www2.woaifanyi.com Open in urlscan Pro
121.199.52.95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www2.woaifanyi.com/8dHOITnUs3u=d/
Submission: On June 21 via api (June 21st 2023, 2:29:20 pm UTC) from US — Scanned from DE

Summary HTTP 183 Redirects Links 158 Behaviour Indicators

Summary

This website contacted 33 IPs in 8 countries across 23 domains to perform 183 HTTP transactions. The main IP is 121.199.52.95, located in Hangzhou, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is www2.woaifanyi.com.
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.

This is the only time www2.woaifanyi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	121.199.52.95 121.199.52.95	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
27	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.29.134.245 185.29.134.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
33	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
17	18.203.209.222 18.203.209.222	16509 (AMAZON-02) (AMAZON-02)
1	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
4	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	3.11.176.98 3.11.176.98	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	108.156.2.62 108.156.2.62	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	3.8.219.7 3.8.219.7	16509 (AMAZON-02) (AMAZON-02)
183	33

16 121.199.52.95 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www2.woaifanyi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wwwimg.woaifanyi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.203.209.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.176.98 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-176-98.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-62.mxp63.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.8.219.7 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-219-7.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	criteo.net static.criteo.net — Cisco Umbrella Rank: 583 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9160 csm.eu.criteo.net — Cisco Umbrella Rank: 8989	870 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	293 KB
17	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 11913	59 KB
16	woaifanyi.com www2.woaifanyi.com wwwimg.woaifanyi.com	48 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	66 KB
9	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8915 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9800 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 20441 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 25981	156 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 39899 hal900024.redintelligence.net — Cisco Umbrella Rank: 319694	80 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 4813 pixel.mathtag.com — Cisco Umbrella Rank: 1145	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	224 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 21204 api.webgains.io — Cisco Umbrella Rank: 51885	32 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 53229 medialead.de — Cisco Umbrella Rank: 52979	914 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	15 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 135629	6 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7889	12 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 57739	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 35620	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 192473	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 191967	931 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	603 B
183	23

	Domain	Requested by
33	imageproxy.eu.criteo.net	ads.eu.criteo.com www2.woaifanyi.com
27	static.criteo.net	ads.eu.criteo.com www2.woaifanyi.com
17	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
15	wwwimg.woaifanyi.com	www2.woaifanyi.com wwwimg.woaifanyi.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com www2.woaifanyi.com googleads.g.doubleclick.net
11	tpc.googlesyndication.com	googleads.g.doubleclick.net www2.woaifanyi.com pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	wwwimg.woaifanyi.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
7	csm.eu.criteo.net	ads.eu.criteo.com
4	hal900024.redintelligence.net	hal9000.redintelligence.net hal900024.redintelligence.net
4	hal9000.redintelligence.net	www2.woaifanyi.com hal900024.redintelligence.net
4	www.googletagservices.com	googleads.g.doubleclick.net www2.woaifanyi.com
3	tags.mathtag.com	www2.woaifanyi.com tags.mathtag.com
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	cat.fr3.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	hal900024.redintelligence.net googleads.g.doubleclick.net
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net www2.woaifanyi.com
2	adservice.google.com	pagead2.googlesyndication.com
2	hm.baidu.com	wwwimg.woaifanyi.com www2.woaifanyi.com
1	www.google.com	tpc.googlesyndication.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	www.googletagmanager.com	adv.office-partner.de
1	fonts.googleapis.com	hal900024.redintelligence.net
1	medialead.de	1 redirects
1	track.webgains.com	www2.woaifanyi.com
1	futalis.de	hal900024.redintelligence.net
1	adv.office-partner.de	hal900024.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	rtb.nl3.eu.criteo.com	www2.woaifanyi.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www2.woaifanyi.com
183	35

This site contains links to these domains. Also see Links.

Domain
www.woaifanyi.com
www.ilovetranslation.com
fr.ilovetranslation.com
de.ilovetranslation.com
zhcnt.ilovetranslation.com
ja.ilovetranslation.com
ko.ilovetranslation.com
es.ilovetranslation.com
pt.ilovetranslation.com
ru.ilovetranslation.com
it.ilovetranslation.com
nl.ilovetranslation.com
el.ilovetranslation.com
ar.ilovetranslation.com
pl.ilovetranslation.com
ct.ilovetranslation.com
th.ilovetranslation.com
sv.ilovetranslation.com
da.ilovetranslation.com
fi.ilovetranslation.com
id.ilovetranslation.com
vi.ilovetranslation.com
ms.ilovetranslation.com
no.ilovetranslation.com
cs.ilovetranslation.com
fa.ilovetranslation.com
www45.woaifanyi.com
www17.woaifanyi.com
www52.woaifanyi.com
www88.woaifanyi.com
www65.woaifanyi.com
www58.woaifanyi.com
www89.woaifanyi.com
www19.woaifanyi.com
www13.woaifanyi.com
www96.woaifanyi.com
www99.woaifanyi.com
www97.woaifanyi.com
www70.woaifanyi.com
www32.woaifanyi.com
www14.woaifanyi.com
www29.woaifanyi.com
www30.woaifanyi.com
www57.woaifanyi.com
www82.woaifanyi.com
www114.woaifanyi.com
www62.woaifanyi.com
www95.woaifanyi.com
www105.woaifanyi.com
www61.woaifanyi.com
www90.woaifanyi.com
www91.woaifanyi.com
www66.woaifanyi.com
www25.woaifanyi.com
www103.woaifanyi.com
www74.woaifanyi.com
www106.woaifanyi.com
www50.woaifanyi.com
www104.woaifanyi.com
www44.woaifanyi.com
www86.woaifanyi.com
www109.woaifanyi.com
www113.woaifanyi.com
www51.woaifanyi.com
www40.woaifanyi.com
www87.woaifanyi.com
www83.woaifanyi.com
www55.woaifanyi.com
www21.woaifanyi.com
www53.woaifanyi.com
www54.woaifanyi.com
www101.woaifanyi.com
www111.woaifanyi.com
www18.woaifanyi.com
www59.woaifanyi.com
www60.woaifanyi.com
www33.woaifanyi.com
www34.woaifanyi.com
www41.woaifanyi.com
www31.woaifanyi.com
www46.woaifanyi.com
www47.woaifanyi.com
www48.woaifanyi.com
www84.woaifanyi.com
www9.woaifanyi.com
www93.woaifanyi.com
www24.woaifanyi.com
www80.woaifanyi.com
www20.woaifanyi.com
www15.woaifanyi.com
www72.woaifanyi.com
www16.woaifanyi.com
www63.woaifanyi.com
www64.woaifanyi.com
www49.woaifanyi.com
www26.woaifanyi.com
www8.woaifanyi.com
www11.woaifanyi.com
www43.woaifanyi.com
www12.woaifanyi.com
www102.woaifanyi.com
www35.woaifanyi.com
www100.woaifanyi.com
www3.woaifanyi.com
www92.woaifanyi.com
www108.woaifanyi.com
www110.woaifanyi.com
www36.woaifanyi.com
www76.woaifanyi.com
www1.woaifanyi.com
www23.woaifanyi.com
www112.woaifanyi.com
www67.woaifanyi.com
www4.woaifanyi.com
www28.woaifanyi.com
www22.woaifanyi.com
www98.woaifanyi.com
www42.woaifanyi.com
www81.woaifanyi.com
www56.woaifanyi.com
www75.woaifanyi.com
www10.woaifanyi.com
www7.woaifanyi.com
www94.woaifanyi.com
www5.woaifanyi.com
www6.woaifanyi.com
www107.woaifanyi.com
www27.woaifanyi.com
www39.woaifanyi.com
www77.woaifanyi.com
www78.woaifanyi.com
www79.woaifanyi.com
www38.woaifanyi.com
www37.woaifanyi.com
www73.woaifanyi.com
www85.woaifanyi.com

Subject Issuer	Validity	Valid
woaifanyi.com R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
update.mediamathtag.com R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.futalis.de R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Frame ID: 09AA7AC1AD78C22E5562F60D5F5FC2B6
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/zrt_lookup.html
Frame ID: 24D90F9DD89480E895C1C6363CA0838A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&adk=1812271804&adf=3025194257&lmt=1687357749&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749501&bpp=6&bdt=1957&idt=169&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6897477800713&frm=20&pv=2&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=199
Frame ID: D934B27B198381B15640D8A795539C17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=15&slotname=0442661610&adk=3413680062&adf=126745134&pi=t.ma~as.0442661610&w=468&lmt=1687357749&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749508&bpp=1&bdt=1964&idt=200&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=863&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0DGexA4Y3g&p=https%3A//www2.woaifanyi.com&dtd=208
Frame ID: B9F5FACECD1AE6F91E7E2D0D4D87B95D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=90&slotname=2942693987&adk=3605528669&adf=3372412375&pi=t.ma~as.2942693987&w=728&lmt=1687357749&format=728x90&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749509&bpp=1&bdt=1965&idt=212&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=0442661610&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=263&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=eWN1OH6VqL&p=https%3A//www2.woaifanyi.com&dtd=219
Frame ID: BD8ECC61AC430ED04FFB19FA142D369D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=280&slotname=6604781984&adk=1209252267&adf=2184558861&pi=t.ma~as.6604781984&w=336&lmt=1687357749&format=336x280&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749510&bpp=1&bdt=1966&idt=221&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=0442661610&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=72jiNVS7zc&p=https%3A//www2.woaifanyi.com&dtd=225
Frame ID: 873160A08AFF718925A32E0213728E72
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMfcQE0bwmAAY3OxitmBcFmzxcM7ngLw&u=%7CDrulI9YVC%2FBu8cMJoiV0jlpWAH8dX4QLqERGQKPsAhw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64spgNd3UqY6rORl7qJyQBcHHBFOcE4HdXjq32mLBM_rhMIedkJcMh5KheCOaAuQ9hE14kzXunuKGOFVDTi5zfltIbeH6du3TEpUNv3G8cSduA5PWluaiwdIkxziXBXecOnsrvSzG-Ts1OH4QW3TPHhYIBbHJIMl_PXp7z6SPprSqy-QCrVenhX5Vgo2KKGswEzHrulv4pJS3YPIJuPPrIfBPk-ktWDduGTQRDRAHysXIv3a6tbE4WPZawc6q-7N8AF7PKT7nwRjDj5rX9V1VRhdgf0Eqk-D089D7Q5Udqe6k-SZxPPSEP3LZ_z8k3FqH399yhalTvaXrKGjdKP2vCWNlWJUZ9G5_vSk9SL2VNm1wnb7XrSk9l1MD8VGwexT8fRUXzAV5SYvNJd96HmA_shBF3Skerg7kfCbXhN9xyCaveOSO1u2CmVxcQYb-l68u9jZwq0_-Wz7xp9dKIdKqdQpkbQWFYmcxrDXfBlewiNZO--8fnTI3u66Iy1fNsASDxcn9ziZvnmrtajbFn8S44a2A0O7-c00PhfS-i29vCnNs1Lg_WTmyY8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHHoENQmTZMT7Mab4xtYPu-6Y6APJntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAhjxi0TITrI-qAMBqgTDAU_QQEPGfhqfsLf-Wgop74QPbNjtyj3NO1x3Ac9aSnLQ-c6npFZG4tvTXKv9e2wAvd6jpTTmvb6T40fkfpP6DdjzeoDZFXNBuLm3M4GQNxCW8Ee8yqMwwAyJx-KZWxXDm-e1f4NoHoCzPLNTQddQD0H5UpVbAut080tQOAGa_mjFxy9aeWY2sjh6ALfNCoyyGfJXfVJKMRwyFaNxpAnTTgotbI6uf8Pt3TTEjTYLSGDpPNJSJ9IM87dL2x_v4w09G0Zp5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22G0wU6tirqgcsDPByXkhPaD1TnQ%26client%3Dca-pub-6339460017086194%26adurl%3D
Frame ID: 858A389CAA986E64B782859AA0B0D5D5
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Frame ID: F0BB11C8E68F1BDE3009061865D17F06
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Frame ID: 81952777700708F9BFE25192D9F23A48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Frame ID: E2857501265D9F0E3830666E1C8D6F97
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMAb8E0Y7eAAolZLcxUlo7OrrHIqWHHA&u=%7CDrulI9YVC%2FAG0dqmrEkuQaJlLJKy%2F3jWBou%2BhGBxQ2o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxY1ffthKIvr6fa3BX9hHTmdtv6tLnMPk1p3FwqtrptklQEJjBUVIWPhSsIYoPCOkEgq5YiGh29yOofXWnSPjfTs6Ht-8EgIm5XVka7lO6jtG4_zfaI-aOvwREb3oFRtZ41V2Ocy5SvQRrlXIDACUt2bQROVsaaQZFM6VNXwYObob7HzfrJslQsdMewf3oztON6KzvIxPQUu0poeAchgB80J8vtWnl0SI4uv9GKJboxeZoMNV7GwFVi8xCh-pXBdWJZbU6LPTc4HsmvpXQMP80Fc6FHEcnE4ArY-D1dtkNJeGFGAecAyFKikecYP-GrZKypUzPR6YhDR2t2zpkXflJWd2EN-ujmEK1OonsLN5NbDZf_I686Uq_-VTRIiHI0XB78xVFIFYwAh_X4qTxfSvCB1i1-G9tv1zk1kYS3kI7jaUrtOOlPyxtIgIvP-UHUbwf9dmQlr73kRV-1vDBEhBi__Vwmj1Wx0TulgdhrR1ZYaI67g3amtiXpxrfAgSImsnXnaE_WF_WYoBSnI01fkBe2wOfilmT1-Rc1ojjH22uV2GECcFT7PpFbI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUak6NQmTZL-DMN6dxtYP5MqoyAjJntKxXL3xlPdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAooDYljaUbI-qAMByAMCqgTDAU_QbaPcWC8hRXCuPdoXvs6XfRFEcKCEEIAWYSP-gwaryUrUTnFu8F5jKtCSdQS9WelXeoo-z__o4kQVNQuT0xTN29BKYXVbbI1Srf3Gz9BlT19mMLnjxc3XTzZO4JwPT5THfxwp9U9h3iy_iul617d95O67zXOZhpdZGTdC7_n05svYsh6BSKGsLOvF-gI0ZiwUD-L1cEnuYz9dNXUJ-C9_JNH3R30-KDpVUYr2sx0uhINOu5Zz5FztgTAdrOuhSQiilYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xn5yUJqJwSY1DeaYy8q44jgsYqg%26client%3Dca-pub-6339460017086194%26adurl%3D
Frame ID: 0E6926ED711E5902EFCA7B1C399C5F95
Requests: 26 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOa056UXhOMk10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzcyNzc5NzMyMTU2NTc3NTgvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M1FwWFJ5eUhDaTZYZ0l0WmpITUFZUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDM3Mjc3OTczMjE1NjU3NzU4L2Ftcy8wLzMzMi82OC85OTkvMTYyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY4NzM1Nzc0OS8xNjg3MzcwMzQ5LzQvcHViLTYzMzk0NjAwMTcwODYxOTQv/NCzSiCwF4kLaj97euOjKIRfyivI&nodeid=4025&group=cdg&auctionid=6437277973215657758&pbs_auctionid=6437277973215657758&shardkey=6437277973215657758&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%26client%3Dca-pub-6339460017086194%26adurl%3D
Frame ID: 7F8596B1A333D4444B0499C5E404F8D1
Requests: 34 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMAcEE0Y7eAAolZAMafWxdYVGRD5skCw&u=%7CDrulI9YVC%2FD%2FcoWiUzbo%2F8W2fNgwnRpB9sfWqdf1Hic%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64spgNd3UqY6ZgavdsI-uxjnvngJVOnch1i6T38QDyf_Le6yNFxRA_wvRNi3trX_nzilvzE3ncEVur_Q6HJOdlKkLxCzjEsJbATOhwTAqBdlinLsWF5IrYBEpMjQB5ofAHvIufFXvLaskyirEz-Noz5zshdK1wDcWB19cGfz_0RYobPgx-fQ9T8GALB_X4oP3OeMHGiIpfIr0NKWNeKnqVpCPXjq99FuPHjE4t5sxreE5HstW8BkyhbYJe948aGRpGzCzHf6af_6vubmXZo1LMtHU-dBNUm3fqpkdhtSbN5yXhQOZvuZdKitLLu5A2rKzUIWTMY6oe-yHKoq-uBJgza-tzgQrYMKMM8w0ZDo3YlK2jawtLdq15JdT6O9_2AanpUI9rtXFmmNf7kIJAeW3Zu40TYb-lnqv9HYFN82xx8OTl7pZxFVahjtGrUaQ3_xiqv8FmRBEjHXHshktzoOf4ush76HG_l3jN--8ArgCsyl44SWTJIuoDIDAOgwA_7GCMlwrqExvMub1e19LGu3Q2lSB8xtMb5ETWz4mIGbbY7s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2B8lNQmTZMGDMN6dxtYP5MqoyAjJntKxXL3xlPdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAooDYljaUbI-qAMByAMCqgTEAU_QxJEmiBFywnsNCOZZmfZDTl1t9FKxgzvc32e9LgQzQQtZIbGl5dC1BeNQmiSbhMeP32z_wLe8rY6r9jq6Dbc_3eVrxl-b1YJg9PchquvHnTXCRTFZyCDq4GNFnINYR88hsSeiuk9fTwBtiaDmqIv5KIYe-SZwZC1fktPjW4bJj03y0EuU_SBV95-lCXZyVoJWW5wTq86Gt0ljYNueknbX8fV25j_wHjB_5YfHqPxvPU6g7LJFaIvtn52ja68_QVMIG6-ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MMoH_dvJ0nyx9gxsJwdjOIVM7Zw%26client%3Dca-pub-6339460017086194%26adurl%3D
Frame ID: DDDF48318040ADF837D812D81AE3DC72
Requests: 29 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=13312400084588500951395012362024&t=htlp&gdpr=1&consent=1&gdpr_consent=li
Frame ID: 1D530246C596ACFA8EE3D4931A7DFD17
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 6BF6412254009677297AC2B086247782
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806339182
Frame ID: CACCC3DA75972BA9F19C40F40AABA96E
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
Frame ID: D63C9CF4A8FBCB2B79557B645BDFCFD7
Requests: 9 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/963c7514-2ae6-4b29-a141-59df7b3722b4
Frame ID: 1A770A9FD5311F2F6E09263A7D16FABD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 799674E12DD26ACE04D05F4A5E7215BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6059DC08FB15B96D155C71E067FB4C0E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

