storage2.mammutmail.com Open in urlscan Pro
217.113.63.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Effective URL:
http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Submission Tags: falconsandbox
Submission: On February 19 via api (February 19th 2023, 8:44:17 am UTC) from US — Scanned from DE

Summary HTTP 204 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 11 countries across 36 domains to perform 204 HTTP transactions. The main IP is 217.113.63.144, located in Szigetszentmiklos, Hungary and belongs to DENINET-HU-AS, HU. The main domain is storage2.mammutmail.com.

This is the only time storage2.mammutmail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	217.113.63.144 217.113.63.144	29278 (DENINET-H...) (DENINET-HU-AS)
16	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1 4	81.0.120.8 81.0.120.8	12301 (INVITECH) (INVITECH)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 3	185.116.245.25 185.116.245.25	42263 (GERMANEDG...) (GERMANEDGECLOUD)
2 5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 1	185.51.66.37 185.51.66.37	47381 (SERVERGAR...) (SERVERGARDEN-AS Servergarden Kft.)
1 2	185.51.66.79 185.51.66.79	47381 (SERVERGAR...) (SERVERGARDEN-AS Servergarden Kft.)
2 2	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:b182:71dc:6cf5:e081	16509 (AMAZON-02) (AMAZON-02)
1 18	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 4	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:223... 2600:9000:223f:be00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4 4	35.157.246.219 35.157.246.219	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
27	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:401... 2a00:1450:4016:80c::2003	15169 (GOOGLE) (GOOGLE)
31	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
204	35

32 217.113.63.144 (Szigetszentmiklos, Hungary) 1 redirects

ASN29278 (DENINET-HU-AS, HU)
PTR: altair.neo-interactive.hu

mammutmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage2.mammutmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.0.120.8 (Hungary) 1 redirects

ASN12301 (INVITECH, HU)
PTR: ad.adverticum.net

ad.adverticum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.116.245.25 (Germany) 1 redirects

ASN42263 (GERMANEDGECLOUD, DE)

weloveiconfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.51.66.37 (Hungary) 1 redirects

ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU)
PTR: mail01.aera.hu

hu.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.51.66.79 (Hungary) 1 redirects

ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU)

hu.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:b182:71dc:6cf5:e081 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.185 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:be00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.246.219 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-219.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4016:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	criteo.net static.criteo.net — Cisco Umbrella Rank: 630 csm.eu.criteo.net — Cisco Umbrella Rank: 8410 pix.eu.criteo.net — Cisco Umbrella Rank: 8393	1 MB
33	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186	118 KB
32	mammutmail.com 1 redirects mammutmail.com storage2.mammutmail.com	1 MB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	376 KB
9	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8334 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13105 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 14647 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15146	149 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6232 adservice.google.de — Cisco Umbrella Rank: 9006	1 KB
5	google-analytics.com 2 redirects www.google-analytics.com — Cisco Umbrella Rank: 35	37 KB
4	gstatic.com csi.gstatic.com	396 B
4	360yield.com 4 redirects match.360yield.com — Cisco Umbrella Rank: 2330	2 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 590	2 KB
4	adverticum.net 1 redirects ad.adverticum.net — Cisco Umbrella Rank: 72015	79 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	15 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	144 KB
3	gemius.pl 2 redirects hu.hit.gemius.pl — Cisco Umbrella Rank: 186916	2 KB
3	weloveiconfonts.com 1 redirects weloveiconfonts.com — Cisco Umbrella Rank: 259842	32 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 337	952 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4255	655 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 758 r.turn.com — Cisco Umbrella Rank: 3192	869 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1408	486 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 74	63 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	208 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 788	75 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 4534	590 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1952	173 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	907 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1379	587 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 726	716 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 709	437 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 614	98 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 643	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	607 B
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1689
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	59 KB
204	36

	Domain	Requested by
31	pix.eu.criteo.net	ads.eu.criteo.com
30	storage2.mammutmail.com	storage2.mammutmail.com code.jquery.com
27	static.criteo.net	ads.eu.criteo.com
18	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	storage2.mammutmail.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com storage2.mammutmail.com
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	csm.eu.criteo.net	ads.eu.criteo.com
6	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	www.google-analytics.com	2 redirects storage2.mammutmail.com www.googletagmanager.com www.google-analytics.com
4	csi.gstatic.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	match.360yield.com	4 redirects
4	c1.adform.net	4 redirects
4	ad.adverticum.net	1 redirects storage2.mammutmail.com ad.adverticum.net
3	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
3	cdnjs.cloudflare.com	ads.eu.criteo.com
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	hu.hit.gemius.pl	2 redirects storage2.mammutmail.com
3	weloveiconfonts.com	1 redirects storage2.mammutmail.com weloveiconfonts.com
2	eb2.3lift.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	rtb.nl3.eu.criteo.com	storage2.mammutmail.com
2	www.google.de	storage2.mammutmail.com
2	stats.g.doubleclick.net	2 redirects
2	www.youtube.com	storage2.mammutmail.com www.youtube.com
2	code.jquery.com	storage2.mammutmail.com
2	mammutmail.com	1 redirects storage2.mammutmail.com
1	rtb.fr.eu.criteo.com
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	script.crazyegg.com	www.googletagmanager.com
1	www.googletagmanager.com	storage2.mammutmail.com
204	49

This site contains links to these domains. Also see Links.

Domain
helloblackfriday.hu
facebook.com
neo-interactive.hu

Subject Issuer	Validity	Valid
mammutmail.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
weloveiconfonts.com R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.adverticum.net RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-06-02` - `2023-07-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Frame ID: A1A7829FEF1E17047CAE52C8C2649F41
Requests: 64 HTTP requests in this frame

