urlscan.io logo urlscan.io
SecurityTrails logo

forums.joeuser.com Open in urlscan Pro
66.79.209.94  Public Scan

Go To Rescan Add Verdict Report
URL: https://forums.joeuser.com/
Submission: On July 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 88 HTTP transactions. The main IP is 66.79.209.94, located in Novi, United States and belongs to TELNET, US. The main domain is forums.joeuser.com.
TLS certificate: Issued by R3 on June 15th 2022. Valid for: 3 months.
This is the only time forums.joeuser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    66.79.209.94 (Novi, United States)

ASN27553 (TELNET, US)
PTR: tnmi-static-94-209-79-66.ip.telnetww.com
forums.joeuser.com
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a03:2880:f03f:1c:face:b00c:0:3 (Düsseldorf, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    66.79.209.95 (Novi, United States)

ASN27553 (TELNET, US)
PTR: tnmi-static-95-209-79-66.ip.telnetww.com
www.joeuser.com
8    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
partner.googleadservices.com
7    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
14    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
23 joeuser.com
forums.joeuser.com
www.joeuser.com
547 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
csm.eu.criteo.net — Cisco Umbrella Rank: 7348
601 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
230 KB
6 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11035
ads.eu.criteo.com — Cisco Umbrella Rank: 7319
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9410
38 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
24 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
196 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 668
syndication.twitter.com — Cisco Umbrella Rank: 871
133 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
124 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
85 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 96
www.google.com — Cisco Umbrella Rank: 10
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
388 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8252
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 873
644 B
88 14
Domain Requested by
22 forums.joeuser.com forums.joeuser.com
14 static.criteo.net ads.eu.criteo.com
8 pagead2.googlesyndication.com forums.joeuser.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 connect.facebook.net forums.joeuser.com
connect.facebook.net
3 csm.eu.criteo.net ads.eu.criteo.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com forums.joeuser.com
www.googletagmanager.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.facebook.com forums.joeuser.com
2 platform.twitter.com forums.joeuser.com
platform.twitter.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 syndication.twitter.com platform.twitter.com
1 www.joeuser.com forums.joeuser.com
88 21

This site contains links to these domains. Also see Links.

Domain
www.joeuser.com
feeds.feedburner.com
www.stardock.com
Subject Issuer Validity Valid
*.joeuser.com
R3		 2022-06-15 -
2022-09-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-28 -
2022-07-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-22 -
2022-08-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://forums.joeuser.com/
Frame ID: 789957574E6AF4D20BA316C07218F3EA
Requests: 44 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fforums.joeuser.com
Frame ID: 44B52A54C18F35E66CC8C20DC553FCFC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/zrt_lookup.html
Frame ID: 6E1B367BF6F8A6FDD808CC39D326EA5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Frame ID: 6ED03FC2307435D76DF7F1D5D2246456
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
Frame ID: 7C052654D02151D0205FC54179B44E84
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&adk=103383905&adf=3668406935&lmt=1658325552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fforums.joeuser.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325552013&bpp=1&bdt=1431&idt=251&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C160x600&nras=1&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=257
Frame ID: 506B1F6F2DC418064894A008A6322194
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Frame ID: 1A298784EB87D112B850B933F0F39763
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Frame ID: 353938F94017ED404A5F2CF220C366ED
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20D62B03319E5302DECCD43FFE7CF94B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37FA6BE54AB1D6207AA7A53C0590B124
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JoeUser » Blogs for the Average Joe! Forums

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

100 %
HTTPS

63 %
IPv6

14
Domains

21
Subdomains

20
IPs

4
Countries

2002 kB
Transfer

4522 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forums.joeuser.com/ 		97 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
e5ca87dd5898169336c68d7577731acfd396292c932cd7cb51318f039fe17180

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
21021
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Jul 2022 13:59:09 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
css
forums.joeuser.com/bundles/vendor/ 		57 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/bundles/vendor/css?v=EkbcAGto1g_mxdJ-ZOTosWWoxxW8lWzRDPm4tYe0D3M1
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4764ff4e85aa19c0bf64d9baae463ca88e19fb3ff2743bb6a7a46ed87b50b357