恭王府的传奇故事的日语翻译

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

183
Requests

98 %
HTTPS

55 %
IPv6

23
Domains

35
Subdomains

33
IPs

8
Countries

1946 kB
Transfer

3799 kB
Size

10
Cookies

158 Outgoing links

These are links going to different origins than the main page.

URL: https://www.woaifanyi.com/

Search URL Search Domain Scan URL

URL: https://www.ilovetranslation.com/
Title: English

Search URL Search Domain Scan URL

URL: https://fr.ilovetranslation.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://de.ilovetranslation.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://zhcnt.ilovetranslation.com/
Title: 中文(繁体)

Search URL Search Domain Scan URL

URL: https://ja.ilovetranslation.com/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://ko.ilovetranslation.com/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://es.ilovetranslation.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://pt.ilovetranslation.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://ru.ilovetranslation.com/
Title: Русский

Search URL Search Domain Scan URL

URL: https://it.ilovetranslation.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://nl.ilovetranslation.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://el.ilovetranslation.com/
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://ar.ilovetranslation.com/
Title: العربية

Search URL Search Domain Scan URL

URL: https://pl.ilovetranslation.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://ct.ilovetranslation.com/
Title: Català

Search URL Search Domain Scan URL

URL: https://th.ilovetranslation.com/
Title: ภาษาไทย

Search URL Search Domain Scan URL

URL: https://sv.ilovetranslation.com/
Title: Svenska

Search URL Search Domain Scan URL

URL: https://da.ilovetranslation.com/
Title: Dansk

Search URL Search Domain Scan URL

URL: https://fi.ilovetranslation.com/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://id.ilovetranslation.com/
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://vi.ilovetranslation.com/
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://ms.ilovetranslation.com/
Title: Melayu

Search URL Search Domain Scan URL

URL: https://no.ilovetranslation.com/
Title: Norsk

Search URL Search Domain Scan URL

URL: https://cs.ilovetranslation.com/
Title: Čeština

Search URL Search Domain Scan URL

URL: https://fa.ilovetranslation.com/
Title: فارسی

Search URL Search Domain Scan URL

URL: https://www45.woaifanyi.com/
Title: 世界语

Search URL Search Domain Scan URL

URL: https://www17.woaifanyi.com/
Title: 丹麦语

Search URL Search Domain Scan URL

URL: https://www52.woaifanyi.com/
Title: 乌克兰语

Search URL Search Domain Scan URL

URL: https://www88.woaifanyi.com/
Title: 乌兹别克语

Search URL Search Domain Scan URL

URL: https://www65.woaifanyi.com/
Title: 乌尔都语

Search URL Search Domain Scan URL

URL: https://www58.woaifanyi.com/
Title: 亚美尼亚语

Search URL Search Domain Scan URL

URL: https://www89.woaifanyi.com/
Title: 伊博语

Search URL Search Domain Scan URL

URL: https://www19.woaifanyi.com/
Title: 俄语

Search URL Search Domain Scan URL

URL: https://www13.woaifanyi.com/
Title: 保加利亚语

Search URL Search Domain Scan URL

URL: https://www96.woaifanyi.com/
Title: 信德语

Search URL Search Domain Scan URL

URL: https://www99.woaifanyi.com/
Title: 修纳语

Search URL Search Domain Scan URL

URL: https://www97.woaifanyi.com/
Title: 僧伽罗语

Search URL Search Domain Scan URL

URL: https://www70.woaifanyi.com/
Title: 克林贡语

Search URL Search Domain Scan URL

URL: https://www32.woaifanyi.com/
Title: 克罗地亚语

Search URL Search Domain Scan URL

URL: https://www14.woaifanyi.com/
Title: 冰岛语

Search URL Search Domain Scan URL

URL: https://www29.woaifanyi.com/
Title: 加利西亚语

Search URL Search Domain Scan URL

URL: https://www30.woaifanyi.com/
Title: 加泰罗尼亚语

Search URL Search Domain Scan URL

URL: https://www57.woaifanyi.com/
Title: 匈牙利语

Search URL Search Domain Scan URL

URL: https://www82.woaifanyi.com/
Title: 南非祖鲁语

Search URL Search Domain Scan URL

URL: https://www114.woaifanyi.com/
Title: 南非科萨语

Search URL Search Domain Scan URL

URL: https://www62.woaifanyi.com/
Title: 卡纳达语

Search URL Search Domain Scan URL

URL: https://www95.woaifanyi.com/
Title: 卢旺达语

Search URL Search Domain Scan URL

URL: https://www105.woaifanyi.com/
Title: 卢森堡语

Search URL Search Domain Scan URL

URL: https://www61.woaifanyi.com/
Title: 印地语

Search URL Search Domain Scan URL

URL: https://www90.woaifanyi.com/
Title: 印尼巽他语

Search URL Search Domain Scan URL

URL: https://www91.woaifanyi.com/
Title: 印尼爪哇语

Search URL Search Domain Scan URL

URL: https://www66.woaifanyi.com/
Title: 印尼语

Search URL Search Domain Scan URL

URL: https://www25.woaifanyi.com/
Title: 古吉拉特语

Search URL Search Domain Scan URL

URL: https://www103.woaifanyi.com/
Title: 吉尔吉斯语

Search URL Search Domain Scan URL

URL: https://www74.woaifanyi.com/
Title: 哈萨克语

Search URL Search Domain Scan URL

URL: https://www106.woaifanyi.com/
Title: 土库曼语

Search URL Search Domain Scan URL

URL: https://www50.woaifanyi.com/
Title: 土耳其语

Search URL Search Domain Scan URL

URL: https://www104.woaifanyi.com/
Title: 塔吉克语

Search URL Search Domain Scan URL

URL: https://www44.woaifanyi.com/
Title: 塞尔维亚语

Search URL Search Domain Scan URL

URL: https://www86.woaifanyi.com/
Title: 塞索托语

Search URL Search Domain Scan URL

URL: https://www109.woaifanyi.com/
Title: 夏威夷语

Search URL Search Domain Scan URL

URL: https://www113.woaifanyi.com/
Title: 奥利亚语

Search URL Search Domain Scan URL

URL: https://www51.woaifanyi.com/
Title: 威尔士语

Search URL Search Domain Scan URL

URL: https://www40.woaifanyi.com/
Title: 孟加拉语

Search URL Search Domain Scan URL

URL: https://www87.woaifanyi.com/
Title: 宿务语

Search URL Search Domain Scan URL

URL: https://www83.woaifanyi.com/
Title: 尼泊尔语

Search URL Search Domain Scan URL

URL: https://www55.woaifanyi.com/
Title: 巴斯克语

Search URL Search Domain Scan URL

URL: https://www21.woaifanyi.com/
Title: 布尔语(南非荷兰语)

Search URL Search Domain Scan URL

URL: https://www53.woaifanyi.com/
Title: 希伯来语

Search URL Search Domain Scan URL

URL: https://www54.woaifanyi.com/
Title: 希腊语

Search URL Search Domain Scan URL

URL: https://www101.woaifanyi.com/
Title: 库尔德语

Search URL Search Domain Scan URL

URL: https://www111.woaifanyi.com/
Title: 弗里西语

Search URL Search Domain Scan URL

URL: https://www18.woaifanyi.com/
Title: 德语

Search URL Search Domain Scan URL

URL: https://www59.woaifanyi.com/
Title: 意大利语

Search URL Search Domain Scan URL

URL: https://www60.woaifanyi.com/
Title: 意第绪语

Search URL Search Domain Scan URL

URL: https://www33.woaifanyi.com/
Title: 拉丁语

Search URL Search Domain Scan URL

URL: https://www34.woaifanyi.com/
Title: 拉脱维亚语

Search URL Search Domain Scan URL

URL: https://www41.woaifanyi.com/
Title: 挪威语

Search URL Search Domain Scan URL

URL: https://www31.woaifanyi.com/
Title: 捷克语

Search URL Search Domain Scan URL

URL: https://www46.woaifanyi.com/
Title: 斯洛伐克语

Search URL Search Domain Scan URL

URL: https://www47.woaifanyi.com/
Title: 斯洛文尼亚语

Search URL Search Domain Scan URL

URL: https://www48.woaifanyi.com/
Title: 斯瓦希里语

Search URL Search Domain Scan URL

URL: https://www84.woaifanyi.com/
Title: 旁遮普语

Search URL Search Domain Scan URL

URL: https://www9.woaifanyi.com/
Title: 日语

Search URL Search Domain Scan URL

URL: https://www93.woaifanyi.com/
Title: 普什图语

Search URL Search Domain Scan URL

URL: https://www24.woaifanyi.com/
Title: 格鲁吉亚语

Search URL Search Domain Scan URL

URL: https://www80.woaifanyi.com/
Title: 毛利语

Search URL Search Domain Scan URL

URL: https://www20.woaifanyi.com/
Title: 法语

Search URL Search Domain Scan URL

URL: https://www15.woaifanyi.com/
Title: 波兰语

Search URL Search Domain Scan URL

URL: https://www72.woaifanyi.com/
Title: 波斯尼亚语

Search URL Search Domain Scan URL

URL: https://www16.woaifanyi.com/
Title: 波斯语

Search URL Search Domain Scan URL

URL: https://www63.woaifanyi.com/
Title: 泰卢固语

Search URL Search Domain Scan URL

URL: https://www64.woaifanyi.com/
Title: 泰米尔语

Search URL Search Domain Scan URL

URL: https://www49.woaifanyi.com/
Title: 泰语

Search URL Search Domain Scan URL

URL: https://www26.woaifanyi.com/
Title: 海地克里奥尔语

Search URL Search Domain Scan URL

URL: https://www8.woaifanyi.com/
Title: 爱尔兰语

Search URL Search Domain Scan URL

URL: https://www11.woaifanyi.com/
Title: 爱沙尼亚语

Search URL Search Domain Scan URL

URL: https://www43.woaifanyi.com/
Title: 瑞典语

Search URL Search Domain Scan URL

URL: https://www12.woaifanyi.com/
Title: 白俄罗斯语

Search URL Search Domain Scan URL

URL: https://www102.woaifanyi.com/
Title: 科西嘉语

Search URL Search Domain Scan URL

URL: https://www35.woaifanyi.com/
Title: 立陶宛语

Search URL Search Domain Scan URL

URL: https://www100.woaifanyi.com/
Title: 索马里语

Search URL Search Domain Scan URL

URL: https://www3.woaifanyi.com/
Title: 繁体中文

Search URL Search Domain Scan URL

URL: https://www92.woaifanyi.com/
Title: 约鲁巴语

Search URL Search Domain Scan URL

URL: https://www108.woaifanyi.com/
Title: 维吾尔语

Search URL Search Domain Scan URL

URL: https://www110.woaifanyi.com/
Title: 缅甸语

Search URL Search Domain Scan URL

URL: https://www36.woaifanyi.com/
Title: 罗马尼亚语

Search URL Search Domain Scan URL

URL: https://www76.woaifanyi.com/
Title: 老挝语

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/
Title: 自动识别

Search URL Search Domain Scan URL

URL: https://www23.woaifanyi.com/
Title: 芬兰语

Search URL Search Domain Scan URL

URL: https://www112.woaifanyi.com/
Title: 苏格兰盖尔语

Search URL Search Domain Scan URL

URL: https://www67.woaifanyi.com/
Title: 苗语

Search URL Search Domain Scan URL

URL: https://www4.woaifanyi.com/
Title: 英语

Search URL Search Domain Scan URL

URL: https://www28.woaifanyi.com/
Title: 荷兰语

Search URL Search Domain Scan URL

URL: https://www22.woaifanyi.com/
Title: 菲律宾语

Search URL Search Domain Scan URL

URL: https://www98.woaifanyi.com/
Title: 萨摩亚语

Search URL Search Domain Scan URL

URL: https://www42.woaifanyi.com/
Title: 葡萄牙语

Search URL Search Domain Scan URL

URL: https://www81.woaifanyi.com/
Title: 蒙古语

Search URL Search Domain Scan URL

URL: https://www56.woaifanyi.com/
Title: 西班牙语

Search URL Search Domain Scan URL

URL: https://www75.woaifanyi.com/
Title: 豪萨语

Search URL Search Domain Scan URL

URL: https://www10.woaifanyi.com/
Title: 越南语

Search URL Search Domain Scan URL

URL: https://www7.woaifanyi.com/
Title: 阿塞拜疆语

Search URL Search Domain Scan URL

URL: https://www94.woaifanyi.com/
Title: 阿姆哈拉语

Search URL Search Domain Scan URL

URL: https://www5.woaifanyi.com/
Title: 阿尔巴尼亚语

Search URL Search Domain Scan URL

URL: https://www6.woaifanyi.com/
Title: 阿拉伯语

Search URL Search Domain Scan URL

URL: https://www107.woaifanyi.com/
Title: 鞑靼语

Search URL Search Domain Scan URL

URL: https://www27.woaifanyi.com/
Title: 韩语

Search URL Search Domain Scan URL

URL: https://www39.woaifanyi.com/
Title: 马其顿语

Search URL Search Domain Scan URL

URL: https://www77.woaifanyi.com/
Title: 马尔加什语

Search URL Search Domain Scan URL

URL: https://www78.woaifanyi.com/
Title: 马拉地语

Search URL Search Domain Scan URL

URL: https://www79.woaifanyi.com/
Title: 马拉雅拉姆语

Search URL Search Domain Scan URL

URL: https://www38.woaifanyi.com/
Title: 马来语

Search URL Search Domain Scan URL

URL: https://www37.woaifanyi.com/
Title: 马耳他语

Search URL Search Domain Scan URL

URL: https://www73.woaifanyi.com/
Title: 高棉语

Search URL Search Domain Scan URL

URL: https://www85.woaifanyi.com/
Title: 齐切瓦语

Search URL Search Domain Scan URL

URL: https://www49.woaifanyi.com/krlByuwWwFu=d/
Title: D1ผิวขาวชมพูD2ผิวขาวเหลืองD3ผิวสองสี

Search URL Search Domain Scan URL

URL: https://www4.woaifanyi.com/WP64F9QnoYX=d/
Title: the incarnational habitat

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/joBUn_N8XwD=d/
Title: tube

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/58gip4N6jcS=d/
Title: ソフトスタ－ト

Search URL Search Domain Scan URL

URL: https://www66.woaifanyi.com/0QCeQIspEW1=d/
Title: nomor botol uji apa nyonya?