Frame: https://ad.adverticum.net/t/?z=7349845&g=7349844&b=734984900&h=[LOCATION]&p=2
Frame ID: A67DFB1C4DDBB21E499AB35C8FCC826C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041284171180831&output=html&h=250&slotname=5149010055&adk=1608662828&adf=834939530&pi=t.ma~as.5149010055&w=300&lmt=1676796250&url=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&wgl=1&dt=1676796249841&bpp=14&bdt=308&idt=272&shv=r20230215&mjsv=m202302130101&ptt=5&saldr=sa&abxe=1&correlator=5810592011346&rume=1&frm=20&pv=2&ga_vid=994145205.1676796250&ga_sid=1676796250&ga_hid=1442305254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44782466%2C31061691%2C31061692&oid=2&pvsid=2041264160343101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaneEr%7C&abl=CA&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=yxuf7OJWSb&p=http%3A//storage2.mammutmail.com&dtd=293
Frame ID: 68F3CC41D50EB2489C05A0A853337BFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041284171180831&output=html&h=90&slotname=6369758616&adk=1716098630&adf=3846954772&pi=t.ma~as.6369758616&w=728&lmt=1676796250&url=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&wgl=1&dt=1676796249930&bpp=5&bdt=396&idt=209&shv=r20230215&mjsv=m202302130101&ptt=5&saldr=sa&abxe=1&prev_slotnames=5149010055&correlator=5810592011346&rume=1&frm=20&pv=1&ga_vid=994145205.1676796250&ga_sid=1676796250&ga_hid=1442305254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44782466%2C31061691%2C31061692&oid=2&pvsid=2041264160343101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfneEr%7C&abl=NF&pfx=0&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Zi2qCqWJaC&p=http%3A//storage2.mammutmail.com&dtd=213
Frame ID: 0D560529B3AC434503FBE9FDD60785B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
Frame ID: 1CDFBDAFB414C7A9D17AAB0948B2C499
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041284171180831&output=html&adk=1812271804&adf=3025194257&lmt=1676796250&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C500x1080_r&format=0x0&url=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&ea=0&pra=7&wgl=1&dt=1676796250563&bpp=3&bdt=1029&idt=3&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ee537f467b4810f-22c73838e5dc00f8%3AT%3D1676796250%3ART%3D1676796250%3AS%3DALNI_MaJK9aZFz-4rW2rHQiq5hynliNkHA&gpic=UID%3D00000bb9040694f5%3AT%3D1676796250%3ART%3D1676796250%3AS%3DALNI_MaUsUZjIVE47uheFfSKm6lWboaGUQ&prev_slotnames=5149010055%2C6369758616&nras=1&correlator=5810592011346&rume=1&frm=20&pv=1&ga_vid=994145205.1676796250&ga_sid=1676796250&ga_hid=1442305254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44782466%2C31061691%2C31061692&oid=2&pvsid=2041264160343101&tmod=122387574&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=30
Frame ID: 5616455C8E81B0FD067868BAC60A3799
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7363DF636775E0E88B0AABBFE73FE1F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3062EC865ED9DE28DBDD2AFD5E327CF8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Frame ID: 36EA77166936CAD82846BD2CFAA2EB43
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Frame ID: 356E54B901896BD676556D0AB24DCDBB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9B17EC837EA777C08D523DCA2D0A64AC
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5EABioEAAGIw0MEjVpYATGL7PyOSQ&u=%7CZJvxsEhL7mdCU7ZVWSn0oTaYAqWMcyRpPIsATiExgBQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsPmYEtHnfFj6VuzCRzykUZR02TVEKmv1rKr9bOK9iNFmeP_535lN3J94qA5ri38_NALlrmy9cxxffwosa1MXvZLRYCmLsxTnZvuXBblswLlz7BvJDkGSCJ8Q0nk53hQvu_cMvdLYhstNR7OlpzCNlpl-deP-ANlZo_qwa4ZgrJ-t-tsKUxidWaJau3VJXDCqxOZcDnKWjIcbHDQGgfhjkpGdHEVhczvN-oqDxq24EVO5coGUwfuBM8wTbY7KW7Db41VIokngMgNdwwI4h2yEwLayrl7PG0x3_Rp0vUdRXnWlNY2oXLjoTUAZeI1MlPZCblEKDdkUCI7uEYJZVubzn_liE9_k7Ue3V2lwEPAJTweAcldCix7uDy-iMKUwhfjvU-OwY7bWFQoou82xCrLxHReIOTjLpQv_LrFKf031bP9UyQKeU19m-zggFF1y7lq2772pdcUnUzRVhw9vA6QB5QO9SyGFm92RyGhP6k1hyfoOtpul_8rW0eHJ04JciRXQk8as3khyXcL2d_JgCrHYk3EflnSpfk7tAtiRsHgV9Nl-ubqYW9G6g8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsv-PWuHxY5HXJYTUmLAPw5GGyAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDEyODQxNzExODA4MzHIAQmpAmB7KGJN8bE-qAMBqgT2AU_QVPqK7WDdPg9F-4PvzUg_LHlLWArK1ItpixnTUGhBLTI5fJwkCIrfejqGnzvQP-b7f2N_x9U97BpNmkW8E8_5TFE5i2Um74W_p4y8vMDGXsfXUTkogZIkcscWOxRS1cHJy8y2JHjLwU3V30ecGaRlmC3y2HNiVUtP-NnC8jP7PoqoE9w3-sHGIYtFQcT2YHxECDMZ0A6ccjUpYjUfsIayfyl1wS0LsAmhg7M4Lr6q4Cx38XJIQidLTPn8kffwFHDSqT4-6IndBcG_9mUvNYVm8LI2L2Sb6Qa3MEBpbTW33E6cg1FpvM9Hk2mV4Mt9VOpJdOOsL4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3c7ZseQQLdatJTzD8wNiXTvuB5ig%26client%3Dca-pub-6041284171180831%26adurl%3D
Frame ID: C601368B62A313632359ED6FB376B449
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28504783D895A9D47BC51CF0F9E93906
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5IABioEAAGIw-ivOEhMEdTU18i7mw&u=%7CZJvxsEhL7meD6Cdqr%2BPiiYDNS5%2FuPDqK6chX9uNO5q8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsPmYEtHnfFj6VuzCRzykUZR02TVEKmv1pvQMrMXwGae4kWjHOYYAubpmagcoBikmNILr7NfuSJN-xl7nOPMoe1oa8S4jSCCrLPROplYCCjyhV4nrQOPzxMy_wdpStGmabNdxv0C8OMSRSCle-7q9OLcJruwP1dlXFLhep58gqQ4rUspYJu_vauTM0YyYNqF4sh5Ho9jLpRlzVUaDvhuBV1l4XcOSmsyoe0gM-NfMDHxlbl6piSmaxbinmLDcBbdoMeb8Z2jayX31waRL7fyXdfl5qfH2zWzfg_Ey0dpCbxBML32V9TmoPvAn9mhWGjx2cqUfbSyuS2Hub5Wg_uHEEgopuABaOHnYa3SXXHl1eTSqtyuQfPw3HuD9aG5zwCMrgwUOupFXiW75Mm91igTA4cMt7_CgIAfdzI6qcUq2EH8fb0yLJXRJnI5GWEZ1satvhX8dDgn4o4Lr58dAS0kMLIl9ZAjD26V3MmwLALE4OZliQrnfD-7edcWCuTATelVb1HiugtCvV0imD6f6JDpMEq9ayyUfjCDsWWIrsn7xx24ZyEn4eFuaRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyUaYWuHxY5LXJYTUmLAPw5GGyAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDEyODQxNzExODA4MzHIAQmpAmB7KGJN8bE-qAMBqgT2AU_QwO0f3d0xUk-XVhNJA0r5aumTc3S1sxV4ct_nki1uJX6RlVUZFioNL0zfPBdWICOrG9cHHc9WxpqJXPqzV5UCI1sfyb4b8u-12JL2NXOleqVRdv0xmAtrdjmHM0plEbVdauHNqShdXznLU2TK_kN1vfSmAnFmBZYqPConN4hPT2JEPfUMEmINdYsq5HQ_WZxbGB_CsWaKaTNm39ewynm_3eX8vxK8SUS4PCJSsHXVYgoUaqIUD1ZtC4h2mbuAl5HpDCsd5KrUZecrz0xmn8CrjX_7ToEgbiUaA-f_4-RBg37mWeQLfDwwL3PyI55nrxw4Hldy5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37HXAjVQJRgyR136zng82FoSeM3g%26client%3Dca-pub-6041284171180831%26adurl%3D
Frame ID: 0143FF9D1DD72232731A1EF0706EEB03
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84B2D29BF01AA697A7DFFF416B9408EA
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5MABioEAAGIwzw4U2Y5XhmBehCPBg&u=%7CZJvxsEhL7mdZ05n6pLL%2BF0oYr0moDkJYKUl0jsoTubw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Ngpf3CH59wRcAK1df8GsuyJRce0udb-6kPEZHyDoz0MEAqeoSmpqXo_LCZ1mCDArqriXzNyfMV3iiX0z6EgSJA3wM7QTCMshaExudyAVOKQuUnrkii3BSGip9e5G-DOKIJUyzO1iRmbY00z2rjJGY60GeBuRW6ngJ0bCr72oVAz9SLNX01uaP1taG4q66edMmVlf9CBj6gd0k6_BNncxlPvZR0imE2cQXPpfjB5CQUOSBXSxdqqqJNcCPgu2P18uXg4ORis0V-P6Pv9-Oz1rQOVMVCFajwGsy9H8fcgoainMI5uPULZm6iW-cl-XSzraZnpi2T8wqB_TiVBHVhZjASTCB55HYEpmAQcBmMrRS-qOrzAmD6g809AtxxtyUlKBB1oEbYb3LcGBXAcueEPTWb56q7rDBP3Jr_61Vn0TS5n74T5UhBVp69dCF5oIQAtmYRB6onOOkdCPzP30xmplkdQzxaxmuSDC5dEZ250nmfhtAtoS6yx3U7a8uTzQiXnq9e5UOwQaH-HsNxfHm1Q5H_Zwich_YTR_Pp1KfoDOUShFcRd-SDFrjIXMZDI7w3gw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPU5KWuHxY5PXJYTUmLAPw5GGyAvJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQxMjg0MTcxMTgwODMxyAEJqQJgeyhiTfGxPqgDAaoE9wFP0AR9xvXYfYCew3_gbEjz_DgR0AcZCvcN5vv5RFueSeMVmjtu62-tuS3c2FjuMMeCtY3BEtbL-u4ejOAbAePYgisJTPSH_hX_QmAt04n9TzAASY6kZHdD4q1LMIk3CSqlUelTr3rtBovJvMfv8xbuKSddy7JuNS0iF6G9hjW9xvKnP-4TAFrdKPud7yXvDOdy4vEZAPeACYoGoJ7vUEcKir6DtkIxNX4e9NS91FM3wEQz-ryjd23ISvYgegN1v9ZE1AeBDWovCigfE5hhCEQG1fQXkcJqzwWjfLX-AQblSB3JRsoMdUx5GsdyK_RrFBGNbv4h6BnTgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nT5HeJISzSZRMuKuOAiFktt7L4g%26client%3Dca-pub-6041284171180831%26adurl%3D
Frame ID: 6BF95CCA7176B236B9CB8967981EAA41
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1460350F02A9235AA9B6FB55F6917F5B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mammutmail.com | Fájlküldés, nagy fájlok küldése