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 13:59:10 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
17332
Expires
Thu, 20 Jul 2023 13:59:10 GMT
css
forums.joeuser.com/bundles/themes/joeuser/ 		143 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
064cd32c8956dd042e2840ed6f6d1286dbc6e0121155181385a797c38bc3099d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 13:59:10 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
28914
Expires
Thu, 20 Jul 2023 13:59:10 GMT
js
forums.joeuser.com/bundles/master/ 		421 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/bundles/master/js?v=CDluS7wPmzY6_Wqf1D33kfb163FYO7nhHKHKOO6tFp41
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
28c306129b83367db0a17d504872e608d0fb5d94a9863f9e1016b6cbc915933b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 13:59:10 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Expires
Thu, 20 Jul 2023 13:59:10 GMT
jquery.signalR-2.2.2.min.js
forums.joeuser.com/Scripts/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/Scripts/jquery.signalR-2.2.2.min.js
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
fabd2788e4a11ff0c9958bfbc019587becac24a6bb38924087768c38dff4a9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2017 20:53:32 GMT
Server
Microsoft-IIS/8.5
ETag
"d76ab2a41c54d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
14942
jquery.countdown.min.js
forums.joeuser.com/Scripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/Scripts/jquery.countdown.min.js
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
74776e1c00cab84c009633e18bf204f6d0477aa81dc058c00fe6a5f4195999e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2017 20:53:32 GMT
Server
Microsoft-IIS/8.5
ETag
"6b8b0a41c54d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
2948
hubs
forums.joeuser.com/sockets/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/sockets/hubs
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
97f1e533ec46e06b4ea8072e1314ff406a3c06abc65ccfd835e5e09e7ba09994
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 13:59:10 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache
Expires
-1
js
forums.joeuser.com/bundles/themes/JoeUser/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/bundles/themes/JoeUser/js?v=st1I99uvl6-nHB5QA0M2S2olIkO9YpVcN0bWmtYCKh41
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
56c81af8ab527b8868e459e93d6416ffa75a02ccca849af70a88f25504f6e441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 13:59:10 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
1730
Expires
Thu, 20 Jul 2023 13:59:10 GMT
js
forums.joeuser.com/bundles/pages/index/ 		770 B
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/bundles/pages/index/js?v=jYkWS3ay7GnquHrLpPYvoFHoFZppeoVHjmHPNgDAIIk1
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
f4901de129d5e90d8f183711c534db8317a53d63f050a94cd81c6dde1f4ddf36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 13:59:10 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
597
Expires
Thu, 20 Jul 2023 13:59:10 GMT
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3744570-19
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
577f43eab4fe39f4bfe59b3bb04ee2511ef98390aa3fced78ce8e1d295154c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41997
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jul 2022 13:59:11 GMT
space.gif
forums.joeuser.com/images/Base/ 		49 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.joeuser.com/images/Base/space.gif
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
794b891779df095ce409751da0c4154025148f9c2d486e6b5fc7bd4027bedb07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Last-Modified
Thu, 02 Nov 2017 20:53:31 GMT
Server
Microsoft-IIS/8.5
ETag
"a8bb82a41c54d31:0"
Content-Type
image/gif
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
49
WebResource.axd
forums.joeuser.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZIZyGn1pfqXtRqDftAaMEr_1NpIWICzE-wnJt_aPlZmKhuLSSA2&t=637453888754849868
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 01:27:55 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
6007
Expires
Thu, 20 Jul 2023 12:19:50 GMT
ScriptResource.axd
forums.joeuser.com/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvk2YjPIO9PY_oVjrTo3DaWNl8tX0S-6zqDcGwA5_vz-CFWJUhpeOwYBbKzcqYybXjUO5IVWbVC_RF7Ku5aQvNr8D5KcYNh-30eolm345i-Z9JLyVJ_1kRgsXfzCrcR6uY_cQ0rA1&t=363be08
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 12:20:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
25609
Expires
Thu, 20 Jul 2023 12:20:05 GMT
ScriptResource.axd
forums.joeuser.com/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8ONMcBWI1SUsa-raG-iUAqwqQiL_wJLNEk49MvkPnR_00SzjrF3QtsHEjQ7iYVjQmXVlkMV-gd4gnk4zo7aiKsaT0VP38m5DzSXDTbnmWkh49BuHMIPBX3ty4Z0KG0kwkdyHRHt41&t=363be08
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 12:20:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
9984
Expires
Thu, 20 Jul 2023 12:20:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3aaaad775d549762a3d08c30a0f5ba14362a5dbc75792a7e34ac99ad1a4e07c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56823
x-xss-protection
0
server
cafe
etag
12452577252983099060
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Jul 2022 13:59:11 GMT
tinymce.js
forums.joeuser.com/js/tinymce/ 		368 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/js/tinymce/tinymce.js?v=_Otg9mE2PDBi5Pt-tmrZpbZIKTDyNzkQfbUFuPWiNVo1
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
54cc5b3a1845e8dc6943775f6921e333d810d117662a2402c54ed637a54e0b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Jul 2022 13:59:11 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Expires
Thu, 20 Jul 2023 13:59:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
SYv2vb6F6i3Vn5GNu0UJyZCtEz1mIeQcB8wF+WaWeJ9R8OFdQzydZ231sdIyI2UrypqGtcEYyKjbUtZaggzq/w==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 20 Jul 2022 13:59:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) /
Resource Hash
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:11 GMT
Content-Encoding
gzip
Age
1190
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29212
x-tw-cdn
VZ
Last-Modified
Tue, 19 Jul 2022 20:07:06 GMT
Server
ECS (frb/6713)
Etag
"3b16e031477759af620cd0de990c6783+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
310c1e4f33d52c798776dcde59049a0c432d76a4ff9ebba0af49ee1fd39bad4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
eTtdmBDKpFnxz6UZK1FwFQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 20 Jul 2022 14:04:15 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
a8LTZjvG0PIqhcDsJS0ZvvII8hHeFPzQX2t1jKX2hqRGGk2VRhN6P/SnuJzhwL/oDmtUknEmwYfKeoza9ZlVfg==
x-fb-trip-id
664085054
x-fb-content-md5
e658de093150948304e3018265e26f4c
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 13:59:11 GMT
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"6dd8a604746db797ed6d221f5269462d"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
header.bg.png
forums.joeuser.com/Themes/JoeUser/images/ 		213 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.joeuser.com/Themes/JoeUser/images/header.bg.png
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
067cbebd2c18bac28e7ff0598e7a27a8a78df2c38888865f933f0875da923147