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/2abLUO3y-IA=d/
Title: he dubious Liber numerorum

Search URL Search Domain Scan URL

URL: https://www18.woaifanyi.com/bCufQgq4S6S=d/
Title: BLACK/BLUE

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/bJFScKd5zgu=d/
Title: 我的一辈子

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/vdaHOyWoqdZ=d/
Title: 잠 이 깼 어 요?

Search URL Search Domain Scan URL

URL: https://www49.woaifanyi.com/bnUABw3BfrW=d/
Title: ใหญ่ - เล็กBหลวม - คับCแพง -ถูกDสวย-น่าด

Search URL Search Domain Scan URL

URL: https://www59.woaifanyi.com/eeXZNP44MVA=d/
Title: I preservativi Control Non Stop Dots & L

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/DQqMX_RpAYB=d/
Title: これからはあなたが娘です。

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/OOPYhATxQkW=d/
Title: Uibsangs

Search URL Search Domain Scan URL

URL: https://www4.woaifanyi.com/UCa2CidikID=d/
Title: q the incarnational habitat

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/zw807IBjOBD=d/
Title: 李丽

Search URL Search Domain Scan URL

URL: https://www9.woaifanyi.com/y2xNKL8XrFZ=d/
Title: 四月開始予定

Search URL Search Domain Scan URL

URL: https://www4.woaifanyi.com/0VNCM20pXX1=d/
Title: Now US anti-dumping, the market is out o

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/HXhdmy67V2A=d/
Title: Kitchen cleaning towel thickened

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/LOeA6gEkbBA=d/
Title: 云南省园林行业龙头企业

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/W-u7gTpXS5l=d/
Title: 你很弱

Search URL Search Domain Scan URL

URL: https://www1.woaifanyi.com/Cbrx3tGoxgW=d/
Title: C向

Search URL Search Domain Scan URL

URL: https://www.woaifanyi.com/mp/
Title: right

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=13312400084588500951395012362024&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806339182

Request Chain 120

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=13312400084588500951395012362024&t=htlp&gdpr=1&consent=1&gdpr_consent=li HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=13312400084588500951395012362024&t=htlp&gdpr=1&consent=1&gdpr_consent=li

183 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www2.woaifanyi.com/8dHOITnUs3u=d/ 28 KB
7 KB 1529ms
242ms Document
text/html 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

95b1406e585d6e59aa12b4f764e9f5c9f12e84d480eb8cb90a874ef2b383abf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 14:29:07 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 css.css
wwwimg.woaifanyi.com/pic/css/ 8 KB
3 KB 1305ms
236ms Stylesheet
text/css 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/pic/css/css.css?v=f10cac9e88d25864_8505
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 546c56ff3242eab01eb921de6398eaa8787d55adfb6ba20c79a9436c93731684

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:08 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 09:20:45 GMT
server: nginx
etag: W/"64916f6d-2139"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 20 Jun 2024 14:29:08 GMT

GET
H2 200 js.js Show response
wwwimg.woaifanyi.com/pic/ 20 KB
6 KB 1536ms
468ms Script
application/javascript 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/pic/js.js?v=29042b4b6483aee7_20363
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 838fa817dabee63a6a4710b8713344c707194b647d6e7d6e8f4074c5d03b448f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:08 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 02:38:50 GMT
server: nginx
etag: W/"649262ba-4f8b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 20 Jun 2024 14:29:08 GMT

GET
H2 200 g_run.js Show response
wwwimg.woaifanyi.com/pic/ 2 KB
956 B 1305ms
237ms Script
application/javascript 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/pic/g_run.js?v=3644b9e6ed457592_1741
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 92f8f61d645b357028b65d38356ec2e2fb3b6b5012ad831f96ebdc310a0931dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:08 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2016 08:03:29 GMT
server: nginx
etag: W/"574d4551-6cd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 20 Jun 2024 14:29:08 GMT

GET
H2 200 clipboard.min.js Show response
wwwimg.woaifanyi.com/pic/clipboard-2.0.4/ 10 KB
4 KB 1305ms
237ms Script
application/javascript 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/pic/clipboard-2.0.4/clipboard.min.js?v=706cd13a826378af_10645
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: c751a74fa44ae281a9385bf6b7cdfdd7158b0c8630c04d58fbf24d74fc795bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:08 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 10:53:20 GMT
server: nginx
etag: W/"5de4ed20-2995"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 20 Jun 2024 14:29:08 GMT

GET
H2 200 g.js Show response
wwwimg.woaifanyi.com/_data/woaifanyi_com_www/pic/js/ 2 KB
820 B 1536ms
468ms Script
application/javascript 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/_data/woaifanyi_com_www/pic/js/g.js?v=253f74901ef7165e_2302
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: bac1b00e0e7b220c23a48e29f49dba7f3f8d7999dbaa8dbb338492231ce27019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:08 GMT
content-encoding: gzip
last-modified: Sun, 08 Jul 2018 19:26:30 GMT
server: nginx
etag: W/"5b426566-8fe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 20 Jun 2024 14:29:08 GMT

GET
H2 200 logo.gif
wwwimg.woaifanyi.com/_data/woaifanyi_com_www/pic/ 3 KB
3 KB 234ms
234ms Image
image/gif 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wwwimg.woaifanyi.com/_data/woaifanyi_com_www/pic/logo.gif?v=0233e32c8f0f83be_2144
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 666bff3c55e70f3fc6b26e26963b3fbd15b911dde192272b5e3b3b42072ee365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
last-modified: Thu, 16 Aug 2012 01:38:00 GMT
server: nginx
etag: "502c4ef8-a38"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2616
expires: Thu, 20 Jun 2024 14:29:09 GMT

GET
H2 200 toolbar-swaplp-normal.gif
wwwimg.woaifanyi.com/pic/toolbar-swaplp/ 194 B
539 B 235ms
232ms Image
image/gif 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wwwimg.woaifanyi.com/pic/toolbar-swaplp/toolbar-swaplp-normal.gif?v=125603726730faf6_178
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: a8a71e8bb42d91d5bfd60d6281e20f457fbe729042736be5cb8b87dbf70156c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
last-modified: Sat, 11 Aug 2012 07:29:00 GMT
server: nginx
etag: "502609bc-c2"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 194
expires: Thu, 20 Jun 2024 14:29:09 GMT

GET
H2 200 loading_3.gif
wwwimg.woaifanyi.com/pic/ 11 KB
11 KB 235ms
233ms Image
image/gif 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wwwimg.woaifanyi.com/pic/loading_3.gif?v=b9814dd30c1d7c59_8619
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3ffa85f47aa93c673d71a4d3392f698ae010a55a063bfaabedc35a22589dca42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
last-modified: Fri, 09 Nov 2012 07:25:55 GMT
server: nginx
etag: "509cb003-2a5f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 10847
expires: Thu, 20 Jun 2024 14:29:09 GMT

GET
H2 200 dibulogo.gif
wwwimg.woaifanyi.com/pic/ 2 KB
2 KB 236ms
234ms Image
image/gif 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wwwimg.woaifanyi.com/pic/dibulogo.gif?v=dba66b741d7aed1d_1644
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 7506ee85b5b2f14ffcdce2f19784c52fffd10a40aa439b2571e9b2b5412f720a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
last-modified: Tue, 17 Jul 2012 12:07:00 GMT
server: nginx
etag: "50055564-7db"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 2011
expires: Thu, 20 Jun 2024 14:29:09 GMT

GET
H2 200 lxfs.js Show response
wwwimg.woaifanyi.com/pic/ 358 B
713 B 241ms
235ms Script
application/javascript 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/pic/lxfs.js?v=ad0e583c035350df_358
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: f89086b509b7c420d672b21815723fe0516021c0eb2d171a406a749c30f4abd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
last-modified: Thu, 04 Jul 2013 19:19:17 GMT
server: nginx
etag: "51d5cab5-166"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 358
expires: Thu, 20 Jun 2024 14:29:09 GMT

GET
H2 200 tongji.js Show response
wwwimg.woaifanyi.com/_data/woaifanyi_com_www/pic/js/ 222 B
577 B 234ms
233ms Script
application/javascript 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/_data/woaifanyi_com_www/pic/js/tongji.js?v=02fe746987187426_222
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: d63e925cd5fcbdfbd12b35790373a3cce288906f66032a401fd612b31a3d204a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
last-modified: Sun, 25 Dec 2016 10:42:00 GMT
server: nginx
etag: "585fa278-de"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 222
expires: Thu, 20 Jun 2024 14:29:09 GMT

GET
H2 200 1104.css
wwwimg.woaifanyi.com/pic/css/ 305 B
650 B 239ms
234ms Stylesheet
text/css 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/pic/css/1104.css?v=19082708
Requested by: Host: wwwimg.woaifanyi.com
URL: https://wwwimg.woaifanyi.com/pic/js.js?v=29042b4b6483aee7_20363
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 63b9cf945c742d71d9e9879a9c07ee7d2fd6e0418caefcc81d63e7958602f32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
last-modified: Mon, 01 Sep 2014 09:49:22 GMT
server: nginx
etag: "54044122-131"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 305
expires: Thu, 20 Jun 2024 14:29:09 GMT

GET
H2 200 sj.css
wwwimg.woaifanyi.com/pic/css/ 544 B
889 B 236ms
234ms Stylesheet
text/css 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwwimg.woaifanyi.com/pic/css/sj.css?v=19082708
Requested by: Host: wwwimg.woaifanyi.com
URL: https://wwwimg.woaifanyi.com/pic/js.js?v=29042b4b6483aee7_20363
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: eee12aa2bf214b1bc0f4c10ffa4f665062f3f7745450dba1b96540f24bd77703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
last-modified: Mon, 01 Sep 2014 10:07:51 GMT
server: nginx
etag: "54044577-220"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 544
expires: Thu, 20 Jun 2024 14:29:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 127ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wwwimg.woaifanyi.com
URL: https://wwwimg.woaifanyi.com/pic/g_run.js?v=3644b9e6ed457592_1741

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91156631039b8716b523c0766ddff8e45b7a5d2a78460d20b2abb85f670a1bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48964
x-xss-protection: 0
server: cafe
etag: 17057140413621674891
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 14:29:09 GMT

GET
H2 200 all.png
wwwimg.woaifanyi.com/pic/ 6 KB
6 KB 995ms
994ms Image
image/png 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wwwimg.woaifanyi.com/pic/all.png?v=15110905
Requested by: Host: wwwimg.woaifanyi.com
URL: https://wwwimg.woaifanyi.com/pic/css/css.css?v=f10cac9e88d25864_8505
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: d18d5324840925a7813c05b697f8c89a4217c9a815b6576798b33a9b9f5fdbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wwwimg.woaifanyi.com/pic/css/css.css?v=f10cac9e88d25864_8505
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
last-modified: Tue, 30 Mar 2021 16:34:25 GMT
server: nginx
etag: "60635311-16a2"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 5794
expires: Thu, 20 Jun 2024 14:29:10 GMT

GET
H2 200 hx.png
wwwimg.woaifanyi.com/pic/ 945 B
1 KB 943ms
942ms Image
image/png 121.199.52.95
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wwwimg.woaifanyi.com/pic/hx.png
Requested by: Host: wwwimg.woaifanyi.com
URL: https://wwwimg.woaifanyi.com/pic/css/css.css?v=f10cac9e88d25864_8505
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 121.199.52.95 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2264e211069dffe63d38c2362c1ee942c680feab21ce1c3430d3baf0f862ce7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wwwimg.woaifanyi.com/pic/css/css.css?v=f10cac9e88d25864_8505
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
last-modified: Tue, 17 Jul 2012 08:35:00 GMT
server: nginx
etag: "500523b4-3b1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 945
expires: Thu, 20 Jun 2024 14:29:10 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/ 345 KB
119 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6339460017086194&plah=www2.woaifanyi.com&bust=31075511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51417b15a5ffce0339b61a579144effabcc5266aacde344cbc6740f8654235cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121313
x-xss-protection: 0
server: cafe
etag: 10263170075250136735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 14:29:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/ Frame 24D9 10 KB
5 KB 46ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 21:26:01 GMT
etag: 15057649708203361565
expires: Tue, 04 Jul 2023 21:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1275ms
335ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?5899173c4bb390c78c9ffd1e2846117d

Requested by

Host: wwwimg.woaifanyi.com
URL: https://wwwimg.woaifanyi.com/_data/woaifanyi_com_www/pic/js/tongji.js?v=02fe746987187426_222

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

7890d89931c5f13a7f07ac68a9fe0eb7a3548fffa31f50eacec1079f16bde8bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: b34f94e879b58eae7f291a8ac5c67ce5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11261

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
603 B 65ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www2.woaifanyi.com&callback=_gfp_s_&client=ca-pub-6339460017086194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6339460017086194&plah=www2.woaifanyi.com&bust=31075511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebc5c643765c2364cb327b5d2238502bde5b1a0f0845d46e0dfc3298001fd098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 61ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.woaifanyi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D934 162 KB
34 KB 545ms
543ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&adk=1812271804&adf=3025194257&lmt=1687357749&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749501&bpp=6&bdt=1957&idt=169&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6897477800713&frm=20&pv=2&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=199

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9252536b0614218c38beeeaad84d7b51699063949f59b1bb60574c10801024eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:29:10 GMT
expires: Wed, 21 Jun 2023 14:29:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9F5 603 B
245 B 148ms
144ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=15&slotname=0442661610&adk=3413680062&adf=126745134&pi=t.ma~as.0442661610&w=468&lmt=1687357749&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749508&bpp=1&bdt=1964&idt=200&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=863&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0DGexA4Y3g&p=https%3A//www2.woaifanyi.com&dtd=208