Page URL History Show full URLs

http://mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129 HTTP 302
http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129 Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 80%
Detected patterns

hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

204
Requests

73 %
HTTPS

57 %
IPv6

36
Domains

49
Subdomains

35
IPs

11
Countries

3739 kB
Transfer

6484 kB
Size

47
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://helloblackfriday.hu/

Search URL Search Domain Scan URL

URL: https://facebook.com/mammutmail

Search URL Search Domain Scan URL

URL: http://neo-interactive.hu/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129 HTTP 302
http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://ad.adverticum.net/g3.js HTTP 302
https://ad.adverticum.net/scripts/goa3/main/2.14.4b7/goa3.js

Request Chain 23

http://www.youtube.com/iframe_api HTTP 307
https://www.youtube.com/iframe_api

Request Chain 25

http://weloveiconfonts.com/api/?family=fontawesome HTTP 302
https://weloveiconfonts.com/api/?family=fontawesome

Request Chain 26

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 28

http://hu.hit.gemius.pl/_1676796249745/rexdot.gif?l=30&id=Apg7Kard8A0fUEDZIULKzKbSfbsg4S9W74k51m2c.WL.Q7&fr=1&tz=0&fv=-&href=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&ref=&screen=1600x1200&col=24&window=1600x1200 HTTP 301
https://hu.hit.gemius.pl/_sslredir/_1676796249745/rexdot.gif?l=30&id=Apg7Kard8A0fUEDZIULKzKbSfbsg4S9W74k51m2c.WL.Q7&fr=1&tz=0&fv=-&href=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&ref=&screen=1600x1200&col=24&window=1600x1200 HTTP 301
https://hu.hit.gemius.pl/__/_sslredir/_1676796249745/rexdot.gif?l=30&id=Apg7Kard8A0fUEDZIULKzKbSfbsg4S9W74k51m2c.WL.Q7&fr=1&tz=0&fv=-&href=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&ref=&screen=1600x1200&col=24&window=1600x1200

Request Chain 34

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=165637490&utmhn=storage2.mammutmail.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mammutmail.com%20%7C%20F%C3%A1jlk%C3%BCld%C3%A9s%2C%20nagy%20f%C3%A1jlok%20k%C3%BCld%C3%A9se&utmhid=1442305254&utmr=-&utmp=%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&utmht=1676796249921&utmac=UA-20966381-1&utmcc=__utma%3D1.1756958618.1676796250.1676796250.1676796250.1%3B%2B__utmz%3D1.1676796250.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1694471342&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=165637490&utmhn=storage2.mammutmail.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mammutmail.com%20%7C%20F%C3%A1jlk%C3%BCld%C3%A9s%2C%20nagy%20f%C3%A1jlok%20k%C3%BCld%C3%A9se&utmhid=1442305254&utmr=-&utmp=%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&utmht=1676796249921&utmac=UA-20966381-1&utmcc=__utma%3D1.1756958618.1676796250.1676796250.1676796250.1%3B%2B__utmz%3D1.1676796250.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1694471342&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-20966381-1&cid=1756958618.1676796250&jid=1694471342&_v=5.7.2&z=165637490 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20966381-1&cid=1756958618.1676796250&jid=1694471342&_v=5.7.2&z=165637490 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20966381-1&cid=1756958618.1676796250&jid=1694471342&_v=5.7.2&z=165637490&slf_rd=1&random=3151263532

Request Chain 35

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=500330011&utmhn=storage2.mammutmail.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mammutmail.com%20%7C%20F%C3%A1jlk%C3%BCld%C3%A9s%2C%20nagy%20f%C3%A1jlok%20k%C3%BCld%C3%A9se&utmhid=1442305254&utmr=-&utmp=%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&utmht=1676796249924&utmac=UA-1709340-11&utmcc=__utma%3D27847678.994145205.1676796250.1676796250.1676796250.1%3B%2B__utmz%3D27847678.1676796250.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=690077491&utmredir=1&utmmt=1&utmu=qhAgAAAAAAAAAAAAAAAAAAgE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=500330011&utmhn=storage2.mammutmail.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mammutmail.com%20%7C%20F%C3%A1jlk%C3%BCld%C3%A9s%2C%20nagy%20f%C3%A1jlok%20k%C3%BCld%C3%A9se&utmhid=1442305254&utmr=-&utmp=%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&utmht=1676796249924&utmac=UA-1709340-11&utmcc=__utma%3D27847678.994145205.1676796250.1676796250.1676796250.1%3B%2B__utmz%3D27847678.1676796250.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=690077491&utmredir=1&utmmt=1&utmu=qhAgAAAAAAAAAAAAAAAAAAgE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1709340-11&cid=994145205.1676796250&jid=690077491&_v=5.7.2&z=500330011 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1709340-11&cid=994145205.1676796250&jid=690077491&_v=5.7.2&z=500330011 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1709340-11&cid=994145205.1676796250&jid=690077491&_v=5.7.2&z=500330011&slf_rd=1&random=3038019411

Request Chain 96

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOYMe4h7M6AUV4mF0gz69pg&google_cver=1&google_push=Aa02lx82S-hQBAF3mRkFLW-fWnGOwsHjlAZ5mQhZr8BzAbQXR3veMhf6m-dFp5LcqrLQubelg66SvN5B4pIjkw3Oo7s5IEdsmywR3A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx82S-hQBAF3mRkFLW-fWnGOwsHjlAZ5mQhZr8BzAbQXR3veMhf6m-dFp5LcqrLQubelg66SvN5B4pIjkw3Oo7s5IEdsmywR3A&google_hm=eS0ybXQ5a1d4RTJwRVJEOFEzSU1yc2JnWU5TZlRucmIwan5B

Request Chain 97

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDRNH9x3BNZQ8Eql1aJDk7g&google_cver=1&google_push=Aa02lx8ugA2J5ELy_PhqcNGq6DnQ1RWgCS_Xqz1UgtInG85adiF8KsOBQF4DNAuHWKkbnRrN_6E9F0dhu4RjEnY7FpLpQpHSPIOutTs HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDRNH9x3BNZQ8Eql1aJDk7g&google_cver=1&google_push=Aa02lx8ugA2J5ELy_PhqcNGq6DnQ1RWgCS_Xqz1UgtInG85adiF8KsOBQF4DNAuHWKkbnRrN_6E9F0dhu4RjEnY7FpLpQpHSPIOutTs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNzE1MDcyODgxNzU3NDY3Mw&google_push=Aa02lx8ugA2J5ELy_PhqcNGq6DnQ1RWgCS_Xqz1UgtInG85adiF8KsOBQF4DNAuHWKkbnRrN_6E9F0dhu4RjEnY7FpLpQpHSPIOutTs