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Last-Modified
Thu, 02 Nov 2017 20:52:27 GMT
Server
Microsoft-IIS/8.5
ETag
"ec1a517e1c54d31:0"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
213
header.logo.png
forums.joeuser.com/Themes/JoeUser/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.joeuser.com/Themes/JoeUser/images/header.logo.png
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
233beea984a0957da2af958171873fa38ba173972adfcaf8920cc8971055c9a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Last-Modified
Thu, 02 Nov 2017 20:52:27 GMT
Server
Microsoft-IIS/8.5
ETag
"ec1a517e1c54d31:0"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
10109
buttons.png
forums.joeuser.com/images/base/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.joeuser.com/images/base/buttons.png
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
56756b2c61ef9e7b15ac2c29d5bad3a8cd73accb7c973739578d2fb144ffa0c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Last-Modified
Tue, 20 Aug 2019 18:17:57 GMT
Server
Microsoft-IIS/8.5
ETag
"4257fb978357d51:0"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
48855
glyphs.png
forums.joeuser.com/images/Base/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.joeuser.com/images/Base/glyphs.png
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
b757d8b561c7e08ac3815502c350651add8fd81efcfc91a5f5091fd7c8ce64b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:10 GMT
Last-Modified
Tue, 21 Nov 2017 20:15:35 GMT
Server
Microsoft-IIS/8.5
ETag
"f41a697d563d31:0"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
24169
message_logo.svg
forums.joeuser.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.joeuser.com/images/message_logo.svg
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
07d6ef910309062770ccd0c032b6a2ce05dc9e32efb8a99f3367d55dbde7bb5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Dec 2017 18:16:56 GMT
Server
Microsoft-IIS/8.5
ETag
"ff3e5066be6ed31:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
2283
sidebar.bullet.png
forums.joeuser.com/images/base/ 		503 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forums.joeuser.com/images/base/sidebar.bullet.png
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
8f6e46498cf06b7f6da5894a8cb0be6a18e747dc51d0e78a6b774e75e1aaa2f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:11 GMT
Last-Modified
Thu, 02 Nov 2017 20:53:31 GMT
Server
Microsoft-IIS/8.5
ETag
"0f77da41c54d31:0"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
503
footer.logo.png
www.joeuser.com/images/Base/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.joeuser.com/images/Base/footer.logo.png
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/themes/joeuser/css?v=B3stOKC4LWcKSctV0gLdRtBFi7n7RIyMMJNdXo5I2vY1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.95 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-95-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
7c4973a99f532c486a4cd1fc24a8c5c786e34ba0d39a227f052f69bd8aefeab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 13:59:11 GMT
Last-Modified
Thu, 10 Oct 2019 18:07:58 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"534a9aa5957fd51:0"
Content-Length
4154
Content-Type
image/png
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3744570-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3744570-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3db87c834b69c31814b2e1dd26218577048640eced575f9077140659f7f948aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42067
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jul 2022 13:59:11 GMT
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3744570-26&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3744570-19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3fafd74950ffa680b2b45a884e09de5bc94954a7820431a690cd79d825cc13c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42010
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jul 2022 13:59:11 GMT
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d9e2021444f25b8f8976bef4cf2c47a9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e1bb31b7004405b159c297e84e453a2ae93a67659880c21e7e6d3261b29fddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://forums.joeuser.com/
Origin
https://forums.joeuser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tVnDW6wwxGB+lEGVXIFP8Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 20 Jul 2023 12:57:47 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85964
x-fb-rlafr
0
x-fb-debug
JcLVM0LJhcqUwVR5WpyDMGAciuLByeKq8cHQq9fr4s+irB3XfhkxlDH8iWLfGBxNZD0L7HDVxMBzNjVKyvSOSQ==
x-fb-content-md5
dad4df063d468175344c7f9eaddc4ec9
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 13:59:12 GMT
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"52e4c80efbe1a7daee397dcd7020aaee"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
1995548234069087
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1995548234069087?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 Düsseldorf, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2484195cc220e54543618ea5879bd6d6a5ef8159e8af472b0df20a2cad189881
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85910
x-xss-protection
0
pragma
public
x-fb-debug
lMtGjnSONSPMg4qIdd1VUFwuDlZ/uNLLZGKkO0KbZS8s0UxPbrHSr76T54ZdGOEYR0IiQUzZTwN5VUjFu6lGEA==
x-fb-trip-id
664085054
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Jul 2022 13:59:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html
platform.twitter.com/widgets/ Frame 44B5 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fforums.joeuser.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6713) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://forums.joeuser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
64186
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Jul 2022 13:59:11 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 19 Jul 2022 20:05:03 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6713)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/ 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01b55f71919a4b6343ed9d877acd9456ea809e97e7e8beed73f0c6638021e2a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123221
x-xss-protection
0