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:29:09 GMT
expires: Wed, 21 Jun 2023 14:29:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD8E 436 B
235 B 318ms
316ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=90&slotname=2942693987&adk=3605528669&adf=3372412375&pi=t.ma~as.2942693987&w=728&lmt=1687357749&format=728x90&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749509&bpp=1&bdt=1965&idt=212&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=0442661610&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=263&ady=461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=eWN1OH6VqL&p=https%3A//www2.woaifanyi.com&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07751a4452d90de30097d712748254e9e63715762d020eab8f4d9a6d56912240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:29:10 GMT
expires: Wed, 21 Jun 2023 14:29:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8731 33 KB
13 KB 383ms
382ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=280&slotname=6604781984&adk=1209252267&adf=2184558861&pi=t.ma~as.6604781984&w=336&lmt=1687357749&format=336x280&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749510&bpp=1&bdt=1966&idt=221&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=0442661610&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=72jiNVS7zc&p=https%3A//www2.woaifanyi.com&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c723ebf2a6cc8c3d06a8a923bc4f1f45b11cb21bde7fa3cff18673a07dff7f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13624
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:29:10 GMT
expires: Wed, 21 Jun 2023 14:29:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 8731 3 KB
1 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=280&slotname=6604781984&adk=1209252267&adf=2184558861&pi=t.ma~as.6604781984&w=336&lmt=1687357749&format=336x280&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749510&bpp=1&bdt=1966&idt=221&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=0442661610&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=72jiNVS7zc&p=https%3A//www2.woaifanyi.com&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 10:30:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 8731 19 KB
8 KB 69ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:10:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8731 178 KB
56 KB 391ms
339ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 14:29:10 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 858A 152 KB
51 KB 200ms
83ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMfcQE0bwmAAY3OxitmBcFmzxcM7ngLw&u=%7CDrulI9YVC%2FBu8cMJoiV0jlpWAH8dX4QLqERGQKPsAhw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64spgNd3UqY6rORl7qJyQBcHHBFOcE4HdXjq32mLBM_rhMIedkJcMh5KheCOaAuQ9hE14kzXunuKGOFVDTi5zfltIbeH6du3TEpUNv3G8cSduA5PWluaiwdIkxziXBXecOnsrvSzG-Ts1OH4QW3TPHhYIBbHJIMl_PXp7z6SPprSqy-QCrVenhX5Vgo2KKGswEzHrulv4pJS3YPIJuPPrIfBPk-ktWDduGTQRDRAHysXIv3a6tbE4WPZawc6q-7N8AF7PKT7nwRjDj5rX9V1VRhdgf0Eqk-D089D7Q5Udqe6k-SZxPPSEP3LZ_z8k3FqH399yhalTvaXrKGjdKP2vCWNlWJUZ9G5_vSk9SL2VNm1wnb7XrSk9l1MD8VGwexT8fRUXzAV5SYvNJd96HmA_shBF3Skerg7kfCbXhN9xyCaveOSO1u2CmVxcQYb-l68u9jZwq0_-Wz7xp9dKIdKqdQpkbQWFYmcxrDXfBlewiNZO--8fnTI3u66Iy1fNsASDxcn9ziZvnmrtajbFn8S44a2A0O7-c00PhfS-i29vCnNs1Lg_WTmyY8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHHoENQmTZMT7Mab4xtYPu-6Y6APJntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAhjxi0TITrI-qAMBqgTDAU_QQEPGfhqfsLf-Wgop74QPbNjtyj3NO1x3Ac9aSnLQ-c6npFZG4tvTXKv9e2wAvd6jpTTmvb6T40fkfpP6DdjzeoDZFXNBuLm3M4GQNxCW8Ee8yqMwwAyJx-KZWxXDm-e1f4NoHoCzPLNTQddQD0H5UpVbAut080tQOAGa_mjFxy9aeWY2sjh6ALfNCoyyGfJXfVJKMRwyFaNxpAnTTgotbI6uf8Pt3TTEjTYLSGDpPNJSJ9IM87dL2x_v4w09G0Zp5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22G0wU6tirqgcsDPByXkhPaD1TnQ%26client%3Dca-pub-6339460017086194%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

10cb4770e50d81a183db600e2b32bde90f843d732ad7bd98c8cd677b9407aa02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:29:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=cbRO8q0IAUqTgt12TWM_HrPrFupYkUW_yqCnj80XqOn7mWIzLVVnYVqqJIOUsrdG-3habgYwrd0veJZfsNRJpDDtQPokzTWFxfPFbb0rR4W8z-6p2uhdp_u6g_4Fe-8d0kHnZJWyYWU8y7aVcfrP8l6LsP_fowESYc1AZls25bmJDlll1DEYxSfeWU4i5VIDjv7TO-qGqDIRebHh3qnl5F9dWoBFE4KkU47sAJnKnSSxTwEccF9t15P-v85Gkr5D6Bx-ZQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 57688664
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 8731 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1039404b97848cc0f6148d3fea1b12fa92189d6986c606c9ff3189080daa4aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/ 155 KB
52 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306200101/reactive_library_fy2021.js?bust=31075511

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffa3391d221eafa684f8a16ebbc0e1c7c77215c456b3580cac499acc35a54e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53683
x-xss-protection: 0
server: cafe
etag: 5850762238231914172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 14:29:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 26ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www2.woaifanyi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/ Frame F0BB 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 22:54:13 GMT
etag: 15057649708203361565
expires: Tue, 04 Jul 2023 22:54:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/ Frame 8195 10 KB
4 KB 12ms
11ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 22:54:13 GMT
etag: 15057649708203361565
expires: Tue, 04 Jul 2023 22:54:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/ Frame E285 10 KB
4 KB 10ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 22:54:13 GMT
etag: 15057649708203361565
expires: Tue, 04 Jul 2023 22:54:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 858A 2 KB
1 KB 69ms
10ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMfcQE0bwmAAY3OxitmBcFmzxcM7ngLw&u=%7CDrulI9YVC%2FBu8cMJoiV0jlpWAH8dX4QLqERGQKPsAhw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64spgNd3UqY6rORl7qJyQBcHHBFOcE4HdXjq32mLBM_rhMIedkJcMh5KheCOaAuQ9hE14kzXunuKGOFVDTi5zfltIbeH6du3TEpUNv3G8cSduA5PWluaiwdIkxziXBXecOnsrvSzG-Ts1OH4QW3TPHhYIBbHJIMl_PXp7z6SPprSqy-QCrVenhX5Vgo2KKGswEzHrulv4pJS3YPIJuPPrIfBPk-ktWDduGTQRDRAHysXIv3a6tbE4WPZawc6q-7N8AF7PKT7nwRjDj5rX9V1VRhdgf0Eqk-D089D7Q5Udqe6k-SZxPPSEP3LZ_z8k3FqH399yhalTvaXrKGjdKP2vCWNlWJUZ9G5_vSk9SL2VNm1wnb7XrSk9l1MD8VGwexT8fRUXzAV5SYvNJd96HmA_shBF3Skerg7kfCbXhN9xyCaveOSO1u2CmVxcQYb-l68u9jZwq0_-Wz7xp9dKIdKqdQpkbQWFYmcxrDXfBlewiNZO--8fnTI3u66Iy1fNsASDxcn9ziZvnmrtajbFn8S44a2A0O7-c00PhfS-i29vCnNs1Lg_WTmyY8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHHoENQmTZMT7Mab4xtYPu-6Y6APJntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAhjxi0TITrI-qAMBqgTDAU_QQEPGfhqfsLf-Wgop74QPbNjtyj3NO1x3Ac9aSnLQ-c6npFZG4tvTXKv9e2wAvd6jpTTmvb6T40fkfpP6DdjzeoDZFXNBuLm3M4GQNxCW8Ee8yqMwwAyJx-KZWxXDm-e1f4NoHoCzPLNTQddQD0H5UpVbAut080tQOAGa_mjFxy9aeWY2sjh6ALfNCoyyGfJXfVJKMRwyFaNxpAnTTgotbI6uf8Pt3TTEjTYLSGDpPNJSJ9IM87dL2x_v4w09G0Zp5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_22G0wU6tirqgcsDPByXkhPaD1TnQ%26client%3Dca-pub-6339460017086194%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 858A 2 KB
1 KB 79ms
21ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 858A 308 B
636 B 54ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 858A 293 B
621 B 54ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 858A 43 B
348 B 170ms
22ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CkVTAx6ddoJL-Ko4iL9Z_T1A99fEMnPzwLm6N6UnC1Nfi0HG-bd0q1BrrKAt1IOC-ITodH7avu-wRYeEXUMPjQPWt2Tq5ZyzHG3pt82UXY2TLdEwNGpkmK2h2VKwT-0DLLhUg0wTHuw-mQKj5IA4k1KfOr5Cr_qma-A8h3JIyrGcyuSyCcsEuX5JfJDxBSlqixymsjtPTG143FhNLj3Sk77HzlIfF0jZNJCgxnW11yJK11g8ebrIp9gNcl3sEctTYxXmP91bZ8eAROCe72ELVmMHmKKfD7j-L1OCFKoyOsdDbmolc33Q3kwr8FdjYvu6B3Vmq2qkwPXdp6-BIXUY93k8PA2OkDCDl0ZcTRy3F0E-auxwa--QgOhpsZKQoCBKzJ1zvofnxoYT3Pxtjq-auJQ7FoIfU0NzLevI4XGHPJ5jfgFC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2023984
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 858A 12 KB
5 KB 95ms
0ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1030180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LfLSAS95i%2FlnLMeI%2B9QraWs1mMa2R6qjejaQ7pr%2F1t3UOUdEjYHgSRxYCJ15tItsiOSkFansDZAJub1H3HfjP%2BMMGkG9hggrQ7O%2B6zerWKDQCDE%2FoWikSKnk28easJiw1gFEo2ZZgeBhFghi1kDqt3C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7dacf134bbaf1e6e-FRA
expires: Mon, 10 Jun 2024 14:29:10 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 858A 12 KB
6 KB 54ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 858A 46 KB
46 KB 154ms
36ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 858A 38 KB
38 KB 128ms
10ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0E69 147 KB
49 KB 148ms
74ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMAb8E0Y7eAAolZLcxUlo7OrrHIqWHHA&u=%7CDrulI9YVC%2FAG0dqmrEkuQaJlLJKy%2F3jWBou%2BhGBxQ2o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxY1ffthKIvr6fa3BX9hHTmdtv6tLnMPk1p3FwqtrptklQEJjBUVIWPhSsIYoPCOkEgq5YiGh29yOofXWnSPjfTs6Ht-8EgIm5XVka7lO6jtG4_zfaI-aOvwREb3oFRtZ41V2Ocy5SvQRrlXIDACUt2bQROVsaaQZFM6VNXwYObob7HzfrJslQsdMewf3oztON6KzvIxPQUu0poeAchgB80J8vtWnl0SI4uv9GKJboxeZoMNV7GwFVi8xCh-pXBdWJZbU6LPTc4HsmvpXQMP80Fc6FHEcnE4ArY-D1dtkNJeGFGAecAyFKikecYP-GrZKypUzPR6YhDR2t2zpkXflJWd2EN-ujmEK1OonsLN5NbDZf_I686Uq_-VTRIiHI0XB78xVFIFYwAh_X4qTxfSvCB1i1-G9tv1zk1kYS3kI7jaUrtOOlPyxtIgIvP-UHUbwf9dmQlr73kRV-1vDBEhBi__Vwmj1Wx0TulgdhrR1ZYaI67g3amtiXpxrfAgSImsnXnaE_WF_WYoBSnI01fkBe2wOfilmT1-Rc1ojjH22uV2GECcFT7PpFbI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUak6NQmTZL-DMN6dxtYP5MqoyAjJntKxXL3xlPdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAooDYljaUbI-qAMByAMCqgTDAU_QbaPcWC8hRXCuPdoXvs6XfRFEcKCEEIAWYSP-gwaryUrUTnFu8F5jKtCSdQS9WelXeoo-z__o4kQVNQuT0xTN29BKYXVbbI1Srf3Gz9BlT19mMLnjxc3XTzZO4JwPT5THfxwp9U9h3iy_iul617d95O67zXOZhpdZGTdC7_n05svYsh6BSKGsLOvF-gI0ZiwUD-L1cEnuYz9dNXUJ-C9_JNH3R30-KDpVUYr2sx0uhINOu5Zz5FztgTAdrOuhSQiilYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xn5yUJqJwSY1DeaYy8q44jgsYqg%26client%3Dca-pub-6339460017086194%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c26176de20958922c138833a3fef59f6eb7257c9df62394efb5fd2cb885f9775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:29:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=H2kf5a0IAUqTgt12LK2Ifnpr-JybcDokkgCOcpHCzdndyUlwiJqQpxOT_DD-OAHqcpEngri9_mAqMksSMv0TFhcSQllcTdizBfM7WSCCPmZ3c4LdDsiPhl9Gg26eq9dk2yECFXIEcSEA_CPhFBU0ZJQLn44u_vzQSO8WzuDNSVvAEqw6a42A5ORn6sDXUL3r0tgpbxgvCTjadNxKm37-tQvwZ5BXV8viPBOWhI55HwmQOT8MfSZX8FjS9ndZe4gD1b4xhQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 56686179
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame F0BB 3 KB
1 KB 73ms
0ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 10:30:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame F0BB 19 KB
8 KB 72ms
0ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:10:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0BB 178 KB
56 KB 491ms
415ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 14:29:10 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 7F85 3 KB
2 KB 140ms
17ms Script
application/x-javascript 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOa056UXhOMk10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzcyNzc5NzMyMTU2NTc3NTgvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M1FwWFJ5eUhDaTZYZ0l0WmpITUFZUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDM3Mjc3OTczMjE1NjU3NzU4L2Ftcy8wLzMzMi82OC85OTkvMTYyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY4NzM1Nzc0OS8xNjg3MzcwMzQ5LzQvcHViLTYzMzk0NjAwMTcwODYxOTQv/NCzSiCwF4kLaj97euOjKIRfyivI&nodeid=4025&group=cdg&auctionid=6437277973215657758&pbs_auctionid=6437277973215657758&shardkey=6437277973215657758&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%26client%3Dca-pub-6339460017086194%26adurl%3D
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.392.4 /
Resource Hash: 4825ee2fa22308208ecdbd44cf8084f9c590486525eb62023d54b247af28f842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:10 GMT
x-mm-nodeid: 4025
Content-Encoding: gzip
x-mm-bid-request-time: 1687357749
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Wed, 21 Jun 2023 14:29:09 GMT
Server: MMBD/3.392.4
x-mm-latency: 1 (1)
x-mm-notify-action-done: LD5wfw
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x80, cdg-bidder-x171
x-mm-lag: 1
Expires: Wed, 21 Jun 2023 14:29:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 7F85 3 KB
1 KB 71ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 10:30:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 7F85 19 KB
8 KB 72ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:10:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F85 178 KB
56 KB 503ms
458ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 14:29:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E285 0
0 100ms
68ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAb81NQmTZMGDMN6dxtYP5MqoyAjJntKxXL3xlPdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAooDYljaUbI-qAMByAMCqgTBAU_QxJEmiBFywnsNCOZZmfZDTl1t9FKxgzvc32e9LgQzQQtZIbGl5dC1BeNQmiSbhMeP32z_wLe8rY6r9jq6Dbc_3eVrxl-b1YJg9PchquvHnTXCRTFZyCDq4GNFnINYR88hsSeiuk9fTwBtiaDmqIv5KIYe-SZwZC1fktPjW4bJj03y0EuU_SBV95-lCXZyVoJWW5wTq86Gt0ljItm_APFYbebJeitTzg3ZHY7TokplE1YiWHp4znlSgbG77gW7UuyABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTYzMzk0NjAwMTcwODYxOTQYAA&sigh=NZRKhx2HKN4&uach_m=[UACH]&cid=CAQSGwBygQiD823-BxmxFsGBn8kqbugJ3STumQauMRgB

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 14:29:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 14:29:10 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame E285 0
0 181ms
0ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EMz6RO0HfJ2DYgICAAAAl0yPpGp2at87g70F61IiYxA1CZNkLgtIqVauT7UlngAAEgAACgpBUVVCQVFFQkFR&wp=ZJMJNQAMAcEE0Y7eAAolZAMafWxdYVGRD5skCw