Request Chain 99

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECf9kE4cDphJ7DpyKy0CFxo&google_cver=1&google_push=Aa02lx-_6YdzKY3KF-GNvkboSo1ZWZs7PHcAsodO_aQjh9yDKdZBrykYaxl9IJXFkwf3UXLZJYLOark93OOgzpi-_42rvUYHYk_xv5A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECf9kE4cDphJ7DpyKy0CFxo&google_push=Aa02lx-_6YdzKY3KF-GNvkboSo1ZWZs7PHcAsodO_aQjh9yDKdZBrykYaxl9IJXFkwf3UXLZJYLOark93OOgzpi-_42rvUYHYk_xv5A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECf9kE4cDphJ7DpyKy0CFxo&google_hm=Y_HhW2_rsuAqUq7BsEC5qQAABLAAAAIB&google_nid=index&google_push=Aa02lx-_6YdzKY3KF-GNvkboSo1ZWZs7PHcAsodO_aQjh9yDKdZBrykYaxl9IJXFkwf3UXLZJYLOark93OOgzpi-_42rvUYHYk_xv5A

Request Chain 100

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL0inGJ5teD37MMG1X-eNLo&google_cver=1&google_push=Aa02lx_rpCMkYMj19jNav5MoFz61GeQu4oUBOZ3j_DaUl_LPWV1xSA5fYcC7Pc4VAlmlDgikeLsT7Ltr46eo-EiFvYGgZysp-jyrJYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_rpCMkYMj19jNav5MoFz61GeQu4oUBOZ3j_DaUl_LPWV1xSA5fYcC7Pc4VAlmlDgikeLsT7Ltr46eo-EiFvYGgZysp-jyrJYA

Request Chain 102

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM8xT0OiNtanNMmCODMLZtA&google_cver=1&google_push=Aa02lx-9ZGugPA40PefQA1U4z1QoSzGWxsjuEK3W6Z5ChjmF2v2kTTd4UGlPrQHEG4Kygr1zAfSndfEU_jaMc88OnP_sWftE8GhiJfuM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU2NTgxNTk2ODY2Mjc1NDkzOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM8xT0OiNtanNMmCODMLZtA&google_cver=1

Request Chain 103

https://um.simpli.fi/gp_match?google_gid=CAESEJE18fMOXfa5FQfR0wvBFp8&google_cver=1&google_push=Aa02lx_UD9t_qz81OjPEhl0b0A13k836NCGhUwyyYZ4j_FrwRmYNmnuENWQlUfC3nwBsaMi4Q4iXtdnLV_AqgSL2TavGi6C3Tt6lBQ2y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50F909E2AED844DB9DC03B82C6823E47&google_push=Aa02lx_UD9t_qz81OjPEhl0b0A13k836NCGhUwyyYZ4j_FrwRmYNmnuENWQlUfC3nwBsaMi4Q4iXtdnLV_AqgSL2TavGi6C3Tt6lBQ2y

Request Chain 104

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECA647mzo7QDceI_n3fKdPY&google_cver=1&google_push=Aa02lx9UyDBmNLZgeiBtwLZWSzrHP7KrYmRS1L69zVDfqnSDu4fdkjHYR8SjZl_IYClSye0xRWSed9ZTf-FRt31uvFV6IQbmvwnAxnM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMTc4NTA2MDExMTQxNTQzOA%3D%3D&google_push=Aa02lx9UyDBmNLZgeiBtwLZWSzrHP7KrYmRS1L69zVDfqnSDu4fdkjHYR8SjZl_IYClSye0xRWSed9ZTf-FRt31uvFV6IQbmvwnAxnM

Request Chain 105

https://d5p.de17a.com/cookies/google?google_gid=CAESEEzeWSWuyFXIG4n5mDUZrb4&google_cver=1&google_push=Aa02lx-fXW7XLtMAsT3q9HQtSRJGS-mtgyAigtfasrnXLMA1otgqwKFcQFhiLcIinRvKB-9tRyRygXyoMqThCnFL5QL7yn5t6VnxRkvr HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEzeWSWuyFXIG4n5mDUZrb4&google_cver=1&google_push=Aa02lx-fXW7XLtMAsT3q9HQtSRJGS-mtgyAigtfasrnXLMA1otgqwKFcQFhiLcIinRvKB-9tRyRygXyoMqThCnFL5QL7yn5t6VnxRkvr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-fXW7XLtMAsT3q9HQtSRJGS-mtgyAigtfasrnXLMA1otgqwKFcQFhiLcIinRvKB-9tRyRygXyoMqThCnFL5QL7yn5t6VnxRkvr

Request Chain 106

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDRNH9x3BNZQ8Eql1aJDk7g&google_cver=1&google_push=Aa02lx9w17jwJleWA5wS-4rLECY8-KXgHQoYYGEYeP7iRBCEdzNuVMreaCJ5v1E0TevN58lGbIIDs4cYPRUeXPo_gJGKVa949D2VaBQ3 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDRNH9x3BNZQ8Eql1aJDk7g&google_cver=1&google_push=Aa02lx9w17jwJleWA5wS-4rLECY8-KXgHQoYYGEYeP7iRBCEdzNuVMreaCJ5v1E0TevN58lGbIIDs4cYPRUeXPo_gJGKVa949D2VaBQ3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2NTEzMTczNTQxMjI2MjU2OA&google_push=Aa02lx9w17jwJleWA5wS-4rLECY8-KXgHQoYYGEYeP7iRBCEdzNuVMreaCJ5v1E0TevN58lGbIIDs4cYPRUeXPo_gJGKVa949D2VaBQ3

Request Chain 107

https://match.360yield.com/match/ebda?google_gid=CAESEBGRBWoECLFYT1nzHdaJTyQ&google_cver=1&google_push=Aa02lx8IkQuwBfgNTCxmWsBkJd9GPOxWiIydz5pNJkXzmgd9BYJ9qWlaZN5AMzGD4g1Kfq-QmZIWYXeBvBUUxpB8B753oGnQ08cMfbo HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBGRBWoECLFYT1nzHdaJTyQ&google_cver=1&google_push=Aa02lx8IkQuwBfgNTCxmWsBkJd9GPOxWiIydz5pNJkXzmgd9BYJ9qWlaZN5AMzGD4g1Kfq-QmZIWYXeBvBUUxpB8B753oGnQ08cMfbo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WIQ8l-bCQMGwgLY3Zdoldw&google_push=Aa02lx8IkQuwBfgNTCxmWsBkJd9GPOxWiIydz5pNJkXzmgd9BYJ9qWlaZN5AMzGD4g1Kfq-QmZIWYXeBvBUUxpB8B753oGnQ08cMfbo

Request Chain 108

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKJQGupNkNXfYoQKEIcL27w&google_cver=1&google_push=Aa02lx8wnd6IDRLeWjrqd73m_L1DwzYgcdH9Hq9wgey-cln40Gi6gOqgjk9oZPxm44zZNrKY1sRo4hQu5rCma2n_Z6mb93nOKtTefcYH HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8wnd6IDRLeWjrqd73m_L1DwzYgcdH9Hq9wgey-cln40Gi6gOqgjk9oZPxm44zZNrKY1sRo4hQu5rCma2n_Z6mb93nOKtTefcYH&google_gid=CAESEKJQGupNkNXfYoQKEIcL27w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg2MDY5OTEzNzY5NjgwMzk2OTU3&google_push=Aa02lx8wnd6IDRLeWjrqd73m_L1DwzYgcdH9Hq9wgey-cln40Gi6gOqgjk9oZPxm44zZNrKY1sRo4hQu5rCma2n_Z6mb93nOKtTefcYH

Request Chain 111

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB8vDE-MlgtYffRBboCmYVs&google_cver=1&google_push=Aa02lx94Y_Rd0BWv2ESOezWv2tStENLuBLmrsZMzBXeoRw3xW7WA8ay3hJuY4411pv3BYsIJO_AizM_SgPwO_IivvQp_qiXpr8_K_kw9EiJOvUbkkhUHRVSbFuts0iG-6cO0d2AjoCEGDeLBeig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx94Y_Rd0BWv2ESOezWv2tStENLuBLmrsZMzBXeoRw3xW7WA8ay3hJuY4411pv3BYsIJO_AizM_SgPwO_IivvQp_qiXpr8_K_kw9EiJOvUbkkhUHRVSbFuts0iG-6cO0d2AjoCEGDeLBeig