server
cafe
etag
10616363163603892773
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Jul 2022 13:59:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/ Frame 6E1B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forums.joeuser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
48065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 00:38:07 GMT
etag
8616628553774171045
expires
Wed, 03 Aug 2022 00:38:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3744570-2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3432
date
Wed, 20 Jul 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Jul 2022 15:02:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1995548234069087&ev=PageView&dl=https%3A%2F%2Fforums.joeuser.com%2F&rl=&if=false&ts=1658325552071&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658325552070.334970629&it=1658325551947&coo=false&exp=u0&rqm=GET
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 20 Jul 2022 13:59:12 GMT
settings
syndication.twitter.com/ Frame 44B5 		580 B
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=7a5dcabb3d2747a4a27b8cb11b4cffeeba9d7274
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fforums.joeuser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
105
date
Wed, 20 Jul 2022 13:59:11 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 13:59:12 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
302be844a131359160977044420ba314a74722ff84cd8328c74a2e766aedbab5
content-length
260
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1279068703&t=pageview&_s=1&dl=https%3A%2F%2Fforums.joeuser.com%2F&ul=en-us&de=UTF-8&dt=JoeUser%20%C2%BB%20Blogs%20for%20the%20Average%20Joe!%20Forums&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1316222551&gjid=1106648455&cid=2063898852.1658325552&tid=UA-3744570-2&_gid=658297602.1658325552&_r=1&gtm=2ou7i0&z=1718429816
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forums.joeuser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 13:59:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forums.joeuser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1279068703&t=pageview&_s=1&dl=https%3A%2F%2Fforums.joeuser.com%2F&ul=en-us&de=UTF-8&dt=JoeUser%20%C2%BB%20Blogs%20for%20the%20Average%20Joe!%20Forums&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1944025320&gjid=1740135380&cid=2063898852.1658325552&tid=UA-3744570-26&_gid=658297602.1658325552&_r=1&gtm=2ou7i0&z=1385530552
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forums.joeuser.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 13:59:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forums.joeuser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		215 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=forums.joeuser.com&callback=_gfp_s_&client=ca-pub-7512798962749118
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
096428b52dc4ca7e678e2a0790fba2f5d40138db7cf096d05bdc5bb9c3252ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=forums.joeuser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=forums.joeuser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6ED0 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac2baaaa76df37ae5f091fb64b98a37c2861e11b9e8141b084f85930c59aeec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forums.joeuser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9512
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 13:59:12 GMT
expires
Wed, 20 Jul 2022 13:59:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7C05 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fe97fbde948d2296a8e3fe30a7e6252c85a38d58f7fcd8b37aac5e67d4d2cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forums.joeuser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 13:59:12 GMT
expires
Wed, 20 Jul 2022 13:59:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 506B 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&adk=103383905&adf=3668406935&lmt=1658325552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fforums.joeuser.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325552013&bpp=1&bdt=1431&idt=251&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C160x600&nras=1&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=257
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forums.joeuser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 13:59:12 GMT
expires
Wed, 20 Jul 2022 13:59:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 6ED0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 13:45:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 6ED0 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 13:00:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6ED0 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 13:59:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6ED0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQqf3MArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE1QFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYc6TqHx3IucDFLMJZRfHp590WocaICaJgVwyAoJ53FeygE4ok9LU2ABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1MTI3OTg5NjI3NDkxMTgYAA&sigh=f0snc0rLFPQ&uach_m=[UACH]&cid=CAQSGwCNIrLM7HkPQYTwtg9GpkkhFkLusexJ7J2SgBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Jul 2022 13:59:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 20 Jul 2022 13:59:12 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6ED0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kP2jEt6BMNgFWp2DYgICAAAAj7s7f-AFuBkQMArYYsPoUwyqMlh80L_kABIAAA&wp=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:11 GMT
server
Kestrel
server-processing-duration-in-ticks
187854
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1A29 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1dec9e49528183d7ab88122a661d9323cac9bee843de333b95bbc2a263621e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 13:59:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=eHRu7QVt2Oc9LaLabPVcep1NSYV8UeSJJRIlNVBumMzqZfGXGY9p7Oyw4xH2ucum5QCYsZL8bm10LlV0qdqj_v_tJMTDDtCF3c08-SA8YUKPQVMBPHtfZJp2pEhrWUKX9pyjOplcNYifzdXtqEZwgl_mZNzlYEgu63mSlWrUsB7LoYhAf0A0DYyl_lWn1-Xgi6awmBtJtrBJKFyi43OuTkkeRc1ey-E57haneZtZ-Bw7p5GjmpYe5lfOpmDDOz6Glyz87TBkPlAkjsje"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4825385