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 220965
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DDDF 174 KB
54 KB 128ms
99ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMAcEE0Y7eAAolZAMafWxdYVGRD5skCw&u=%7CDrulI9YVC%2FD%2FcoWiUzbo%2F8W2fNgwnRpB9sfWqdf1Hic%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64spgNd3UqY6ZgavdsI-uxjnvngJVOnch1i6T38QDyf_Le6yNFxRA_wvRNi3trX_nzilvzE3ncEVur_Q6HJOdlKkLxCzjEsJbATOhwTAqBdlinLsWF5IrYBEpMjQB5ofAHvIufFXvLaskyirEz-Noz5zshdK1wDcWB19cGfz_0RYobPgx-fQ9T8GALB_X4oP3OeMHGiIpfIr0NKWNeKnqVpCPXjq99FuPHjE4t5sxreE5HstW8BkyhbYJe948aGRpGzCzHf6af_6vubmXZo1LMtHU-dBNUm3fqpkdhtSbN5yXhQOZvuZdKitLLu5A2rKzUIWTMY6oe-yHKoq-uBJgza-tzgQrYMKMM8w0ZDo3YlK2jawtLdq15JdT6O9_2AanpUI9rtXFmmNf7kIJAeW3Zu40TYb-lnqv9HYFN82xx8OTl7pZxFVahjtGrUaQ3_xiqv8FmRBEjHXHshktzoOf4ush76HG_l3jN--8ArgCsyl44SWTJIuoDIDAOgwA_7GCMlwrqExvMub1e19LGu3Q2lSB8xtMb5ETWz4mIGbbY7s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2B8lNQmTZMGDMN6dxtYP5MqoyAjJntKxXL3xlPdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAooDYljaUbI-qAMByAMCqgTEAU_QxJEmiBFywnsNCOZZmfZDTl1t9FKxgzvc32e9LgQzQQtZIbGl5dC1BeNQmiSbhMeP32z_wLe8rY6r9jq6Dbc_3eVrxl-b1YJg9PchquvHnTXCRTFZyCDq4GNFnINYR88hsSeiuk9fTwBtiaDmqIv5KIYe-SZwZC1fktPjW4bJj03y0EuU_SBV95-lCXZyVoJWW5wTq86Gt0ljYNueknbX8fV25j_wHjB_5YfHqPxvPU6g7LJFaIvtn52ja68_QVMIG6-ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MMoH_dvJ0nyx9gxsJwdjOIVM7Zw%26client%3Dca-pub-6339460017086194%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b93f8ae75e227bb13ec7ce10de06233ae2235b7c4831fcbc3436d775631d9a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:29:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=NF-hvq0IAUqTgt126Z5sLN7HLFP6DalfJ3-iHY_lxFB2QSh_AfmFr-WQtJ_oHk4slBmTL4gTwyqtNmph4U5V6erZWiptVP3KrPMVrQGs5NrCJqavFjo4i-smCsZBLQp6ZuQAxWXNGzp5eQsuyG1Eq5F6ozTzns0hRNOB3Ij20I667SCPU2Hv2hyi2dMZWXLKYc84K9L95edxKfz42zUb_zwIALD3gUJR-Mw2giy489ASUvDejZqg275bIfXHUtfhngEXTg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74505276
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame E285 3 KB
1 KB 74ms
48ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 10:30:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame E285 19 KB
8 KB 64ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:10:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E285 178 KB
56 KB 497ms
465ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 14:29:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 858A 4 KB
4 KB 198ms
13ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=668&s=-LAFRwlWoEq_H89e8AAdF0mU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3fe31cf93babaa8f377a3fc319bb2ca23a0caae909a930fa8e2d809f9ef115ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 4044
expires: Sat, 08 Jun 2024 02:13:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 858A 110 KB
110 KB 216ms
31ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4789968%2F1b47989772184ac9b50a9428465fa26c_img_vertical_2.jpg&v=3&w=1200&s=aXiUdcLuvAjKyCAtnUb6Evdh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

95f479a3f581685a74eed1a32e1b4d7b5be127896a15ea2ca21f5a421987fd74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 112830
expires: Mon, 10 Jun 2024 15:44:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 858A 8 KB
9 KB 205ms
20ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1675161204%2F23014681-uDI2Hb7Q.jpg&v=3&w=400&s=V6Rx9kmPFshTRPYOtVTGgAZ0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3dc61d019d26ca6eb0db382cf6751e488b15e25fc63737a43d696469539e3aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8514
expires: Fri, 23 Jun 2023 11:46:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 858A 10 KB
11 KB 277ms
93ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1685480401%2F23063972-gTPvRu1k.jpg&v=3&w=400&s=MRIWfsie64jFVi17KmPl-pG0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b64acf1469e1fb0336f092ce256e0c054e8f8c0ef90c46b55a72aa943be44425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10598
expires: Fri, 23 Jun 2023 21:08:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 858A 7 KB
7 KB 193ms
9ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1680037203%2F23055671-GXyb7NLB.jpg&v=3&w=400&s=i79VHyImJOYcjJzi0qeUPysJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

58c1ba13c0b73d0c996bc8a1b0018aaa5eebc3ec4dd57ef8f641d8b40baf093a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 6912
expires: Mon, 26 Jun 2023 16:19:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 858A 0
128 B 150ms
10ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=cbRO8q0IAUqTgt12TWM_HrPrFupYkUW_yqCnj80XqOn7mWIzLVVnYVqqJIOUsrdG-3habgYwrd0veJZfsNRJpDDtQPokzTWFxfPFbb0rR4W8z-6p2uhdp_u6g_4Fe-8d0kHnZJWyYWU8y7aVcfrP8l6LsP_fowESYc1AZls25bmJDlll1DEYxSfeWU4i5VIDjv7TO-qGqDIRebHh3qnl5F9dWoBFE4KkU47sAJnKnSSxTwEccF9t15P-v85Gkr5D6Bx-ZQ&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:29:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 858A 2 KB
1 KB 73ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 858A 2 KB
1 KB 72ms
10ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0E69 2 KB
1 KB 75ms
0ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMAb8E0Y7eAAolZLcxUlo7OrrHIqWHHA&u=%7CDrulI9YVC%2FAG0dqmrEkuQaJlLJKy%2F3jWBou%2BhGBxQ2o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxY1ffthKIvr6fa3BX9hHTmdtv6tLnMPk1p3FwqtrptklQEJjBUVIWPhSsIYoPCOkEgq5YiGh29yOofXWnSPjfTs6Ht-8EgIm5XVka7lO6jtG4_zfaI-aOvwREb3oFRtZ41V2Ocy5SvQRrlXIDACUt2bQROVsaaQZFM6VNXwYObob7HzfrJslQsdMewf3oztON6KzvIxPQUu0poeAchgB80J8vtWnl0SI4uv9GKJboxeZoMNV7GwFVi8xCh-pXBdWJZbU6LPTc4HsmvpXQMP80Fc6FHEcnE4ArY-D1dtkNJeGFGAecAyFKikecYP-GrZKypUzPR6YhDR2t2zpkXflJWd2EN-ujmEK1OonsLN5NbDZf_I686Uq_-VTRIiHI0XB78xVFIFYwAh_X4qTxfSvCB1i1-G9tv1zk1kYS3kI7jaUrtOOlPyxtIgIvP-UHUbwf9dmQlr73kRV-1vDBEhBi__Vwmj1Wx0TulgdhrR1ZYaI67g3amtiXpxrfAgSImsnXnaE_WF_WYoBSnI01fkBe2wOfilmT1-Rc1ojjH22uV2GECcFT7PpFbI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUak6NQmTZL-DMN6dxtYP5MqoyAjJntKxXL3xlPdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAooDYljaUbI-qAMByAMCqgTDAU_QbaPcWC8hRXCuPdoXvs6XfRFEcKCEEIAWYSP-gwaryUrUTnFu8F5jKtCSdQS9WelXeoo-z__o4kQVNQuT0xTN29BKYXVbbI1Srf3Gz9BlT19mMLnjxc3XTzZO4JwPT5THfxwp9U9h3iy_iul617d95O67zXOZhpdZGTdC7_n05svYsh6BSKGsLOvF-gI0ZiwUD-L1cEnuYz9dNXUJ-C9_JNH3R30-KDpVUYr2sx0uhINOu5Zz5FztgTAdrOuhSQiilYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2xn5yUJqJwSY1DeaYy8q44jgsYqg%26client%3Dca-pub-6339460017086194%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0E69 2 KB
1 KB 73ms
0ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0E69 308 B
636 B 56ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0E69 293 B
621 B 53ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 0E69 43 B
347 B 66ms
21ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=a9q5vVpK7UNOzZVT8RZfYtdX4rDZ70IrxRM1GHlANI8LYlhD1rSWbniE_Y-UpjYAhUsjagQ0nb9YMYqHx-SxzdIzthlYarTJjVSbg9uN0U9GDbNS-bHXvPzEAjhRhEO4wr4bj1ny-D3D9v4r7dYd7VOL_T0ysQ4pdHdpZoJqI2omDe6R-TLjH0ZyCUjqUivc1nY7rvooZZTkQIPtOu63j162zI2sAs0ch6-PBucpDc-5-O1beIEoZXJDIsRtO1is0BEAarNOTyAeMIhvf7iUUIRJFb-yGog5Xtk2haWTev6Vxoz1EvopUOL0u2FwS6cqNU_rSV8pcO6OGIhHv5ffs4lIhzuGRirZq6pa2nBcJ8RRlx2q2PqiP61DjRYTBnj45RgxotMHzeKm4JUOwgaiz9NDZQMOb-ovZ9yPfANAxLQG-9XH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2147249
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DDDF 2 KB
1 KB 73ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZJMJNQAMAcEE0Y7eAAolZAMafWxdYVGRD5skCw&u=%7CDrulI9YVC%2FD%2FcoWiUzbo%2F8W2fNgwnRpB9sfWqdf1Hic%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi64spgNd3UqY6ZgavdsI-uxjnvngJVOnch1i6T38QDyf_Le6yNFxRA_wvRNi3trX_nzilvzE3ncEVur_Q6HJOdlKkLxCzjEsJbATOhwTAqBdlinLsWF5IrYBEpMjQB5ofAHvIufFXvLaskyirEz-Noz5zshdK1wDcWB19cGfz_0RYobPgx-fQ9T8GALB_X4oP3OeMHGiIpfIr0NKWNeKnqVpCPXjq99FuPHjE4t5sxreE5HstW8BkyhbYJe948aGRpGzCzHf6af_6vubmXZo1LMtHU-dBNUm3fqpkdhtSbN5yXhQOZvuZdKitLLu5A2rKzUIWTMY6oe-yHKoq-uBJgza-tzgQrYMKMM8w0ZDo3YlK2jawtLdq15JdT6O9_2AanpUI9rtXFmmNf7kIJAeW3Zu40TYb-lnqv9HYFN82xx8OTl7pZxFVahjtGrUaQ3_xiqv8FmRBEjHXHshktzoOf4ush76HG_l3jN--8ArgCsyl44SWTJIuoDIDAOgwA_7GCMlwrqExvMub1e19LGu3Q2lSB8xtMb5ETWz4mIGbbY7s&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2B8lNQmTZMGDMN6dxtYP5MqoyAjJntKxXL3xlPdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAooDYljaUbI-qAMByAMCqgTEAU_QxJEmiBFywnsNCOZZmfZDTl1t9FKxgzvc32e9LgQzQQtZIbGl5dC1BeNQmiSbhMeP32z_wLe8rY6r9jq6Dbc_3eVrxl-b1YJg9PchquvHnTXCRTFZyCDq4GNFnINYR88hsSeiuk9fTwBtiaDmqIv5KIYe-SZwZC1fktPjW4bJj03y0EuU_SBV95-lCXZyVoJWW5wTq86Gt0ljYNueknbX8fV25j_wHjB_5YfHqPxvPU6g7LJFaIvtn52ja68_QVMIG6-ABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MMoH_dvJ0nyx9gxsJwdjOIVM7Zw%26client%3Dca-pub-6339460017086194%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DDDF 2 KB
1 KB 73ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DDDF 308 B
636 B 42ms
0ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DDDF 293 B
621 B 40ms
0ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame DDDF 43 B
347 B 51ms
9ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=7j3kPXsnO68UYrYiDu2RaQt1qcxN3fYiWFt97BBU3bwWjBG-Ea2aoBeBhF9wqNK-1nINz3aHbISu3GRlr8JT3zUa69buYsZwW8gSWdNTQD8NGDpvPuOaTlGc0cvhjL2UffxbPQ-qx2B6MM53QsJm2tkgxyCy-GC0ez6J9jQhvWlS9d6yGLpR9LQSxkN5gWT-yYn1qoFQi2wccp_LBEVhuadao_Ysq1YKH8syprpxLLrWp0A0SX1NB5l0rCnbsSRfYFBna5AlWFV5TOk6o3Z6Cg0zmvhVj-w__eTnccz04tAd0fbeR-ZZqkiBhnJuP-VL5n3VZ8Z1qe9jn_T4KLw7bARkpzXg3mqegHGdXkoPa1cZOoCkYgzv4t77Fdh_voSjJ-qhm5Qbo6JEAwvLcPxF7asPQwwUfZbu_Dip0O4dQ0CHnePf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2227560
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0E69 12 KB
5 KB 50ms
11ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1030180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiIM18Qshsvh2Sl26yKbqd9TFT1SMnWTrvhqpMyU4U6e8v%2FOqrQlbJNeCSe8paoy6ndFz4O%2B9ALP4wfeWQG9gkRZRaaiQl2%2F8N9tYLSwGQFIc5xQKrV1R%2FojsvbL4yIotnaLojSTY6TXzk7eu7s1scNq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7dacf1369e451e6e-FRA
expires: Mon, 10 Jun 2024 14:29:10 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0E69 12 KB
6 KB 55ms
4ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H/1.1 200
OK k2vt83281pvm Show response
hal9000.redintelligence.net/zone/ Frame 7F85 10 KB
3 KB 106ms
11ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=6437277973215657758&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dh1JGLM7b3cMr9Jc8J_TIzw%26exch_seat%3D20035004448%26mt_aid%3D6437277973215657758%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_cid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%2526client%253Dca-pub-6339460017086194%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 75a9956ca3cb6768c8eb27a4e06e7b9aab80724f0888ebceece991687341ccc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:10 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3358
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 7F85 49 B
330 B 90ms
17ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6437277973215657758&node_id=4025&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOa056UXhOMk10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzcyNzc5NzMyMTU2NTc3NTgvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M1FwWFJ5eUhDaTZYZ0l0WmpITUFZUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDM3Mjc3OTczMjE1NjU3NzU4L2Ftcy8wLzMzMi82OC85OTkvMTYyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY4NzM1Nzc0OS8xNjg3MzcwMzQ5LzQvcHViLTYzMzk0NjAwMTcwODYxOTQv/NCzSiCwF4kLaj97euOjKIRfyivI&nodeid=4025&group=cdg&auctionid=6437277973215657758&pbs_auctionid=6437277973215657758&shardkey=6437277973215657758&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%26client%3Dca-pub-6339460017086194%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.392.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:10 GMT
Server: MMBD/3.392.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x86, cdg-bidder-x171
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 21 Jun 2023 14:29:09 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 7F85 7 KB
3 KB 284ms
36ms Script
text/javascript 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www2.woaifanyi.com/8dHOITnUs3u%3Dd&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ti=6437277973215657758&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&sr=4&de=43000&si=179723843&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOa056UXhOMk10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzcyNzc5NzMyMTU2NTc3NTgvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M1FwWFJ5eUhDaTZYZ0l0WmpITUFZUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDM3Mjc3OTczMjE1NjU3NzU4L2Ftcy8wLzMzMi82OC85OTkvMTYyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY4NzM1Nzc0OS8xNjg3MzcwMzQ5LzQvcHViLTYzMzk0NjAwMTcwODYxOTQv/NCzSiCwF4kLaj97euOjKIRfyivI&nodeid=4025&group=cdg&auctionid=6437277973215657758&pbs_auctionid=6437277973215657758&shardkey=6437277973215657758&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%26client%3Dca-pub-6339460017086194%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