Request Chain 113

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOQiU-Ukk0fyG1f2lC14etE&google_cver=1&google_push=Aa02lx_fZxdm_bxhsuzxpTsnX30yfGOJmwxhxkqAW_ALoiMIo1y1IaPHuwiuUZYYCdy3OPJ3PDoAdMnUgWZW6F_OvZcaS_nnGMltzM7sNslqFysGNBR8vX0NdSYE48hm3lysnIJjJSZTgIRGSA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=EHEfuUHfTfiQgKQkzJQOoQ2&google_push=Aa02lx_fZxdm_bxhsuzxpTsnX30yfGOJmwxhxkqAW_ALoiMIo1y1IaPHuwiuUZYYCdy3OPJ3PDoAdMnUgWZW6F_OvZcaS_nnGMltzM7sNslqFysGNBR8vX0NdSYE48hm3lysnIJjJSZTgIRGSA

Request Chain 114

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOYMe4h7M6AUV4mF0gz69pg&google_cver=1&google_push=Aa02lx8FfB8ZA4vidnd58yNdh74VAgAJmb7bkXItQNDvO21F8Nryl4FhMJNWIBsjGlYxgnuXMZUOwVKITANq6OMNTvbQohHw7YBaU78CGmR9r8TguW0zK47XeA69_KT7Ncnhv7lHLSSNM-TCuw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8FfB8ZA4vidnd58yNdh74VAgAJmb7bkXItQNDvO21F8Nryl4FhMJNWIBsjGlYxgnuXMZUOwVKITANq6OMNTvbQohHw7YBaU78CGmR9r8TguW0zK47XeA69_KT7Ncnhv7lHLSSNM-TCuw&google_hm=eS02cUtUaE9GRTJwR1BBSEZmYnZabHJ2VWI2ZjdVV1JrQ35B

Request Chain 116

https://match.360yield.com/match/ebda?google_gid=CAESEBGRBWoECLFYT1nzHdaJTyQ&google_cver=1&google_push=Aa02lx_J3BggghjOWtxHgPRFcpImhj6lsXlO70xClSItubiCoo7w2_8Z5bC-OZZm3mCNay5gxSLExmzgfQIq4RHl4gM28d_TiTN-W273zIM_wmXjfx88ZybQpLHp8-Yk4FNsj_cWNbWLVC9dpt4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBGRBWoECLFYT1nzHdaJTyQ&google_cver=1&google_push=Aa02lx_J3BggghjOWtxHgPRFcpImhj6lsXlO70xClSItubiCoo7w2_8Z5bC-OZZm3mCNay5gxSLExmzgfQIq4RHl4gM28d_TiTN-W273zIM_wmXjfx88ZybQpLHp8-Yk4FNsj_cWNbWLVC9dpt4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sXt7oqJ9RiSADYvUmdtVSw&google_push=Aa02lx_J3BggghjOWtxHgPRFcpImhj6lsXlO70xClSItubiCoo7w2_8Z5bC-OZZm3mCNay5gxSLExmzgfQIq4RHl4gM28d_TiTN-W273zIM_wmXjfx88ZybQpLHp8-Yk4FNsj_cWNbWLVC9dpt4

204 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 5170bcb19297ca72236c2410c8f73129 Show response
storage2.mammutmail.com/hu/download/
Redirect Chain

http://mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

14 KB
5 KB

78ms
27ms

Document
text/html

217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 770f843d22aac8636d8fc23ec39c0e359a085308118935213dd6f0069a1e48de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4193
Content-Type: text/html; charset=utf-8
Date: Sun, 19 Feb 2023 08:44:09 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=65
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 19 Feb 2023 08:44:09 GMT
Keep-Alive: timeout=65
Location: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 200
OK styles.css
storage2.mammutmail.com/html5/css/ 707 B
651 B 24ms
24ms Stylesheet
text/css 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/css/styles.css
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 96c28d16cf0ed4fcefa71cf23d10e5c8dfa9a2f31f19a32754bcc502bf207f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:45 GMT
Server: nginx
ETag: W/"58fdcc55-2c3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK font-awesome.css
storage2.mammutmail.com/html5/css/ 34 KB
7 KB 47ms
24ms Stylesheet
text/css 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/css/font-awesome.css
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 279706ee535e9198ec37dd074643f35afee1f720008e2c6307b91c468a0ccb55

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:45 GMT
Server: nginx
ETag: W/"58fdcc55-8940"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK main.css
storage2.mammutmail.com/html5/css/ 32 KB
7 KB 50ms
25ms Stylesheet
text/css 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/css/main.css
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: a44268caa0acf1be2eb2060c715a525ba8053f3265ece6d2f5f0553e400ed103

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2020 09:39:47 GMT
Server: nginx
ETag: W/"5f59f463-809f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK jquery.fancybox.min.css
storage2.mammutmail.com/html5/css/ 10 KB
3 KB 50ms
26ms Stylesheet
text/css 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/css/jquery.fancybox.min.css
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 52974e1f2c9fb2f17952ee8185bb18407775682348bf1848083163cf841b10da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:45 GMT
Server: nginx
ETag: W/"58fdcc55-28b8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK xgemius.js Show response
mammutmail.com/ 7 KB
2 KB 207ms
24ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mammutmail.com/xgemius.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 912e91f1da607f20bd0c37ae412553bbc778dbe41bf805b5debfe54e05e4bc63

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2012 13:23:24 GMT
Server: nginx
ETag: W/"4ffc2ccc-1caa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK neo.svg
storage2.mammutmail.com/html5/images/ 1 KB
1001 B 36ms
24ms Image
image/svg+xml 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/neo.svg
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 111a99336ea21ac72d76be78f29d57d7824f3983e713ba0db786fd57ee668bff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:48 GMT
Server: nginx
ETag: W/"58fdcc58-534"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK header-logo-mammutmail_2_.png
storage2.mammutmail.com/html5/images/ 2 KB
2 KB 32ms
23ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/header-logo-mammutmail_2_.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: bca9b0890e434837446bcbc88fda1cb91a1cd1e7af1504b88389a37a3e8fdf92

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Last-Modified: Mon, 31 Jul 2017 19:12:40 GMT
Server: nginx
ETag: "597f8128-8c9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 2249

GET
H/1.1 200
OK 48.png
storage2.mammutmail.com/html5/images/ 739 B
994 B 31ms
23ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/48.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 6d0000b08cd91d60e92aa06a41e677c63c5d76710330d9432cf9efceb2e8d9d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:46 GMT
Server: nginx
ETag: "58fdcc56-2e3"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 739

GET
H/1.1 200
OK password_tip_icon.png
storage2.mammutmail.com/html5/images/ 3 KB
4 KB 56ms
23ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/password_tip_icon.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 3142ae3f23a444996fc5f710cdd968dcddce120a366fe16899a598a0f07284e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:48 GMT
Server: nginx
ETag: "58fdcc58-d8c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 3468

GET
H/1.1 200
OK message_icon.png
storage2.mammutmail.com/html5/images/ 3 KB
4 KB 53ms
26ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/message_icon.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 1511d779efff2e7c0a27d0fa4d46975df31c1b05fea03692fccb0c05a67d73f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:48 GMT
Server: nginx
ETag: "58fdcc58-d39"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 3385

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 98 KB
34 KB 214ms
121ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cae548ba98e69c5a9a6f52aceff6efacf1df684fc86f4f30392f8aeaed1c5ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33904
x-xss-protection: 0
server: cafe
etag: 3720583604877840412
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 08:44:09 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 98 KB
36 KB 115ms
79ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9d21e3846bdcd32e5e54fcc6d1a089feb05b74aff41a92b5d2315cffe07bf35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7677819233545936444
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 35951
X-XSS-Protection: 0
Expires: Sun, 19 Feb 2023 08:44:09 GMT