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 7C05 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 13:45:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 7C05 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 13:00:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C05 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 13:59:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7C05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cw5N7MArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTcAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZpmji_sqqXqTU7IReI_v3z2GxZsuI1j2A-FODmOwf0NwYS1itKw-2ABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1MTI3OTg5NjI3NDkxMTgYAA&sigh=kdALGdtr_QQ&uach_m=[UACH]&cid=CAQSGwCNIrLM98Hk8KBJ21KcIVtljX_yJNEQLsUefxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Jul 2022 13:59:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 20 Jul 2022 13:59:12 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7C05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kP2jEtyBMKAB2ASdg2ICAgAAALvYDoH9-eKUEC8K2GJDwZaB941M_5qFcAASAAA&wp=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
server
Kestrel
server-processing-duration-in-ticks
245681
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3539 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=600&slotname=8375336722&adk=561196076&adf=3338238303&pi=t.ma~as.8375336722&w=160&lmt=1658325552&psa=0&format=160x600&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551999&bpp=1&bdt=1417&idt=260&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5682775671927&frm=20&pv=1&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1301&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gzBJJvmWO8&p=https%3A//forums.joeuser.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
93e3817b11c8bab88fefbff86bcd92340bd39c14a1fe2ee4330896ac949c15a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 13:59:12 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Iet3XgVt2Oc9LaLaTTYNisA882PxpGem3N4rTbPvL9LNmP9_VpoEE7_On1BH51hGWGKBvC_Iz30sGji4EqMTWSfqb67dERTiHMzJxgWuXq8rVYrWfh6weD1XwayctlWFqQPLYp9KONhwEs2d44i4eXyv6sG1c2OO4jsDNuPioLiyKIzKrttp1xrfidXseBFoNLyEoxod0qbeoTzyypg4zNpE6NXuGW0pWfxzCbCHKwdlaeiqaoq7Jvi6wlFV4hwq0u10JQIAsQf3OVOy"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5209252
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 6ED0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcc655f52a26fedb3f447ab445b6c97a11f5e0f60f730ad795059c328fc54ddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7C05 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64abb7b2bd166978125457301c84e6f0e2ffcfd50eeb70f89225f9d7689c7d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1A29 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jul 2023 13:59:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1A29 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jul 2023 13:59:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1A29 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 15 Jul 2023 13:59:12 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1A29 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 15 Jul 2023 13:59:12 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1A29 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ovUfvn7yhZ3SxTMvEAd9vGFmcfBBt7oLpd4FhLODnG-vFnrTm1_yOcZhMXsfdHKbCZwZsEZ9f7nDr7SO29bAhqyZ5QXgJmAdC7_lCKwxUExPqiz5lKnZ5Slx_AxcpM4xJIb7fjryFsapb95gd8w5wXxUq12HhfIQRAqVU-v7Vl78r1dFH-lw7MwtVGO3ZCvpKKdRiqGWA2mDtHMCMEu8X7RcLMz4Eooe3TvvSswHfGMhWB4o09_DZzcxDfveQdeJXrNACpzBCNic6uwyQ0wle04yPilXIYxAVbdKBlUWeIIAQjA-nhB6JFcVUp7mw95QNKOeuxDCwoXDHcWoUqIXEDLyF2qlSkP8VX_j90PJR0I50ha8AaaeokhUuITKTjriakm9ON5kWKwgBXeJXGK5gkX1plX7ZcuZJON1odkee8pfBJsv
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 13:59:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3125423
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
20150a0a959640b2a0840b54f9aa68e7_image_ad_728x90.gif
static.criteo.net/design/dt/90764/220415/ Frame 1A29 		431 KB
432 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/220415/20150a0a959640b2a0840b54f9aa68e7_image_ad_728x90.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
6a5a94d0b2fb606a853bc24347234da9e31ecca4a6e35841c6a2443833fdfc30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
last-modified
Fri, 15 Apr 2022 14:42:12 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62598444-6bc67"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
441447
expires
Sat, 15 Jul 2023 13:59:12 GMT
all
csm.eu.criteo.net/ Frame 1A29 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=eHRu7QVt2Oc9LaLabPVcep1NSYV8UeSJJRIlNVBumMzqZfGXGY9p7Oyw4xH2ucum5QCYsZL8bm10LlV0qdqj_v_tJMTDDtCF3c08-SA8YUKPQVMBPHtfZJp2pEhrWUKX9pyjOplcNYifzdXtqEZwgl_mZNzlYEgu63mSlWrUsB7LoYhAf0A0DYyl_lWn1-Xgi6awmBtJtrBJKFyi43OuTkkeRc1ey-E57haneZtZ-Bw7p5GjmpYe5lfOpmDDOz6Glyz87TBkPlAkjsje&sds=2&rev=82182&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Jul 2022 13:59:12 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1A29 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jul 2023 13:59:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1A29 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jul 2023 13:59:12 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3539 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jul 2023 13:59:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3539 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jul 2023 13:59:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3539 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 15 Jul 2023 13:59:12 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3539 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 15 Jul 2023 13:59:12 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 3539 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=InmXYlwmtHnLL1_guGeHLVy_dTuBTmLdQSV4nuehld-jQ-kPYC57-NxaBzbFmbMFhAI6Oqv87tbn44RfSm4h258aD2lYIziRb1m_RMx9zTOZIi85IPc2VeHPf93-3Ek3YhtjUPp8AULjT3ltyVuIgDWM4CQbmppNMbkdWMJ4NEW_tlhgSi2l4zDoMPgC7EeiiFrroKbLc1sMh_8AS83WsrqL0W3P66xQRjMpuidPqxjqFyI5C2ylRtTaMLrbrLGdOCmCqkdE3zkCxw3432vC4oj7Xd5k3JC-m6v5E1rcJ6PGrvcA1VlCS2DGJQIAcnw3FPlHubd0DpqbS2NcSvUShG9KHIgE71rH89u9BZgO7VAK4vzhXGW_n8D3T2eday1QH9fwHcabYUqyNMYIYHz7hztEwCjb_mDHQ4lu4fBLopbsq3Ts