01edc3bf89264f8e2c388bb0de9d0e203bfb48063cfe55099b9f7636dcd561af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:29:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 3022
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 7F85 43 B
418 B 167ms
33ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6437277973215657758&v3=651871&v4=4562306&v5=6622324&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOa056UXhOMk10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzcyNzc5NzMyMTU2NTc3NTgvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M1FwWFJ5eUhDaTZYZ0l0WmpITUFZUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDM3Mjc3OTczMjE1NjU3NzU4L2Ftcy8wLzMzMi82OC85OTkvMTYyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY4NzM1Nzc0OS8xNjg3MzcwMzQ5LzQvcHViLTYzMzk0NjAwMTcwODYxOTQv/NCzSiCwF4kLaj97euOjKIRfyivI&nodeid=4025&group=cdg&auctionid=6437277973215657758&pbs_auctionid=6437277973215657758&shardkey=6437277973215657758&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%26client%3Dca-pub-6339460017086194%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master zrh zrh-pixel-x30 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:10 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x30 config_version:"1524"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 21 Jun 2023 14:29:09 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 7F85 49 B
330 B 88ms
16ms Image
image/gif 185.29.134.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6437277973215657758&st=4562306&time=1687357750&nodeid=4025
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTUdOa056UXhOMk10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzY0MzcyNzc5NzMyMTU2NTc3NTgvNjYyMjMyNC80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1M1FwWFJ5eUhDaTZYZ0l0WmpITUFZUS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82NDM3Mjc3OTczMjE1NjU3NzU4L2Ftcy8wLzMzMi82OC85OTkvMTYyLzJhMDE6NGEwOjJiOjovMC4wMDAvMTY4NzM1Nzc0OS8xNjg3MzcwMzQ5LzQvcHViLTYzMzk0NjAwMTcwODYxOTQv/NCzSiCwF4kLaj97euOjKIRfyivI&nodeid=4025&group=cdg&auctionid=6437277973215657758&pbs_auctionid=6437277973215657758&shardkey=6437277973215657758&sid=4562306&cid=6622324&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.181&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%26client%3Dca-pub-6339460017086194%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.392.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:10 GMT
Server: MMBD/3.392.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x99, cdg-bidder-x171
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 21 Jun 2023 14:29:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0E69 0
127 B 32ms
5ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=H2kf5a0IAUqTgt12LK2Ifnpr-JybcDokkgCOcpHCzdndyUlwiJqQpxOT_DD-OAHqcpEngri9_mAqMksSMv0TFhcSQllcTdizBfM7WSCCPmZ3c4LdDsiPhl9Gg26eq9dk2yECFXIEcSEA_CPhFBU0ZJQLn44u_vzQSO8WzuDNSVvAEqw6a42A5ORn6sDXUL3r0tgpbxgvCTjadNxKm37-tQvwZ5BXV8viPBOWhI55HwmQOT8MfSZX8FjS9ndZe4gD1b4xhQ&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0E69 2 KB
1 KB 41ms
11ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0E69 2 KB
1 KB 40ms
10ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DDDF 12 KB
5 KB 42ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1024265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Bt0hKTdtniHoldjOOyJksftJdTDy9LJ%2FVK12M5H35G0OBiD0olPtZf8utuLDy6N3spbSqcDLAQTBGAL0AseGXtRIcHCexxrPhTe14e4Q6sElrLtDyMN8zv6wOPU7zzPeMZ2lQwfa4PSO45mQd3S5rot"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7dacf136cf2e37e0-FRA
expires: Mon, 10 Jun 2024 14:29:10 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DDDF 12 KB
6 KB 49ms
9ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
DATA 200
OK truncated
/ Frame E285 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c91e4803848d1b78c17b9bb77a6d67d69d1ae9ef77b515deb82412d915f0ae9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame DDDF 38 KB
38 KB 47ms
3ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame DDDF 46 KB
46 KB 45ms
1ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 10 KB
11 KB 45ms
5ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b64acf1469e1fb0336f092ce256e0c054e8f8c0ef90c46b55a72aa943be44425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10598
expires: Fri, 23 Jun 2023 21:08:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 3 KB
4 KB 52ms
17ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&s=fh4-ZONnBdSnJWApyN4zFpvE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3552
expires: Sat, 08 Jun 2024 02:13:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 36 KB
37 KB 42ms
6ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4789961%2F6442f7d57c224a6687df4afea4596763_img_horizontal_1.jpg&v=3&w=1200&s=Ar_4L0f--id7d526qPTecQR3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2abd92a67553f2bd8b1e7606c729d9d15fde9cd2924346763ca9f78d6e508c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 37280
expires: Mon, 10 Jun 2024 15:44:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 11 KB
11 KB 53ms
17ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16055430-ERcssJGh.jpg&v=3&w=400&s=OmTydPDewHK8C6w7BTbh2jBR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

70da8ace6902ee458fe64deffd6b9a58a0e93b17049535af415f87440de4884f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10836
expires: Wed, 28 Jun 2023 13:11:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 22 KB
23 KB 65ms
30ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21147389-yJR8uuR5.jpg&v=3&w=400&s=EiQL2f6Rf2uFarmT4shA4To1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97078808797587c73e57e21509affe263a56847ef48500a3802e3fac2736a224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22866
expires: Wed, 21 Jun 2023 16:55:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 8 KB
8 KB 76ms
41ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1649661906%2F22076818-rSOcq9Ey.jpg&v=3&w=400&s=w0hdiUOC-vC3EAbSlVncbF9D&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

85c7dc72c9e160a309a82f3dbedc5318a7758f7f7fc237574fb06f0caec51ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8104
expires: Tue, 27 Jun 2023 12:01:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 8 KB
9 KB 53ms
18ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1681246802%2F23064270-ZZdizj7y.jpg&v=3&w=400&s=ZMzVGgnOBi33UITeN_bRK1hV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fefe81e2e2d43f02acdf13d5c43e60eafa27dc231d451a8c4789dc88a66b4014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8536
expires: Sat, 24 Jun 2023 19:07:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 1 KB
2 KB 53ms
18ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&s=DAuhO2VZsOVWSNtKtkvA_rLO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 1366
expires: Mon, 10 Jun 2024 09:24:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 32 KB
32 KB 65ms
30ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22066997-Q8ojGiHs.jpg&v=3&w=400&s=8hC2sR7VzFlwIgsS7NDxH18k&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

038b596f449c988b1a5290a9e235445370168101c5f98974e750f82b16025cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 32960
expires: Wed, 21 Jun 2023 16:13:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 11 KB
11 KB 71ms
37ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23047609-j97vtYG0.jpg&v=3&w=400&s=eQ00gtnhMOVkpQwnsQjAUiN-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

934ea902e5a8da6d2dc10edb85ba21707d0db685abcafe0a15148a9c3e4e5cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11110
expires: Thu, 22 Jun 2023 07:06:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 11 KB
11 KB 62ms
29ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19349932-ZseJiX5S.jpg&v=3&w=400&s=bL6rHfLOrI8xR4MwhnKaBsfQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4c2f3b1c4fe5935f2f2fc614223aeed72d876d5b4be0ae03f8c3f4e869c94239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 11130
expires: Wed, 28 Jun 2023 13:13:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 8 KB
9 KB 70ms
36ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22095866-43K62qzI.jpg&v=3&w=400&s=O-Kz1gk2uyziD4Kv_3rI8wip&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8fdc043853596cbbff8b31c28ae9a0e8356e9b7cd7dea05fe3a1ca5ff653c7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8544
expires: Thu, 22 Jun 2023 14:42:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 8 KB
9 KB 52ms
19ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23044424-8E7pSyzm.jpg&v=3&w=400&s=bMh-6QCpGqO4YT4VsuaHSwZJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ce22e0aef86f6d5269ed0d4873a281335883de51a54a26b18b2411627c8937b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8624
expires: Mon, 26 Jun 2023 19:13:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 11 KB
11 KB 75ms
42ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1647469986%2F22059521-76tqhRZf.jpg&v=3&w=400&s=PSDv48hRv3G6CdDOGlzUal7F&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6810b029a0e87dec76629183b5962f2f58a2b5c9d9c90449523672c3c1485907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10834
expires: Wed, 28 Jun 2023 13:23:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DDDF 0
127 B 32ms
0ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=NF-hvq0IAUqTgt126Z5sLN7HLFP6DalfJ3-iHY_lxFB2QSh_AfmFr-WQtJ_oHk4slBmTL4gTwyqtNmph4U5V6erZWiptVP3KrPMVrQGs5NrCJqavFjo4i-smCsZBLQp6ZuQAxWXNGzp5eQsuyG1Eq5F6ozTzns0hRNOB3Ij20I667SCPU2Hv2hyi2dMZWXLKYc84K9L95edxKfz42zUb_zwIALD3gUJR-Mw2giy489ASUvDejZqg275bIfXHUtfhngEXTg&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DDDF 2 KB
1 KB 53ms
9ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DDDF 2 KB
1 KB 52ms
8ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 858A 10 KB
11 KB 39ms
19ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b64acf1469e1fb0336f092ce256e0c054e8f8c0ef90c46b55a72aa943be44425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10598
expires: Fri, 23 Jun 2023 21:08:53 GMT

GET
H/1.1 200
OK request.php Show response
hal900024.redintelligence.net/ Frame 7F85 3 KB
2 KB 150ms
62ms Script
application/x-javascript 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=29d5ac940f&subid=&uid=583e57f0c3cf0809&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dh1JGLM7b3cMr9Jc8J_TIzw%26exch_seat%3D20035004448%26mt_aid%3D6437277973215657758%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_cid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%2526client%253Dca-pub-6339460017086194%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230615%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=1052153767096&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/k2vt83281pvm?subid=&gdpr=1&gdpr_consent=li&rnd=6437277973215657758&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dh1JGLM7b3cMr9Jc8J_TIzw%26exch_seat%3D20035004448%26mt_aid%3D6437277973215657758%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_cid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%2526client%253Dca-pub-6339460017086194%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 178c13852e7feea6ee2810d130437c2185ce01e1c850a9d9a8a78891d695d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:29:11 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 13312400084588500951395012362024
Connection: close
Content-Length: 1122
Expires: Wed, 21 Jun 2023 15:29:11 +0200

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame DDDF 10 KB
11 KB 36ms
29ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b64acf1469e1fb0336f092ce256e0c054e8f8c0ef90c46b55a72aa943be44425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 10598
expires: Fri, 23 Jun 2023 21:08:53 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 0E69 46 KB
46 KB 33ms
18ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8731 0
19 B 76ms
64ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrpwPNQmTZMT7Mab4xtYPu-6Y6APJntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAhjxi0TITrI-qAMBqgTAAU_QQEPGfhqfsLf-Wgop74QPbNjtyj3NO1x3Ac9aSnLQ-c6npFZG4tvTXKv9e2wAvd6jpTTmvb6T40fkfpP6DdjzeoDZFXNBuLm3M4GQNxCW8Ee8yqMwwAyJx-KZWxXDm-e1f4NoHoCzPLNTQddQD0H5UpVbAut080tQOAGa_mjFxy9aeWY2sjh6ALfNCoyyGfJXfVJKMRwyFaMzpihByYWxfzEya2A94JI8hCIB_mrHJFDm7--qAQhV9wdqSYkupIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjMzOTQ2MDAxNzA4NjE5NBgA&sigh=QiiifTemV6c&uach_m=[UACH]&cid=CAQSGwBygQiDf65GNu96Gn3DXY--U4CW1cHWuDg2ABgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=280&slotname=6604781984&adk=1209252267&adf=2184558861&pi=t.ma~as.6604781984&w=336&lmt=1687357749&format=336x280&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749510&bpp=1&bdt=1966&idt=221&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=0442661610&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=72jiNVS7zc&p=https%3A//www2.woaifanyi.com&dtd=225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 14:29:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 8731 0
126 B 236ms
114ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EOGBMNACmAKdg2ICAgAAAALBhRF0ISldO4O9BetSImMQNQmTZF52MAqK1MQB5zYAABIAAAoKQVFVQkR3RUJEdw&wp=ZJMJNQAMfcQE0bwmAAY3OxitmBcFmzxcM7ngLw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 168174
server: Kestrel
content-length: 0

GET
DATA 200
OK truncated
/ Frame F0BB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d71ee89c7078ecb3302a286a141598279d83915f05268808164fec2f7ee1da99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 1D53 0
366 B 195ms
71ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=13312400084588500951395012362024&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=29d5ac940f&subid=&uid=583e57f0c3cf0809&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dh1JGLM7b3cMr9Jc8J_TIzw%26exch_seat%3D20035004448%26mt_aid%3D6437277973215657758%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_cid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%2526client%253Dca-pub-6339460017086194%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230615%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=1052153767096&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Wed, 21 Jun 2023 14:29:11 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 515F0523:DD1A_91EFC182:01BB_64930937_258749E:1ECFC

GET
H2 200 / Show response
adv.office-partner.de/ Frame 6BF6 930 B
931 B 122ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=29d5ac940f&subid=&uid=583e57f0c3cf0809&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dh1JGLM7b3cMr9Jc8J_TIzw%26exch_seat%3D20035004448%26mt_aid%3D6437277973215657758%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_cid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%2526client%253Dca-pub-6339460017086194%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230615%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=1052153767096&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 21 Jun 2023 14:29:11 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 28 Jun 2023 14:29:11 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame CACC
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=13312400084588500951395012362024&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806339182

350 B
401 B

82ms
11ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806339182
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=29d5ac940f&subid=&uid=583e57f0c3cf0809&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dh1JGLM7b3cMr9Jc8J_TIzw%26exch_seat%3D20035004448%26mt_aid%3D6437277973215657758%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_cid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%2526client%253Dca-pub-6339460017086194%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230615%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=1052153767096&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 14:29:11 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806339182
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7F85 2 KB
2 KB 200ms
72ms Script
text/html 3.11.176.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=13312400084588500951395012362024&nw=1
Requested by: Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.176.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-176-98.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: bf772baafd52d83295dee0f759cfbd9343d04d368febe8cd0287427c3f36e377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
last-modified: Wed, 21 Jun 2023 14:29:11 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 21 Jun 2023 14:30:11 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame D63C 7 KB
2 KB 92ms
22ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=k2vt83281pvm&nw=20&renderingType=javascript&namespace=29d5ac940f&subid=&uid=583e57f0c3cf0809&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dh1JGLM7b3cMr9Jc8J_TIzw%26exch_seat%3D20035004448%26mt_aid%3D6437277973215657758%26mt_id%3D6622324%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_cid%3Dd38b6493-0936-4401-a42d-322400f1c115%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC-fuuNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTDAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYDdI32H9LttOU96CmYwQbT_D60ON-0vGw2iXhiBZBxWDoIP7jOBGNFawIAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3byZlT7NVwdQQKiBcXjr0fKIRmgA%2526client%253Dca-pub-6339460017086194%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.soberberlin.com%2F%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230615%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=1052153767096&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ee17f640cb2379c65dbaf5138729b88b19db75e07856bd66b3f94197f487a284

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2026
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 14:29:11 GMT
Expires: Wed, 21 Jun 2023 15:29:11 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 7F85
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=13312400084588500951395012362024&t=htlp&gdpr=1&consent=1&gdpr_consent=li
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=13312400084588500951395012362024&t=htlp&gdpr=1&consent=1&gdpr_consent=li

43 B
382 B

110ms
79ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=13312400084588500951395012362024&t=htlp&gdpr=1&consent=1&gdpr_consent=li

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:11 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 515F0523:DD1A_91EFC182:01BB_64930937_25874A9:1ECFC
X-IPLB-Instance: 40028
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=13312400084588500951395012362024&t=htlp&gdpr=1&consent=1&gdpr_consent=li
date: Wed, 21 Jun 2023 14:29:11 GMT
server: nginx
content-length: 154
content-type: text/html