GET
H/1.1 200
OK jquery-1.12.4.js Show response
code.jquery.com/ 287 KB
86 KB 38ms
16ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.12.4.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Server: nginx
ETag: W/"620cd6ff-47a36"
Vary: Accept-Encoding
X-HW: 1676796249.dop121.am5.t,1676796249.cds313.am5.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 87176

GET
H/1.1 200
OK jquery.md5.js Show response
storage2.mammutmail.com/html5/js/ 9 KB
3 KB 26ms
23ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/js/jquery.md5.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:50 GMT
Server: nginx
ETag: W/"58fdcc5a-2586"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK application_site.js Show response
storage2.mammutmail.com/html5/js/ 5 KB
3 KB 26ms
24ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/js/application_site.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 8f87f92ca7ccf8665ef26bffc1b204fd5c358a222420dc708f922a3075546b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jun 2017 05:22:33 GMT
Server: nginx
ETag: W/"593f7699-144f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 38ms
16ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Server: nginx
ETag: W/"28feccc0-7f20a"
Vary: Accept-Encoding
X-HW: 1676796249.dop250.am5.t,1676796249.cds222.am5.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 124434

GET
H/1.1 200
OK circle-progress.js Show response
storage2.mammutmail.com/html5/js/ 15 KB
5 KB 27ms
24ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/js/circle-progress.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 0b58ded0d4dae58a6a7e8d7476a34c55bdfa7f6b87a10dc0e62c3c09d9627220

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:49 GMT
Server: nginx
ETag: W/"58fdcc59-3dd5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK jquery.fancybox.min.js Show response
storage2.mammutmail.com/html5/js/ 44 KB
15 KB 28ms
25ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/js/jquery.fancybox.min.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 3174fe0090fc1dd5d0e272c46ea90ca96df05d77ef8da190b7f43f8919413525

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:50 GMT
Server: nginx
ETag: W/"58fdcc5a-b1bc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK jquery.storageapi.min.js Show response
storage2.mammutmail.com/html5/js/ 7 KB
2 KB 79ms
23ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/js/jquery.storageapi.min.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 9471f7d2613b17a6c369ca5df1686cb2a752d24ae90ddae9db40d997a1124378

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:50 GMT
Server: nginx
ETag: W/"58fdcc5a-1b3d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1

200
OK

goa3.js Show response
ad.adverticum.net/scripts/goa3/main/2.14.4b7/
Redirect Chain

http://ad.adverticum.net/g3.js
https://ad.adverticum.net/scripts/goa3/main/2.14.4b7/goa3.js

203 KB
78 KB

66ms
21ms

Script
text/javascript

81.0.120.8
INVITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adverticum.net/scripts/goa3/main/2.14.4b7/goa3.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 81.0.120.8 , Hungary, ASN12301 (INVITECH, HU),
Reverse DNS: ad.adverticum.net
Software: nginx /
Resource Hash: 0a48130ff2e9d3f97f199c0eb2c7a4273eb96d9cc0fb585fb877d1498190739a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript, charset=utf-8
Cache-Control: max-age=17791628, public, no-transform
X-Adfe: ads00
Expires: Wed, 13 Sep 2023 06:51:17 GMT

Redirect headers

Location: https://ad.adverticum.net/scripts/goa3/main/2.14.4b7/goa3.js
Date: Sun, 19 Feb 2023 08:44:09 GMT
Cache-Control: public,max-age=2,must-revalidate,no-transform
Last-Modified: Tue, 13 Sep 2022 06:51:18 GMT
ETag: 2.14.4b7
Content-Length: 0
Expires: Sun, 19 Feb 2023 09:17:29 GMT

GET
H/1.1 200
OK background-handler.js Show response
storage2.mammutmail.com/html5/js/ 6 KB
2 KB 24ms
23ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/js/background-handler.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 54fe9c8668523ff74710ca832bc8396155bb36fee6e4aa4a1aacdc3dad8d2ba6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Apr 2021 09:30:38 GMT
Server: nginx
ETag: W/"6087d9be-18cb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK download.js Show response
storage2.mammutmail.com/html5/js/ 12 KB
3 KB 24ms
23ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/js/download.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 02457c0ea98cb1929e8a3b8e8a94b9a40c319310c882de628064f15debc8434b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Nov 2020 18:20:51 GMT
Server: nginx
ETag: W/"5fb2c303-2e8e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H/1.1 200
OK common.js Show response
storage2.mammutmail.com/html5/js/ 5 KB
2 KB 23ms
23ms Script
application/javascript 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/js/common.js
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: d834ba1c8de1523c18338d80216e62cfdc56d69cfd2bffc5814dfd0c0f477cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Nov 2020 09:13:44 GMT
Server: nginx
ETag: W/"5fb788c8-1356"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=65

GET
H2

200

iframe_api Show response
www.youtube.com/
Redirect Chain

http://www.youtube.com/iframe_api
https://www.youtube.com/iframe_api

992 B
2 KB

138ms
54ms

Script
text/javascript

2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21437cf9c0d87c2e3c6ade864137f5536fd865a64333075ce431174e342dee74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 19 Feb 2023 08:44:09 GMT

Redirect headers

Location: https://www.youtube.com/iframe_api
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK themify-icons.css
storage2.mammutmail.com/html5/css/ 16 KB
3 KB 24ms
23ms Stylesheet
text/css 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/css/themify-icons.css
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/main.css
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 08a0af9f03516172bb3d8d31eebb64510f1e7ba84881c9d99f9809a28b94374f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/html5/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Apr 2017 09:58:45 GMT
Server: nginx
ETag: W/"58fdcc55-4042"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=65

GET
H2

200

/
weloveiconfonts.com/api/
Redirect Chain

http://weloveiconfonts.com/api/?family=fontawesome
https://weloveiconfonts.com/api/?family=fontawesome

12 KB
3 KB

25ms
8ms

Stylesheet
text/css

185.116.245.25
GERMANEDGECLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveiconfonts.com/api/?family=fontawesome

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/main.css

Protocol

Server

185.116.245.25 , Germany, ASN42263 (GERMANEDGECLOUD, DE),

Reverse DNS

Software

/ PHP/7.2.18

Resource Hash

218bbefc083add1bdbb990a49978d75a564e07b562605f9fed281fe56ddc650e

Security Headers

Name	Value
Content-Security-Policy	script-src: https://themes.googleusercontent.com
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	: nosniff
X-Frame-Options	: DENY
X-Xss-Protection	: 1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:43:39 GMT
content-encoding: gzip
x-content-type-options: : nosniff
strict-transport-security: max-age=15768000
content-security-policy: script-src: https://themes.googleusercontent.com
age: 30
x-powered-by: PHP/7.2.18
grace: none
x-cache: HIT
content-length: 2171
x-xss-protection: : 1;mode=block
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-frame-options: : DENY
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

Location: https://weloveiconfonts.com/api/?family=fontawesome
Cache-Control: no-cache
Content-length: 0

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

125ms
38ms

Script
text/javascript

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 07:28:02 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4567
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 19 Feb 2023 09:28:02 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
59 KB 141ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVSZKDH

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70146862a04c07758674b8e452ad901ad19d38c7ff838b603e887789e168cd70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59552
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Feb 2023 08:44:09 GMT

GET
H2

200

rexdot.gif
hu.hit.gemius.pl/__/_sslredir/_1676796249745/
Redirect Chain

http://hu.hit.gemius.pl/_1676796249745/rexdot.gif?l=30&id=Apg7Kard8A0fUEDZIULKzKbSfbsg4S9W74k51m2c.WL.Q7&fr=1&tz=0&fv=-&href=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca722...
https://hu.hit.gemius.pl/_sslredir/_1676796249745/rexdot.gif?l=30&id=Apg7Kard8A0fUEDZIULKzKbSfbsg4S9W74k51m2c.WL.Q7&fr=1&tz=0&fv=-&href=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bc...
https://hu.hit.gemius.pl/__/_sslredir/_1676796249745/rexdot.gif?l=30&id=Apg7Kard8A0fUEDZIULKzKbSfbsg4S9W74k51m2c.WL.Q7&fr=1&tz=0&fv=-&href=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F517...

