284444b6af00b06476f15fcc6d0bca6e84c7b77475
d809f67b885654970b94fbb8dad59d584b92c9e1eafe5e2f3c135bd008dbd61f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e061e1631e80e5467587c66c5b7d8bbcd9aa0adb68e8b32fe9295c3aab47288b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58d6e80144fcd187075236af2251ea834e96f4678e7fb81974a68a15d77b5cc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0208d105f5904ec61e4aae58da757c106bc05c0f93d36efdc2b7c48cfbbe1a0
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
ff5471d0afd8bde2e686c7f7851f1a5415d136c9c3f2adc34a5e80811c00104c

employeesportal.info Open in urlscan Pro 64.31.40.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

87 %IPv6

14 Domains

24 Subdomains

23 IPs

4 Countries

1313 kBTransfer

3099 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

employeesportal.info Open in urlscan Pro
64.31.40.18 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

87 %
IPv6

14
Domains

24
Subdomains

23
IPs

4
Countries

1313 kB
Transfer

3099 kB
Size

8
Cookies

86 HTTP transactions
1 data transactions