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 158ms
31ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?oz_pl=1&di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&psv=2.96.0&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www2.woaifanyi.com/8dHOITnUs3u%3Dd&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ti=6437277973215657758&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&sr=4&de=43000&si=179723843&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:10 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.96.0/ Frame 7F85 176 KB
53 KB 33ms
31ms Script
text/javascript 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.96.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www2.woaifanyi.com/8dHOITnUs3u%3Dd&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ti=6437277973215657758&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&sr=4&de=43000&si=179723843&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2ece6bd89b2087c1b8fd2a9cafddcef7af5671be5992f0cd99525f7ce3a326f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54224
Expires: Sat, 27 Feb 2055 07:32:40 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 0E69 38 KB
38 KB 21ms
12ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 15 Jun 2024 14:29:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 6 KB
6 KB 18ms
17ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=396&s=M9KI1Gqj5w7y9RwJEDz7n1O1

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c075c84338157dc46cda1e385e3a09452ee95b59bd3c8d9ea7d1d97cf6c0f976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 5725
expires: Sat, 08 Jun 2024 02:13:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 63 KB
63 KB 30ms
29ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4789961%2F6cb15912f287446bb0f06830c7ef5854_img_vertical_1.jpg&v=3&w=1200&s=qEyFipgxYySusf9zeNOugNDX

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cbacb4972b01f491076eaaf73a7cc36af2c997c90c41fb59592ac7384e1b4b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 64040
expires: Mon, 10 Jun 2024 15:44:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 22 KB
22 KB 21ms
20ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1548848765%2F18134549-u11wSssV.jpg&v=3&w=400&s=fFJxpQ26FiBgExrO9OnuHnYe&b=400

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f5d9518f927e995c9efd5358ddebe64d7023ee37fd5c9a28f78254f22b33b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22118
expires: Wed, 21 Jun 2023 18:13:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 361 B
551 B 37ms
36ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=DhGSqk--HTA2FgdhSuA8CMfm

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 361
expires: Sun, 02 Jun 2024 07:23:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 8 KB
8 KB 22ms
22ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17278366-JWsUTo1c.jpg&v=3&w=400&s=dgyLdEkflE2X2-_j_JIASQK6&b=400

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d05cb261ab62fbb442d271120b78c5303e5d89021a204896bcc9ddbb04ab56b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8510
expires: Wed, 21 Jun 2023 14:54:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 17 KB
17 KB 23ms
22ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1527749687%2F18153583-K5rEyq70.jpg&v=3&w=400&s=2pgNiDMrLVktxmgJQOwH5zhL&b=400

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

654db824c8783d91ce0f494e9fc3ee2fef49bc7dac13e990c888f982ea158c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 17336
expires: Wed, 28 Jun 2023 13:35:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D63C 5 KB
1 KB 110ms
13ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 14:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 13:01:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 14:29:11 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D63C 27 KB
27 KB 42ms
9ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e878d62c7195e0d55b7c52987767116d9993e91dfccb6b10a9c5ebbbac19e33b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:11 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27134
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D63C 25 KB
25 KB 34ms
8ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 20bfae8fc60a51141b8554263d56c22aa2e02f44f04c98ecbfb72ae7009f710f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:11 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25830
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D63C 20 KB
20 KB 33ms
7ms Image
image/png 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 09980d8843e8a42a807cfa7ca2b561f3eb807894566a66598dabfefb9c64a7b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:11 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 20627
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F0BB 0
19 B 82ms
68ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZDxaNQmTZL-DMN6dxtYP5MqoyAjJntKxXL3xlPdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTYzMzk0NjAwMTcwODYxOTTIAQmpAooDYljaUbI-qAMByAMCqgTAAU_QbaPcWC8hRXCuPdoXvs6XfRFEcKCEEIAWYSP-gwaryUrUTnFu8F5jKtCSdQS9WelXeoo-z__o4kQVNQuT0xTN29BKYXVbbI1Srf3Gz9BlT19mMLnjxc3XTzZO4JwPT5THfxwp9U9h3iy_iul617d95O67zXOZhpdZGTdC7_n05svYsh6BSKGsLOvF-gI0ZiwUD-L1cEnuYz8fN1Sbf6DjN25rU97uFZytWJ78BRcAnAH6c6vVFuPzrSiYBm-y9oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjMzOTQ2MDAxNzA4NjE5NBgA&sigh=7eyyvDYPwps&uach_m=[UACH]&cid=CAQSGwBygQiD823-BxmxFsGBn8kqbugJ3STumQauMRgB&vis=1

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 14:29:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame F0BB 0
125 B 42ms
17ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6W_EMz6RMgB2ASdg2ICAgAAAJdMj6RqdmrfO4O9BetSImMQNQmTZMIMhO2QFyw2xAoAABIAAAoKQVFVRER3RUJEdw&wp=ZJMJNQAMAb8E0Y7eAAolZLcxUlo7OrrHIqWHHA

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 159229
server: Kestrel
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 6BF6 113 KB
44 KB 78ms
15ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69b6d5e877183ac1a93161d4889e8620df2aae772195abff51a544a2ace72d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44179
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 14:29:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 6 KB
6 KB 37ms
15ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c075c84338157dc46cda1e385e3a09452ee95b59bd3c8d9ea7d1d97cf6c0f976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 5725
expires: Sat, 08 Jun 2024 02:13:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 22 KB
22 KB 35ms
14ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f5d9518f927e995c9efd5358ddebe64d7023ee37fd5c9a28f78254f22b33b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22118
expires: Wed, 21 Jun 2023 18:13:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 8 KB
8 KB 35ms
14ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d05cb261ab62fbb442d271120b78c5303e5d89021a204896bcc9ddbb04ab56b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 8510
expires: Wed, 21 Jun 2023 14:54:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 17 KB
17 KB 60ms
20ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

654db824c8783d91ce0f494e9fc3ee2fef49bc7dac13e990c888f982ea158c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 17336
expires: Wed, 28 Jun 2023 13:35:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 63 KB
63 KB 48ms
9ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cbacb4972b01f491076eaaf73a7cc36af2c997c90c41fb59592ac7384e1b4b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 64040
expires: Mon, 10 Jun 2024 15:44:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0E69 361 B
551 B 92ms
54ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=DhGSqk--HTA2FgdhSuA8CMfm

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 361
expires: Sun, 02 Jun 2024 07:23:09 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame CACC 5 KB
5 KB 49ms
6ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806339182
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7F85 85 KB
31 KB 128ms
18ms Script
text/javascript 108.156.2.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=13312400084588500951395012362024&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-62.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:54:54 GMT
content-encoding: gzip
via: 1.1 7aebe5536aa81207909dbe4ca368b9be.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4
age: 23659
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: cr1kw9lt4OFSxVmSR5OmBQE5_4iHHcXiZjiFsAeedkITQFbgiU3fNQ==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 7F85 3 KB
3 KB 73ms
9ms Image
image/png 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1687358051&Signature=Yfqxn6S3mNYg4sjMQP8OxZxcrL04egNF-xykXmNZCD4RxsLDJaLqkTz-CpyuEvBruomClGHI1ne7~800iRPFjISMNlXObzKBINlAhFaJ9HrDbJe~JwvqJORUrF5dCmZJEBKqZzv0BjtMnvfnbfo4DQxf1BGeLw01hmL4~ra3MgBP6Skr51qGNt4HePswIxylKqJkbWVsUfv8vd3Rwa5BuEiNoJwUkTSkZCTsHXMxPvATE9SA1TbXfG~BjYS9fW5L3vMc9BXGvs83g7HWMWwQrHYtEUc5pnN4nUn3jNeJGD9z~QCuxjw5Ib0OeaOBolb7BnLfZuGTzcRKhDCvoGXSzg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 21 Jun 2023 04:53:30 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 34542
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: yvNZjmHZqR4LRtzEoe4ovoYE8PEgGHon_hb8DRYNncyVwCKE2EsQyw==

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 52ms
36ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?oz_pl=1&di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&psv=2.96.0&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www2.woaifanyi.com/8dHOITnUs3u%3Dd&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ti=6437277973215657758&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&sr=4&de=43000&si=179723843&dm=160x600&ac=651871&cr=6622324&ai=216536&c1=4562306&r1=2a01:4a0:2b::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:10 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 346ms
344ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1722643317&si=5899173c4bb390c78c9ffd1e2846117d&v=1.3.0&lv=1&sn=28106&r=0&ww=1600&u=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&tt=%E6%81%AD%E7%8E%8B%E5%BA%9C%E7%9A%84%E4%BC%A0%E5%A5%87%E6%95%85%E4%BA%8B%E7%9A%84%E6%97%A5%E8%AF%AD%E7%BF%BB%E8%AF%91

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 14:29:11 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame D63C 0
150 B 41ms
12ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=13312400084588500951395012362024&a=57e774dd&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 57ms
35ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357751384&oz_l=407&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:10 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 963c7514-2ae6-4b29-a141-59df7b3722b4
https://googleads.g.doubleclick.net/ Frame 1A77 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/963c7514-2ae6-4b29-a141-59df7b3722b4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ Frame 7F85 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85beed1fee82b46cb3644d034550e1a48034f5645267d40433fb154427e7ab29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D63C 14 KB
15 KB 57ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900024.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:54:57 GMT
x-content-type-options: nosniff
age: 156854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:54:57 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D63C 15 KB
15 KB 59ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900024.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:50:39 GMT
x-content-type-options: nosniff
age: 157112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:50:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7F85 0
19 B 54ms
53ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C06zxNQmTZMCDMN6dxtYP5MqoyAjPh46bXMCG2YLGAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi02MzM5NDYwMDE3MDg2MTk0yAEJqAMByAMCqgTAAU_QuPp0DJVHxw7YAryKc2rNqj3KfCb07lqRH-GjzxL0ax-cCr-3S5sr6o8Gw8ajAflRE4iIqYoz9SAcMR3IAt3qsuO6rUVHpEtaLSa0RVA6Dh0wOjmh7NR_3uPdhDKCWd4ojKcvRa9TxNrGHc2WPEdNeDfHqNhUIo8vadZoswlgge5l6bwqNfNWNtlRKaAPxH8GLLfl5QcBPYCfIVwVWAfJPsLeQs3oARsPErkEi-cBA-wfnlgunr1IIpqhd4-GlYAGqpuq467akpO7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjMzOTQ2MDAxNzA4NjE5NBgA&sigh=FNUJ-oOHLv8&uach_m=[UACH]&cid=CAQSGwBygQiD823-BxmxFsGBn8kqbugJ3STumQauMRgB&tpd=AGWhJmvOBk6tJafaQibdfKkalNwKPXPBkw0-wfB3ZkDOc5pXa_tudrSb85zEp1mCO5QS6enxIKRMDi8Xx4ObTtyn1oGzD2iNRBpTSteb3WtuUtqgd9lFrzAr-Dr14FgsyFgd06Wu9kzjAQV8hlQChwMGJSFabw10vbZ3zqPAZNZX3zrXbUedah6AL8_MPKe0pW9I-iGloi-lkzP8oUrxQawO1zwizJh7eyfMK-9ZwhZbsfAiEzE_HR3b6KFs68UDxRqtOI6Rbdthmvp0Al-fSbx0IcGxQ0OgMVcx6Dd9y1ibHdWOD8ZZoqtmJD3qinD_Emb8GNDz5y32N_3vd1pAm7iBEUwUUjP7BCh9x6u2FtaapEo2EIqs1ZiaHrVe-lRZQK_Yh4qwi-CkcrpTpXM1B4zIH3r4kVJTnR17Vi66I5oMrY-7ZxDl64aZ7S277g8PEEimv4N6bdVXQj0EfiCJX2rlTkfLDABcQJuQEPplw6XwJ0wyuP1tcsC9eCc8Fa9HoKn2VabLnarhUEt9rmnDxZHhXWn5-jgWrl1bQBZYvS_OM7a1mSsBpo5SiqVf0n3KlbUgsUOfNnUww8kpg8XekBdzNsVE6BUXtrWiIb1P8OtJYtx_8Nv9U0LYJWMzatzarIhcl8iFnnd8PDXbVQzAVF-Dinu4nlJmLU3sq9c6nEaJLnn0GsU-LrLEhLRc3hzshMEin4-zMLaG9CUFhVAQFw8IbBNH6O8XkfnUZ8AghKpbhQyK1Bn0njJtjapmxh0WDBY1qeymEXQ0_I-DEeyJAmOS9JLOdTe-92L87GhC_jCcc-5qB_RVwoLVTTSn0yW3aekxqlZmY0ILgT8vMgd0IJ0qT1rQEnhjrpgutlgYQCRq_yr1mhhL46wDkliGxtApzrkPLV-IL7DOl2PzAmXyOEEqyIuuRFvM03uCcO8O6r5Q03Dgvk30fl-PsLPTuGAwIBbXxSzLYaPbf3OL0ewsl9o6TfUIOEhvg4U5X-PL5HVV6_fU0iyd8UPt8WWngir6_GHAz9BTAEPj5zBKS519LiwVTfOjVSa4XRJPW8r2Zidr6KzrMuVEyknqnIzOxz0Cr3ldbeoGuxHTu6sa4iYEUKPcf_PVXcYHZ5pW1NbiZS-yY2wsh1acZw&vis=1

Requested by

Host: www2.woaifanyi.com
URL: https://www2.woaifanyi.com/8dHOITnUs3u=d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 14:29:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 33ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357751542&oz_l=4627&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:10 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 all
csm.eu.criteo.net/ Frame 858A 0
127 B 30ms
24ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:29:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 33ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357751692&oz_l=6916&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:10 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8731 42 B
64 B 84ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKPiwMRjJH5GxTOKgQTT5xMPTwXnwvn9xzPECEFZqN_aB9L9qwehIPIZ6Z8TDYDsbOcDzZVv8IlyStyvaRgngEtuo&sig=Cg0ArKJSzC9t-UZPiUKpEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1209252267&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687357749739&rpt=950&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:29:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 77ms
67ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230615&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce9ada07a066413c1641c1432e9f8fde450bffcd17f247205796b6e34d27460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11162
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 14:29:11 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 35ms
35ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357751862&oz_l=226&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7996 13 KB
5 KB 13ms
8ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 12:58:07 GMT
expires: Thu, 20 Jun 2024 12:58:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6059 783 B
1 KB 88ms
41ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca50387f74f334ae4614dd67f93dbeed10f5114b65ff73ca73c8cf6b592c2b4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wKtWGZyi6pwuI5iigLd6_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.woaifanyi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-wKtWGZyi6pwuI5iigLd6_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 14:29:11 GMT
expires: Wed, 21 Jun 2023 14:29:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 7996 37 KB
14 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DDDF 0
127 B 17ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:29:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 32ms
31ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357752021&oz_l=409&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E285 42 B
64 B 64ms
62ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8s7Jy3Q3Ow8Vs1Ez29teval9FU58a1e1qL1sJXfGgoXoeoeVT8DMaJC0WFtLtPTV8DDUPFaBLUlvWb9w6PbBeJ1o&sig=Cg0ArKJSzPJHhKS23qMIEAE&id=lidar2&mcvt=1117&p=0,0,124,1005&mtos=699,1117,1117,1117,1117&tos=699,418,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687357750394&rpt=830&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:29:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0BB 42 B
64 B 52ms
50ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJB4GpcfHqubSS72CsCC5ULInaMLiOeTEMu7c3WIx8RCNb4nDdY3KOj1fhyaTcSkbdjOC414geGz2ifNCCTjwnhKs&sig=Cg0ArKJSzLj8tRu0MOw-EAE&id=lidar2&mcvt=1143&p=0,0,600,200&mtos=1143,1143,1143,1143,1143&tos=1143,0,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687357750383&rpt=709&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 14:29:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0E69 0
127 B 42ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:29:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6059 0
0 41ms
40ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230615&jk=4127660269764500&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 31ms
30ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357752433&oz_l=32&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 148ms
20ms Preflight 3.8.219.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.219.7 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-219-7.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:29:12 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7F85 16 B
209 B 67ms
67ms Fetch
application/json 3.8.219.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.8.219.7 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-8-219-7.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 14:29:12 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7996 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2wz1rQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:29:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 31ms
31ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357752596&oz_l=73&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame D63C 0
150 B 27ms
14ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=13312400084588500951395012362024&a=57e774dd&vb=v
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/request_content.php?s=13312400084588500951395012362024&a=d1f8fcfe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 14:29:12 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
BLOB 200
OK fe771628-9053-451e-8a29-b4ac9da9eb5e
https://googleads.g.doubleclick.net/ Frame 7F85 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/fe771628-9053-451e-8a29-b4ac9da9eb5e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed52a25fb6bb9fa0efad8cd024e6f650b7827c4cdf7f5285cab8c328b76ab0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 817
Content-Type