43 B
219 B

31ms
31ms

Image
image/gif

185.51.66.79
SERVERGARDEN-AS S...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hu.hit.gemius.pl/__/_sslredir/_1676796249745/rexdot.gif?l=30&id=Apg7Kard8A0fUEDZIULKzKbSfbsg4S9W74k51m2c.WL.Q7&fr=1&tz=0&fv=-&href=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&ref=&screen=1600x1200&col=24&window=1600x1200
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: H2
Server: 185.51.66.79 , Hungary, ASN47381 (SERVERGARDEN-AS Servergarden Kft., HU),
Reverse DNS
Software: GHC /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:09 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 43
expires: Sat, 18 Feb 2023 08:44:09 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:09 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_sslredir/_1676796249745/rexdot.gif?l=30&id=Apg7Kard8A0fUEDZIULKzKbSfbsg4S9W74k51m2c.WL.Q7&fr=1&tz=0&fv=-&href=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&ref=&screen=1600x1200&col=24&window=1600x1200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 18 Feb 2023 08:44:09 GMT

GET
H/1.1 200
OK flag_en.png
storage2.mammutmail.com/html5/images/ 2 KB
2 KB 35ms
23ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/flag_en.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/main.css
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 45135e144bfbdee4aa4bbce74dddccf8062d84c08fabb9ad7195c371096e2a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/html5/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:47 GMT
Server: nginx
ETag: "58fdcc57-7b2"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 1970

GET
H2 200 fontawesome-webfont.woff
weloveiconfonts.com/api/fonts/fontawesome/ 29 KB
29 KB 29ms
13ms Font
font/woff 185.116.245.25
GERMANEDGECLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://weloveiconfonts.com/api/fonts/fontawesome/fontawesome-webfont.woff

Requested by

Host: weloveiconfonts.com
URL: https://weloveiconfonts.com/api/?family=fontawesome

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.116.245.25 , Germany, ASN42263 (GERMANEDGECLOUD, DE),

Reverse DNS

Software

Resource Hash

a6fb906942932de53852ee244ee3fec27bca0bf63a96421672aa4784851b8d4b

Security Headers

Name	Value
Content-Security-Policy	script-src: https://themes.googleusercontent.com
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	: nosniff
X-Frame-Options	: DENY
X-Xss-Protection	: 1;mode=block

Request headers

Referer: https://weloveiconfonts.com/api/?family=fontawesome
Origin: http://storage2.mammutmail.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:43:10 GMT
strict-transport-security: max-age=15768000
x-content-type-options: : nosniff
content-security-policy: script-src: https://themes.googleusercontent.com
age: 59
grace: none
x-cache: HIT
content-length: 29380
x-xss-protection: : 1;mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 May 2019 12:35:06 GMT
etag: "5cdffbfa-72c4"
x-frame-options: : DENY
content-type: font/woff
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK input_bg.png
storage2.mammutmail.com/html5/images/ 8 KB
8 KB 41ms
23ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/input_bg.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/main.css
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 0c0a40ab702b52bcccc7116d58fbff97c5a9b51ce64efdd06aee4d2b50516921

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/html5/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:47 GMT
Server: nginx
ETag: "58fdcc57-2098"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 8344

GET
H/1.1 200
OK fontawesome-webfont.woff2
storage2.mammutmail.com/html5/fonts/ 70 KB
70 KB 27ms
23ms Font
application/octet-stream 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/html5/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/font-awesome.css
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: http://storage2.mammutmail.com/html5/css/font-awesome.css
Origin: http://storage2.mammutmail.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:09 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:46 GMT
Server: nginx
ETag: "58fdcc56-118d8"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 71896

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
120 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6041284171180831&plah=storage2.mammutmail.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27a4c378768bd08f78c63ff76b9f467301182ef9145136aaef7f0e0157963468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122949
x-xss-protection: 0
server: cafe
etag: 12223999103632100241
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 08:44:09 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=165637490&utmhn=storage2.mammutmail.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=165637490&utmhn=storage2.mammutmail.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-20966381-1&cid=1756958618.1676796250&jid=1694471342&_v=5.7.2&z=165637490
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20966381-1&cid=1756958618.1676796250&jid=1694471342&_v=5.7.2&z=165637490
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20966381-1&cid=1756958618.1676796250&jid=1694471342&_v=5.7.2&z=165637490&slf_rd=1&random=3151263532

42 B
107 B

153ms
47ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20966381-1&cid=1756958618.1676796250&jid=1694471342&_v=5.7.2&z=165637490&slf_rd=1&random=3151263532

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-20966381-1&cid=1756958618.1676796250&jid=1694471342&_v=5.7.2&z=165637490&slf_rd=1&random=3151263532
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=500330011&utmhn=storage2.mammutmail.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=500330011&utmhn=storage2.mammutmail.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1709340-11&cid=994145205.1676796250&jid=690077491&_v=5.7.2&z=500330011
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1709340-11&cid=994145205.1676796250&jid=690077491&_v=5.7.2&z=500330011
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1709340-11&cid=994145205.1676796250&jid=690077491&_v=5.7.2&z=500330011&slf_rd=1&random=3038019411

42 B
408 B

151ms
46ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1709340-11&cid=994145205.1676796250&jid=690077491&_v=5.7.2&z=500330011&slf_rd=1&random=3038019411

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1709340-11&cid=994145205.1676796250&jid=690077491&_v=5.7.2&z=500330011&slf_rd=1&random=3038019411
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/ 183 KB
61 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/11e3a4ec/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: http://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda4626079d40384245b08cf2cbe79ba640b342ae024acefa024896a51a5d92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62469
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Feb 2024 08:21:09 GMT

GET
H/1.1 200
OK / Show response
ad.adverticum.net/t/ Frame A67D 0
559 B 28ms
28ms Document
text/html 81.0.120.8
INVITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adverticum.net/t/?z=7349845&g=7349844&b=734984900&h=[LOCATION]&p=2
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.0.120.8 , Hungary, ASN12301 (INVITECH, HU),
Reverse DNS: ad.adverticum.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private,no-cache,no-store,must-revalidate,max-age=0
Content-Length: 0
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="https://ad.adverticum.net/w3c/p3p.xml", CP="NON DSP COR PSAa PSDa OUR IND UNI COM NAV INT DEM CNT PRE LOC"
Pragma: no-cache

POST
H/1.1 200
OK download Show response
storage2.mammutmail.com/hu/app-start/ 390 B
620 B 28ms
28ms XHR
text/xml 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/hu/app-start/download
Requested by: Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.12.4.js
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: cdf5bb6673f90343d2ba35bc2f76bbcec13381859706bb505360d5fcef081f77

Request headers

Accept: */*
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 08:44:10 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/xml; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=65
Content-Length: 257
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK download Show response
storage2.mammutmail.com/hu/ 223 B
563 B 31ms
30ms XHR
text/xml 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/hu/download
Requested by: Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.12.4.js
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: b9edd815648f1d9dfd9915505b3053dda2087b0421efd4d6926cb1c017666160

Request headers

Accept: */*
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 19 Feb 2023 08:44:10 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/xml; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=65
Content-Length: 200
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK aquaticum2301.xml Show response
storage2.mammutmail.com/content/background/xml/ 214 B
482 B 24ms
24ms XHR
text/xml 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://storage2.mammutmail.com/content/background/xml/aquaticum2301.xml
Requested by: Host: code.jquery.com
URL: http://code.jquery.com/jquery-1.12.4.js
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 83b2feabab35b88d2eff37f9f1e1edc98812f124c002aacfcaa0106caa651ec1

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/xml

Response headers

Date: Sun, 19 Feb 2023 08:44:10 GMT
Last-Modified: Wed, 01 Feb 2023 08:01:28 GMT
Server: nginx
ETag: "63da1c58-d6"
Content-Type: text/xml; charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 214