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 13:59:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3308766
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
cd5a9124eb554bc892078416ea9712f5_image_ad_160x600.gif
static.criteo.net/design/dt/90764/220415/ Frame 3539 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/220415/cd5a9124eb554bc892078416ea9712f5_image_ad_160x600.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f3dbe18706079500a84c92e422163accc471c93a7da863c038871e23972f3eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
last-modified
Fri, 15 Apr 2022 14:42:12 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62598444-26f17"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
159511
expires
Sat, 15 Jul 2023 13:59:12 GMT
all
csm.eu.criteo.net/ Frame 3539 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Iet3XgVt2Oc9LaLaTTYNisA882PxpGem3N4rTbPvL9LNmP9_VpoEE7_On1BH51hGWGKBvC_Iz30sGji4EqMTWSfqb67dERTiHMzJxgWuXq8rVYrWfh6weD1XwayctlWFqQPLYp9KONhwEs2d44i4eXyv6sG1c2OO4jsDNuPioLiyKIzKrttp1xrfidXseBFoNLyEoxod0qbeoTzyypg4zNpE6NXuGW0pWfxzCbCHKwdlaeiqaoq7Jvi6wlFV4hwq0u10JQIAsQf3OVOy&sds=2&rev=82182&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Jul 2022 13:59:12 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3539 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jul 2023 13:59:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3539 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAF0nAKsoKQAAFsHOK8OT92jzS4IcQHlw&u=%7C%2B%2BxhrVIsjkJ8Sz7YvW3RLxeV82Posmr9nCrC9KhUZVs%3D%7C&c1=Dcz_gsP0hEuJH1VnunqGy22nFndhAq5zHLzTaReNwSlrJHe513kNf28HvvSXrpnKRWWAEkC0Pa6A0u1g1aov89EWu096uATtiU2Vte14jyMEmqTxiZluLa8wYPUs3Fwrpkl4wn48Wu3B2LwC9HmDUubjgC53Y__dBlhp7iUyqYBEkobgfr89Z0EgKEyYNiWLAnNCvI837JEMmqhxqQ6d-kZFVGm3ARLaw_e1x37RHAfRUBAgioBuuDgAcc06yXR8SFQWZJU8b2loUXFShVy76vJRncNgSg5TYnU5YlALswfqsiwRuGC1UFA44sp4KmlHLcOVPjZKWGrFi4XSHZZFVbKa2j7kPSokfh7SvOq17JQLmIE-YdeBeofVhavSBM-xqMymGSTTls0TOtjbWq-PKFFxB7zbPnp1tVyo2dulHJlSMMDsbGveMjggWKg6F2KAyQqlaeFbf7UsJ_Nx7rfAx-K867CxCKck&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxdtXMArYYvCkF5CFygWc2IXgBMme0rFc1Z2R93DAjbcBEAEgAGCVgoCAlAeCARdjYS1wdWItNzUxMjc5ODk2Mjc0OTExOKAB1bbS6gPIAQmpAg6_dLaAKrE-qAMBqgTfAU_QxRW6byMcPsJYrK8kxTqU7JaVdp7CnZzJp7Y8vizIieR9bjRuIp6A0AC69kxzOM2l3CpDMIOYI_TGlgRLLyqn4lyLAQ4dJghz39k1fEnWBXX0U8aDeKYHcH5yGFBl3vwkXEQdWQmB8Y4Kxs-pP8u79IXZGrFzu_RJ062onY40epxRblwOfBZL9XXbyC98an_Fxj1V9-wx_38v13NGIcZ-jN_c-7VrkyLxxpbiDq2NfarZ8fZp2DqeIC0YNSaEvQMrLsBVIGVNuFQ_oXi8oCjbnfVLKSoKU4HO0FJTHLGABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3gcvB6H-vhi0qCmT0o_lEJs2rpcg%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:12 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Jul 2023 13:59:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C05 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=bdt.1417,req.263,bpp.1,fb.566,e2e.1124,fs.264,reqs.332,ress.566,rese.566&srt=302&e=&id=csi_pagead&gqid=MArYYrHLFais9u8P9eiUqAs&qqid=CPD84ovQh_kCFZCCsgodHGwBTA&rt=lb.215,ol.558
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 13:59:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
negotiate
forums.joeuser.com/sockets/ 		375 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/sockets/negotiate?clientProtocol=1.5&connectionData=%5B%7B%22name%22%3A%22stardockwebsitesharedhub%22%7D%5D&_=1658325551729
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/master/js?v=CDluS7wPmzY6_Wqf1D33kfb163FYO7nhHKHKOO6tFp41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
60c6786f8c50b19b137d0ad65cab73218dac17018933d532d19639d4faabd3bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://forums.joeuser.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 13:59:12 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache
Expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220718&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
552da9efad05b8382da9db1fb16948f0ea25338cfb4cbf0ed378bd7c99beac8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 13:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11034
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7512798962749118&plah=forums.joeuser.com&bust=31068511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 13:59:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 20D6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forums.joeuser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3016
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 13:08:57 GMT
expires
Thu, 20 Jul 2023 13:08:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 37FA 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
be5954c3406481090027697f0af5362dc7282ac05531f1182873a457f01b2f70
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FGEE9EuBJX8pavB2sLiPYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forums.joeuser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-FGEE9EuBJX8pavB2sLiPYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 13:59:13 GMT
expires
Wed, 20 Jul 2022 13:59:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 20D6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 19:00:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
68304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 19:00:49 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1995548234069087&ev=Microdata&dl=https%3A%2F%2Fforums.joeuser.com%2F&rl=&if=false&ts=1658325553584&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtJoeUser%20%C2%BB%20Blogs%20for%20the%20Average%20Joe!%20Forums%5Cn%22%2C%22meta%3Akeywords%22%3A%22blogs%20from%20the%20average%20joe%2Cblog%2Cblogging%2Cblogger%2Cblogs%2Cblogsphere%2Cblogrole%2Cjoe%2Cjoeuser%2Caverage%2Cwebblog%2Cnews%2CWindows%20Vista%2CVista%2CAvalon%22%2C%22meta%3Adescription%22%3A%22JoeUser%20%C2%BB%20Blogs%20for%20the%20Average%20Joe!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658325552070.334970629&it=1658325551947&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 20 Jul 2022 13:59:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 37FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220718&jk=1469586621516718&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 20D6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wLGRqg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:59:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