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357752748&oz_l=8239&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 31ms
30ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357752955&oz_l=739&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:12 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 31ms
31ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357753105&oz_l=1028&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:12 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230615&jk=4127660269764500&bg=!eHuley_NAAaGYqkwpmI7ADkAdvg8WrCe-IsqSoVY0sQJ3V0KyAPwxuZ-EqHs4cF3Oih7wcQTNC7_GlAREdqu1L8RQ4wa4NEfJlACAAACc1IAAAAHaAEHmQLmTCZOBjgX1G9TN8m8F8pGDnw06eUDBsy-4fNWSMNu0TO-ybyMgNCxHnBwoJQKwARCbAu8aExNRvKrl-ahgwfUgLeC8MMhmYR6yLRQTPPN6I2VpnJr7NjzouZYJiJIJbJcdSJg9pKmOTHBHgWMbsT5Jzad2d0qSwTKIJiq9Oqfg4fiTy6FcBZce5DI_AYaRG90Aj4qinU-98PkkMRm6ldxmS2hZtB1nLgtCTfzHkoXxjqK61CxDGeKvq1zF87fkcqjY5RLfKboquN3a0cd7cez7KI5eMdGWrXUU7GdT2qTnJ9GwvSUjckAhA-86UtJ3dEKug3JrzxkdOalyMLR6wyjF9NgM3asa93AGK02Uevh04Jfvi3xT7Y9ZLqJgLbU0y-qLF2bdnSC575CyYF2qmeRSGlHh7UfwRYULtIHki9HtnVWUxJxgODvG_124Pb7haS6TL3Gm957uPXpRZebnNRF2wpCHFL2xnwM548DTfaHdVols_VX5RpHB9hMClxoa7f8TalBdgib9cZYIim-NzPVWMIR0LYAkfNEgG_-U2t-GkK88kSuGeJOXY5W37iGKibvuR7UOT00NsIm4OGpgMfPC0dXUI6Vu_-O-UbucAiweqmSYMkg8Uxe6a2fXN_eNUsxaONg4IdvOpOz28RIaPahHJ-BSI9l_tNoiTagJZ_9ua6arHaT9fXrUKSBD2XQvHhKAa2pM4NiT_A7BpNlLfJsxRUF6DPynOgz4qjyEOcHKnFDgTVXs_kJYnqP14EHR1vl0RpjuXv7T0c-M3emvCLWULs21QuYdlwAAtWyGLDQtdCYN9c-SjtR1OD-i0X2koSXsAJAQlIEHDOQet95gCcYoGgUT9RWjNTt89R6fe4JpGCO0sd4GoeoCCqFzyPCZVwAlanUQdceNXFC90-SmR5yXbZw8eCQdnkuhuEgHCjh700AHWkqAGwNFnobItD0VD8SoM4TXbeQapqnCGgvtfhCq2U8-pU-xg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.woaifanyi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 31ms
30ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357755616&oz_l=46&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 31ms
31ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357756784&oz_l=268&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 all
csm.eu.criteo.net/ Frame 858A 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 14:29:18 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/ Frame 7F85 0
145 B 35ms
35ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.96.0/619621/AhNCbYEMEeX9pEbX/postback?di=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd&pv=2c3ab911-cfec-40d2-8485-1f28d3b3cfed&pp=pub-6339460017086194&si=179723843&ci=619621&ui=0cd7417c-0000-0000-0000-000000000000&ap=&ac=651871&r1=2a01%3A4a0%3A2b%3A%3A&ti=6437277973215657758&sr=4&de=43000&c1=4562306&r2=&r3=&dt=6196211556140246740000&pd=avt&dm=160x600&cr=6622324&ai=216536&sid=AhNCbYEMEeX9pEbX&oz_sc=2b4953272affa9c8d3ffcd17&oz_df=1687357759163&oz_l=325&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 14:29:18 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.woaifanyi.com/	1970-01-20 22:04:13	Name: __gads Value: ID=2132c616ec8d53dd-22f8223ccbe1000c:T=1687357749:RT=1687357749:S=ALNI_MbxUDpL3DUm1p8aFHFeI6HXpeo__g
.woaifanyi.com/	1970-01-20 22:04:13	Name: __gpi Value: UID=00000c579c6fc10d:T=1687357749:RT=1687357749:S=ALNI_MYPe2_Y6moZhPrSEJAXc_3sDvPViA
.doubleclick.net/	1970-01-20 22:04:13	Name: IDE Value: AHWqTUkVPemmz5Wx3K8dmCua1Q4Wtx6QgybvxClCPVMtkUzcmcUBLhTbhmAEKq756Wk
.mathtag.com/	1970-01-20 21:28:13	Name: uuid Value: d38b6493-0936-4401-a42d-322400f1c115
.hm.baidu.com/	1970-01-20 22:18:37	Name: HMACCOUNT_BFESS Value: 752EA3980E8B9C74
.retailads.net/	1970-01-20 13:25:49	Name: ppb2172 Value: 2806339182
.woaifanyi.com/	1970-01-20 21:28:13	Name: Hm_lvt_5899173c4bb390c78c9ffd1e2846117d Value: 1687357751
.woaifanyi.com/	1969-12-31 23:59:59	Name: Hm_lpvt_5899173c4bb390c78c9ffd1e2846117d Value: 1687357751
.futalis.de/	1970-01-20 14:09:01	Name: raSIDb Value: 2806339182
.office-partner.de/	1970-01-20 22:18:37	Name: source Value: {"webgains_webgains":{"timestamp":1687357751479,"clickCookie":false}}

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6339460017086194&output=html&h=280&slotname=6604781984&adk=1209252267&adf=2184558861&pi=t.ma~as.6604781984&w=336&lmt=1687357749&format=336x280&url=https%3A%2F%2Fwww2.woaifanyi.com%2F8dHOITnUs3u%3Dd%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687357749510&bpp=1&bdt=1966&idt=221&shv=r20230615&mjsv=m202306200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&prev_slotnames=0442661610&nras=1&correlator=6897477800713&frm=20&pv=1&ga_vid=2082336651.1687357750&ga_sid=1687357750&ga_hid=429724422&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532277%2C42532279%2C31075511%2C44788441%2C44794790&oid=2&pvsid=4127660269764500&tmod=1824980510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=72jiNVS7zc&p=https%3A//www2.woaifanyi.com&dtd=225 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
worker	error	URL: blob:https://googleads.g.doubleclick.net/963c7514-2ae6-4b29-a141-59df7b3722b4 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/963c7514-2ae6-4b29-a141-59df7b3722b4' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/963c7514-2ae6-4b29-a141-59df7b3722b4 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/963c7514-2ae6-4b29-a141-59df7b3722b4' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cat.fr3.eu.criteo.com
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900024.redintelligence.net
hm.baidu.com
imageproxy.eu.criteo.net
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pv.medialead.de
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.update.mediamathtag.com
static.criteo.net
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www2.woaifanyi.com
wwwimg.woaifanyi.com
103.235.46.191
108.156.2.62
121.199.52.95
138.201.135.164
138.201.84.252
145.239.193.130
178.250.7.9
18.203.209.222
185.29.134.245
2606:4700::6811:180e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::200a
2a00:1450:4001:830::2002
2a01:4f8:d0a:2321::2
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::13
2a02:2638:d::4
2a02:2638:d::c
2a0b:4d07:102::1
3.11.176.98
3.8.219.7
49.12.16.151
94.23.99.218
95.101.148.198
99.86.4.94
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01edc3bf89264f8e2c388bb0de9d0e203bfb48063cfe55099b9f7636dcd561af
038b596f449c988b1a5290a9e235445370168101c5f98974e750f82b16025cbc
05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea
07751a4452d90de30097d712748254e9e63715762d020eab8f4d9a6d56912240
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09980d8843e8a42a807cfa7ca2b561f3eb807894566a66598dabfefb9c64a7b1
0ce9ada07a066413c1641c1432e9f8fde450bffcd17f247205796b6e34d27460
0ed52a25fb6bb9fa0efad8cd024e6f650b7827c4cdf7f5285cab8c328b76ab0e
1039404b97848cc0f6148d3fea1b12fa92189d6986c606c9ff3189080daa4aa3
10cb4770e50d81a183db600e2b32bde90f843d732ad7bd98c8cd677b9407aa02
178c13852e7feea6ee2810d130437c2185ce01e1c850a9d9a8a78891d695d130
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20bfae8fc60a51141b8554263d56c22aa2e02f44f04c98ecbfb72ae7009f710f
2264e211069dffe63d38c2362c1ee942c680feab21ce1c3430d3baf0f862ce7a
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2abd92a67553f2bd8b1e7606c729d9d15fde9cd2924346763ca9f78d6e508c57
2ece6bd89b2087c1b8fd2a9cafddcef7af5671be5992f0cd99525f7ce3a326f5
30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3dc61d019d26ca6eb0db382cf6751e488b15e25fc63737a43d696469539e3aad
3fe31cf93babaa8f377a3fc319bb2ca23a0caae909a930fa8e2d809f9ef115ba
3ffa85f47aa93c673d71a4d3392f698ae010a55a063bfaabedc35a22589dca42
4825ee2fa22308208ecdbd44cf8084f9c590486525eb62023d54b247af28f842
4c2f3b1c4fe5935f2f2fc614223aeed72d876d5b4be0ae03f8c3f4e869c94239
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51417b15a5ffce0339b61a579144effabcc5266aacde344cbc6740f8654235cd
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
546c56ff3242eab01eb921de6398eaa8787d55adfb6ba20c79a9436c93731684
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58c1ba13c0b73d0c996bc8a1b0018aaa5eebc3ec4dd57ef8f641d8b40baf093a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
63b9cf945c742d71d9e9879a9c07ee7d2fd6e0418caefcc81d63e7958602f32f
654db824c8783d91ce0f494e9fc3ee2fef49bc7dac13e990c888f982ea158c7f
666bff3c55e70f3fc6b26e26963b3fbd15b911dde192272b5e3b3b42072ee365
6810b029a0e87dec76629183b5962f2f58a2b5c9d9c90449523672c3c1485907
69b6d5e877183ac1a93161d4889e8620df2aae772195abff51a544a2ace72d2a
70da8ace6902ee458fe64deffd6b9a58a0e93b17049535af415f87440de4884f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7506ee85b5b2f14ffcdce2f19784c52fffd10a40aa439b2571e9b2b5412f720a
75a9956ca3cb6768c8eb27a4e06e7b9aab80724f0888ebceece991687341ccc2
7890d89931c5f13a7f07ac68a9fe0eb7a3548fffa31f50eacec1079f16bde8bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
838fa817dabee63a6a4710b8713344c707194b647d6e7d6e8f4074c5d03b448f
85beed1fee82b46cb3644d034550e1a48034f5645267d40433fb154427e7ab29
85c7dc72c9e160a309a82f3dbedc5318a7758f7f7fc237574fb06f0caec51ad1
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fdc043853596cbbff8b31c28ae9a0e8356e9b7cd7dea05fe3a1ca5ff653c7a5
90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7
91156631039b8716b523c0766ddff8e45b7a5d2a78460d20b2abb85f670a1bfe
9252536b0614218c38beeeaad84d7b51699063949f59b1bb60574c10801024eb
92f8f61d645b357028b65d38356ec2e2fb3b6b5012ad831f96ebdc310a0931dd
934ea902e5a8da6d2dc10edb85ba21707d0db685abcafe0a15148a9c3e4e5cec
95b1406e585d6e59aa12b4f764e9f5c9f12e84d480eb8cb90a874ef2b383abf4
95f479a3f581685a74eed1a32e1b4d7b5be127896a15ea2ca21f5a421987fd74
97078808797587c73e57e21509affe263a56847ef48500a3802e3fac2736a224
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a71e8bb42d91d5bfd60d6281e20f457fbe729042736be5cb8b87dbf70156c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64acf1469e1fb0336f092ce256e0c054e8f8c0ef90c46b55a72aa943be44425
b6590bfbd3f1ab50bf2fdf722884daf671624ee66131f2cb2ced7ef3648ccae8
b93f8ae75e227bb13ec7ce10de06233ae2235b7c4831fcbc3436d775631d9a31
bac1b00e0e7b220c23a48e29f49dba7f3f8d7999dbaa8dbb338492231ce27019
bf772baafd52d83295dee0f759cfbd9343d04d368febe8cd0287427c3f36e377
c075c84338157dc46cda1e385e3a09452ee95b59bd3c8d9ea7d1d97cf6c0f976
c26176de20958922c138833a3fef59f6eb7257c9df62394efb5fd2cb885f9775
c723ebf2a6cc8c3d06a8a923bc4f1f45b11cb21bde7fa3cff18673a07dff7f60
c751a74fa44ae281a9385bf6b7cdfdd7158b0c8630c04d58fbf24d74fc795bfc
c91e4803848d1b78c17b9bb77a6d67d69d1ae9ef77b515deb82412d915f0ae9c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca50387f74f334ae4614dd67f93dbeed10f5114b65ff73ca73c8cf6b592c2b4c
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cbacb4972b01f491076eaaf73a7cc36af2c997c90c41fb59592ac7384e1b4b94
ce22e0aef86f6d5269ed0d4873a281335883de51a54a26b18b2411627c8937b9
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05cb261ab62fbb442d271120b78c5303e5d89021a204896bcc9ddbb04ab56b8
d18d5324840925a7813c05b697f8c89a4217c9a815b6576798b33a9b9f5fdbf6
d63e925cd5fcbdfbd12b35790373a3cce288906f66032a401fd612b31a3d204a
d71ee89c7078ecb3302a286a141598279d83915f05268808164fec2f7ee1da99
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e878d62c7195e0d55b7c52987767116d9993e91dfccb6b10a9c5ebbbac19e33b
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebc5c643765c2364cb327b5d2238502bde5b1a0f0845d46e0dfc3298001fd098
ee17f640cb2379c65dbaf5138729b88b19db75e07856bd66b3f94197f487a284
eee12aa2bf214b1bc0f4c10ffa4f665062f3f7745450dba1b96540f24bd77703
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5d9518f927e995c9efd5358ddebe64d7023ee37fd5c9a28f78254f22b33b438
f89086b509b7c420d672b21815723fe0516021c0eb2d171a406a749c30f4abd5
fefe81e2e2d43f02acdf13d5c43e60eafa27dc231d451a8c4789dc88a66b4014
ffa3391d221eafa684f8a16ebbc0e1c7c77215c456b3580cac499acc35a54e26

www2.woaifanyi.com Open in urlscan Pro 121.199.52.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

183 Requests

98 %HTTPS

55 %IPv6

23 Domains

35 Subdomains

33 IPs

8 Countries

1946 kBTransfer

3799 kBSize

10 Cookies

158 Outgoing links

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www2.woaifanyi.com Open in urlscan Pro
121.199.52.95 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

98 %
HTTPS

55 %
IPv6

23
Domains

35
Subdomains

33
IPs

8
Countries

1946 kB
Transfer

3799 kB
Size

10
Cookies

183 HTTP transactions
4 data transactions