start
forums.joeuser.com/sockets/ 		25 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forums.joeuser.com/sockets/start?transport=webSockets&clientProtocol=1.5&connectionToken=SSF2McXpP%2F5K0zREDzAeVj5luvTgudEpo3VyLHVHZMHNStNKdc3j%2FfZYi7YLJxE7Vf7CqOkVNuKCK0pXb%2BG5NM3Q%2BxMAeFv0e05TsgCIwUGzujzb&connectionData=%5B%7B%22name%22%3A%22stardockwebsitesharedhub%22%7D%5D&_=1658325551730
Requested by
Host: forums.joeuser.com
URL: https://forums.joeuser.com/bundles/master/js?v=CDluS7wPmzY6_Wqf1D33kfb163FYO7nhHKHKOO6tFp41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.79.209.94 Novi, United States, ASN27553 (TELNET, US),
Reverse DNS
tnmi-static-94-209-79-66.ip.telnetww.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://forums.joeuser.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 13:59:12 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Cache-Control
no-cache
Expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame 6ED0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8TvUI0ATZxivMzX3bWKWFL7nru95JQQ3X0BGD2u45XXtiASn2CDi0cZnbpcTL0AZQwlgz5RbYleLRVhMB5JbZ9qo&sig=Cg0ArKJSzPghRbAMQPuoEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4185493686&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658325552252&rpt=494&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 13:59:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 1A29 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=eHRu7QVt2Oc9LaLabPVcep1NSYV8UeSJJRIlNVBumMzqZfGXGY9p7Oyw4xH2ucum5QCYsZL8bm10LlV0qdqj_v_tJMTDDtCF3c08-SA8YUKPQVMBPHtfZJp2pEhrWUKX9pyjOplcNYifzdXtqEZwgl_mZNzlYEgu63mSlWrUsB7LoYhAf0A0DYyl_lWn1-Xgi6awmBtJtrBJKFyi43OuTkkeRc1ey-E57haneZtZ-Bw7p5GjmpYe5lfOpmDDOz6Glyz87TBkPlAkjsje&sds=2&rev=82182&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtgKMAAFhVwIEet9AAWHY8iqv8f3AXs5j37ftg&u=%7C%2B%2BxhrVIsjkItE8S3%2FBgJHwwJCdO6s%2BdN8v%2Fe%2FOrwRjo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g1QCKGju0TMF6LM6FciIv7lwc5HK55BTAulopiy4CT-50EKCTQCe-AGqoSb8wwo_7bE4xVg6kfC59uhQpsNoVL5rW8h8IkMMZLjpBhTp6S9nLNXUievL07afJAl6Zwe06SDtu2ainWMG4O4FD1_ZUCGa4CdvCGOZeP08Ol2fdWk9UvtRaI4VlREiPs90DKjRwUezvY7gajFOKZQnHKgj9PpQJgtvFw2u5NJKzFEXjsiMrMpAqVY4Qbw5AkvZGXK6CiLqjvX4flGAOJ1XesoGhhFjug4GckF3JtPOw1pi7JVULv9_X13DKBEXQDAkE7zyUwZldfUATQGvA5lP0aNsxjr3AJALKswQrcFDF2bSTvLr-sWkE6w7nwMZMNnEXY5mLeVLVQfyU6sc2BID3qOnN2k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm5ohMArYYtyKFv3Wx_AP446WmAbJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTc1MTI3OTg5NjI3NDkxMTigAdW20uoDyAEJqQIOv3S2gCqxPqgDAaoE2AFP0GIEfPbcqTguAAiiDi8pQDwCVTfIEoeJGytpXmlhfl0HXErMpjNcSkdV8GirrxVObVhDYQkRTfo7Lkak3ymCK8wjn6swp3T-siRNagEY7RKCaSrJNGULVLL1FgS2OLBRCbgu2RbKeLCgNUVX7ZgXCBPlNs-0HFmJvJQUCZ8lcYmbz1AV9R490M07Iu5b0wELL5_LGI64mFrIm7Bpo8P-aljio-FYWG0_QsFzZCYcqzimVfWh7CL0rILyrEffD0y8exQIRoCXd-gVgW96ZQQcZyO5PvLqnfeABq7fmaCz9ord-AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0PCTTv1GZpGT4sLl8L55FRCoajAw%26client%3Dca-pub-7512798962749118%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 20 Jul 2022 13:59:13 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220718&jk=1469586621516718&bg=!ZGelZyPNAAZlvz3gRb87ACkAdvg8Wuw3tWBCJoxNpa7QfEF00QNKuDfP_tSoms1UgTYiXzenxXFDegIAAABVUgAAAAFoAQcKAF5IQb73C_CTHxCPgZUfkxNFLQoGoZXdTPU_jl5vVuBM5Y1Ux9ri_ro1Xzaa3jvOD0FxUGIS8A9fMeSIX7WYmyUEUtfPCbEExggVMpjMj3Etzwutd9aRQPUL-hmzVgyDmQKbN7SBtv4E4NCoaFqJadIVXzYT2X0kBnJP26ip0tr1mFHDCEeuOtOXMzulRcDUcxNuPKFPgsz32Ej_AX0rqBGdYLyPCIiaMerof2SJJUS4YpgXe3q2n1W-fijSN1z2jgiaLwhrDhVB7aUkcBa5nAsNKhILm7-GcCfM4iAopKI-f4ZEEZwqiI_-VmaTK6wxHgsmykbX5mbSmteDFzSJfDFfCHVYakFZmwNlReH6cgubbGN_F55McVmNYphrJ5-9XvP6UXQLtjPteIv5vx9Qa-75eAtvyqk500OGUKFT7zsVIXMuVW1LaZ4fl_06gB-kM4oUciGo1dsq1pzCSLn7Vrc8BUGFgQUQm0-iilfXcn0WNrAiDFsk8EMpo5lsYDCGFpvOq2KDNNeJ-PYN56V3QKl-7mAVFBvsl7-8C5VBPosQnPGaMzTXGm_Xo4_uegYP7KEJeVE5_DQ9SeC3qRTLdyrRZLd1adq9PQzp_MTHdAU2UNsXqS5nT59BXeXukN3_qaGr1V6gJxiWS9QpjejGY6VR12gLt_BG5u9qii5v5NwWJeWOSI9um-IN3KTFGERQNH0sGdl_QzBqz6rTsOqE1otR3z81uoueTRTEvPylxBixhT5wGe1ySINULNQoPAIGcZG3VvEPhk92ZXCy5xeWDfZlmvyD6ng4vFJrnFpn1vCT9ujEsfbHM6CcY_SuIzm9gF-eXbtqfvyxTm2zu4J6zfb8FIGZoSUaa0v0ckMKjxtYye-G8V388LkLg6i-5nKrDDEJfX7mgUOlz4D8wtfqi0xs-Qj1sF2in4rOFWBMaDm4foQrQ1H7h1U5PWbp1eycJimDIIlT9Iuy2g-8WaAxVySnFvfAmv--E5-AF-EoT98AN8xv_tWciFrs_eqniA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forums.joeuser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $id function| $partial function| $col function| $new function| InitTwitter function| InitSidebar_Twitch function| InitSearchMenu object| Class object| Abstract object| $break function| $A function| Sd string| BASEPATH function| Base number| documentWidth function| $ function| jQuery object| jQuery112408495027750413839 object| StardockHub function| gtag object| dataLayer function| fbq function| _fbq object| twttr object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| adsbygoogle object| google_tag_manager function| initTinyMCE function| uploadTinyMce function| myFileBrowser boolean| tincyMCEDisplayErrorInProgress number| mce-data-1g8dufiok object| tinymce object| tinyMCE object| FB object| sdHubProxy object| __twttrll object| __twttr object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| __buffer object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
forums.joeuser.com/ Name: ASP.NET_SessionId
Value: o55birhfy1dpffrvb3m32ny2
forums.joeuser.com/ Name: Stardock.Users.Login.Manager.UserSiteAccountType
Value: 9
forums.joeuser.com/ Name: Stardock.Users.Login.Manager.UserDomain
Value: joeuser.com
.joeuser.com/ Name: _fbp
Value: fb.1.1658325552070.334970629
.joeuser.com/ Name: _ga
Value: GA1.2.2063898852.1658325552
.joeuser.com/ Name: _gid
Value: GA1.2.658297602.1658325552
.joeuser.com/ Name: _gat_gtag_UA_3744570_2
Value: 1
.joeuser.com/ Name: _gat_gtag_UA_3744570_26
Value: 1
.joeuser.com/ Name: __gads
Value: ID=624707a519c71576-22ae0f23d3cd00ae:T=1658325552:RT=1658325552:S=ALNI_MaGMa3N6cnopQ9wOVrMCr1V6v-FGg
.doubleclick.net/ Name: IDE
Value: AHWqTUnPWhy-4xyy2K72wI5BB26ymoGeFyNRv8Yv5trG_68z0Rs-HVCSs71bfejrzHM

2 Console Messages

Source Level URL
Text
security warning URL: https://forums.joeuser.com/
Message:
Mixed Content: The page at 'https://forums.joeuser.com/' was loaded over HTTPS, but requested an insecure element 'http://www.joeuser.com/images/Base/footer.logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7512798962749118&output=html&h=90&slotname=2540178774&adk=4185493686&adf=3951405610&pi=t.ma~as.2540178774&w=728&lmt=1658325552&psa=0&format=728x90&url=https%3A%2F%2Fforums.joeuser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658325551996&bpp=3&bdt=1415&idt=238&shv=r20220718&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&correlator=5682775671927&frm=20&pv=2&ga_vid=2063898852.1658325552&ga_sid=1658325552&ga_hid=1279068703&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=336&ady=155&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31068106%2C31068511&oid=2&pvsid=1469586621516718&tmod=1193733944&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98kOIIkVPq&p=https%3A//forums.joeuser.com&dtd=255
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
connect.facebook.net
csm.eu.criteo.net
forums.joeuser.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
rtb.nl.eu.criteo.com
static.criteo.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.joeuser.com
104.244.42.136
142.250.74.194
178.250.2.148
178.250.2.150
2a00:1450:4001:80b::2004
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
66.79.209.94
66.79.209.95
93.184.220.66
01b55f71919a4b6343ed9d877acd9456ea809e97e7e8beed73f0c6638021e2a6
064cd32c8956dd042e2840ed6f6d1286dbc6e0121155181385a797c38bc3099d
067cbebd2c18bac28e7ff0598e7a27a8a78df2c38888865f933f0875da923147
07d6ef910309062770ccd0c032b6a2ce05dc9e32efb8a99f3367d55dbde7bb5f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096428b52dc4ca7e678e2a0790fba2f5d40138db7cf096d05bdc5bb9c3252ae9
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
0f3dbe18706079500a84c92e422163accc471c93a7da863c038871e23972f3eb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1dec9e49528183d7ab88122a661d9323cac9bee843de333b95bbc2a263621e9c
233beea984a0957da2af958171873fa38ba173972adfcaf8920cc8971055c9a2
2484195cc220e54543618ea5879bd6d6a5ef8159e8af472b0df20a2cad189881
28c306129b83367db0a17d504872e608d0fb5d94a9863f9e1016b6cbc915933b
310c1e4f33d52c798776dcde59049a0c432d76a4ff9ebba0af49ee1fd39bad4f
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3aaaad775d549762a3d08c30a0f5ba14362a5dbc75792a7e34ac99ad1a4e07c4
3db87c834b69c31814b2e1dd26218577048640eced575f9077140659f7f948aa
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4764ff4e85aa19c0bf64d9baae463ca88e19fb3ff2743bb6a7a46ed87b50b357
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54cc5b3a1845e8dc6943775f6921e333d810d117662a2402c54ed637a54e0b74
552da9efad05b8382da9db1fb16948f0ea25338cfb4cbf0ed378bd7c99beac8f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56756b2c61ef9e7b15ac2c29d5bad3a8cd73accb7c973739578d2fb144ffa0c5
56c81af8ab527b8868e459e93d6416ffa75a02ccca849af70a88f25504f6e441
577f43eab4fe39f4bfe59b3bb04ee2511ef98390aa3fced78ce8e1d295154c05
5fe97fbde948d2296a8e3fe30a7e6252c85a38d58f7fcd8b37aac5e67d4d2cc4
60c6786f8c50b19b137d0ad65cab73218dac17018933d532d19639d4faabd3bd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64abb7b2bd166978125457301c84e6f0e2ffcfd50eeb70f89225f9d7689c7d77
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6a5a94d0b2fb606a853bc24347234da9e31ecca4a6e35841c6a2443833fdfc30
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74776e1c00cab84c009633e18bf204f6d0477aa81dc058c00fe6a5f4195999e1
794b891779df095ce409751da0c4154025148f9c2d486e6b5fc7bd4027bedb07
7c4973a99f532c486a4cd1fc24a8c5c786e34ba0d39a227f052f69bd8aefeab8
7e1bb31b7004405b159c297e84e453a2ae93a67659880c21e7e6d3261b29fddb
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f6e46498cf06b7f6da5894a8cb0be6a18e747dc51d0e78a6b774e75e1aaa2f7
93e3817b11c8bab88fefbff86bcd92340bd39c14a1fe2ee4330896ac949c15a7
97f1e533ec46e06b4ea8072e1314ff406a3c06abc65ccfd835e5e09e7ba09994
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac2baaaa76df37ae5f091fb64b98a37c2861e11b9e8141b084f85930c59aeec3
b3fafd74950ffa680b2b45a884e09de5bc94954a7820431a690cd79d825cc13c
b757d8b561c7e08ac3815502c350651add8fd81efcfc91a5f5091fd7c8ce64b8
be5954c3406481090027697f0af5362dc7282ac05531f1182873a457f01b2f70
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526
dcc655f52a26fedb3f447ab445b6c97a11f5e0f60f730ad795059c328fc54ddf
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ca87dd5898169336c68d7577731acfd396292c932cd7cb51318f039fe17180
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4901de129d5e90d8f183711c534db8317a53d63f050a94cd81c6dde1f4ddf36
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fabd2788e4a11ff0c9958bfbc019587becac24a6bb38924087768c38dff4a9f1