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVSZKDH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 Feb 2023 08:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 19 Feb 2023 10:14:50 GMT

GET
H2 410 7162.js
script.crazyegg.com/pages/scripts/0108/ 0
0 61ms
22ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0108/7162.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVSZKDH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Feb 2023 21:55:54 GMT
server: cloudflare
age: 38896
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 79bdb81348a9bb73-FRA
content-length: 0

GET
H/1.1 200
OK aquaticum-mammutmail23x1080.jpg
storage2.mammutmail.com/content/background/channel/aquaticum2301/ 986 KB
987 KB 24ms
23ms Image
image/jpeg 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/content/background/channel/aquaticum2301/aquaticum-mammutmail23x1080.jpg
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: e186cdb006192feaf9e4b468dfdeb3a7567c4ffd134ff264ef3f99786f5fdb87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:10 GMT
Last-Modified: Tue, 31 Jan 2023 09:13:26 GMT
Server: nginx
ETag: "63d8dbb6-f69b9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 1010105

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/ 54 KB
21 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6041284171180831&plah=storage2.mammutmail.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

157a74033897672fd1c554137a7ed332ecece75c8e5b8b4a74d44906d1a86332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 23:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21203
x-xss-protection: 0
server: cafe
etag: 11337872500594943504
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 23:13:39 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 144ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=storage2.mammutmail.com&callback=_gfp_s_&client=ca-pub-6041284171180831

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05a86778853bc93064bf17c58c64353e343ca8b03b8dc8c8cc57173d451613aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 163ms
44ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=storage2.mammutmail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 146ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=storage2.mammutmail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 68F3 436 B
700 B 248ms
149ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041284171180831&output=html&h=250&slotname=5149010055&adk=1608662828&adf=834939530&pi=t.ma~as.5149010055&w=300&lmt=1676796250&url=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&wgl=1&dt=1676796249841&bpp=14&bdt=308&idt=272&shv=r20230215&mjsv=m202302130101&ptt=5&saldr=sa&abxe=1&correlator=5810592011346&rume=1&frm=20&pv=2&ga_vid=994145205.1676796250&ga_sid=1676796250&ga_hid=1442305254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44782466%2C31061691%2C31061692&oid=2&pvsid=2041264160343101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaneEr%7C&abl=CA&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=yxuf7OJWSb&p=http%3A//storage2.mammutmail.com&dtd=293

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a361e4335bd3bc88de2221bc629dd6f63bb1a85df115efacfcdbd202604d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 08:44:10 GMT
expires: Sun, 19 Feb 2023 08:44:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D56 436 B
379 B 278ms
188ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041284171180831&output=html&h=90&slotname=6369758616&adk=1716098630&adf=3846954772&pi=t.ma~as.6369758616&w=728&lmt=1676796250&url=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&wgl=1&dt=1676796249930&bpp=5&bdt=396&idt=209&shv=r20230215&mjsv=m202302130101&ptt=5&saldr=sa&abxe=1&prev_slotnames=5149010055&correlator=5810592011346&rume=1&frm=20&pv=1&ga_vid=994145205.1676796250&ga_sid=1676796250&ga_hid=1442305254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44782466%2C31061691%2C31061692&oid=2&pvsid=2041264160343101&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfneEr%7C&abl=NF&pfx=0&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Zi2qCqWJaC&p=http%3A//storage2.mammutmail.com&dtd=213

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a869db9a7b7a0b2a2d28c2d7a31217605a955eb7fd2554c09ea1ecd6f3783359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 08:44:10 GMT
expires: Sun, 19 Feb 2023 08:44:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 45ms
45ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1442305254&t=pageview&_s=1&dl=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&ul=en-us&de=UTF-8&dt=Mammutmail.com%20%7C%20F%C3%A1jlk%C3%BCld%C3%A9s%2C%20nagy%20f%C3%A1jlok%20k%C3%BCld%C3%A9se&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=27847678.994145205.1676796250.1676796250.1676796250.1&_utmz=27847678.1676796250.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1676796250167&_u=YQBCAEABAAAAACAAI~&jid=1697988240&gjid=1467718986&cid=994145205.1676796250&tid=UA-12345-1&_gid=401301028.1676796250&_r=1&_slc=1&gtm=45He32f0n81TVSZKDH&z=333115498

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://storage2.mammutmail.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://storage2.mammutmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e3e5823ca053398d153904843df07a73335a811e7b12e9994087bea5ec3c189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49348
x-xss-protection: 0
server: cafe
etag: 11484758309476234235
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 08:44:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 162ms
85ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230215&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaab0f0f4a5dcdb29761df51a8f7a53e2e73aea329bf64976769d9b477f4fa0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11038
x-xss-protection: 0

GET
H/1.1 200
OK banner-stripe.png
storage2.mammutmail.com/html5/images/ 927 B
1 KB 26ms
25ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/banner-stripe.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/main.css
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: c98f2cbc31e1fad29b0eb23162c026a0d0e3f856ed02bf915a11dc02c9e136c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/html5/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:10 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:46 GMT
Server: nginx
ETag: "58fdcc56-39f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 927

GET
H/1.1 200
OK banner-bg-border.png
storage2.mammutmail.com/html5/images/ 1 KB
2 KB 25ms
24ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/banner-bg-border.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/main.css
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 44a6c2d96a041a38e4eadea873108cf9f45e1dd763800bce5dffa01fcc6eb22f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/html5/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:10 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:46 GMT
Server: nginx
ETag: "58fdcc56-534"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 1332

GET
H/1.1 200
OK banner-open.png
storage2.mammutmail.com/html5/images/ 2 KB
2 KB 25ms
24ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/banner-open.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/main.css
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: a643d5c3d245bb96a8d46f0ae1b6773805b77a942bb670060ca97a7140039ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/html5/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:10 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:46 GMT
Server: nginx
ETag: "58fdcc56-67c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 1660

GET
H/1.1 200
OK banner-close.png
storage2.mammutmail.com/html5/images/ 2 KB
2 KB 24ms
23ms Image
image/png 217.113.63.144
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage2.mammutmail.com/html5/images/banner-close.png
Requested by: Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/html5/css/main.css
Protocol: HTTP/1.1
Server: 217.113.63.144 Szigetszentmiklos, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: altair.neo-interactive.hu
Software: nginx /
Resource Hash: 59c6a9c772e860a6ed3dfa8bb58a72d911f43d2d7f82b2db4b8b9992258d8efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/html5/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 08:44:10 GMT
Last-Modified: Mon, 24 Apr 2017 09:58:46 GMT
Server: nginx
ETag: "58fdcc56-64a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=65
Content-Length: 1610

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/ Frame 1CDF 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 20:03:26 GMT
etag: 10353107486223812946
expires: Sat, 04 Mar 2023 20:03:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 46ms
45ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=storage2.mammutmail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=storage2.mammutmail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5616 145 KB
26 KB 443ms
442ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6041284171180831&output=html&adk=1812271804&adf=3025194257&lmt=1676796250&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C500x1080_r&format=0x0&url=http%3A%2F%2Fstorage2.mammutmail.com%2Fhu%2Fdownload%2F5170bcb19297ca72236c2410c8f73129&ea=0&pra=7&wgl=1&dt=1676796250563&bpp=3&bdt=1029&idt=3&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ee537f467b4810f-22c73838e5dc00f8%3AT%3D1676796250%3ART%3D1676796250%3AS%3DALNI_MaJK9aZFz-4rW2rHQiq5hynliNkHA&gpic=UID%3D00000bb9040694f5%3AT%3D1676796250%3ART%3D1676796250%3AS%3DALNI_MaUsUZjIVE47uheFfSKm6lWboaGUQ&prev_slotnames=5149010055%2C6369758616&nras=1&correlator=5810592011346&rume=1&frm=20&pv=1&ga_vid=994145205.1676796250&ga_sid=1676796250&ga_hid=1442305254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44782466%2C31061691%2C31061692&oid=2&pvsid=2041264160343101&tmod=122387574&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6473692d5095b22701c23f8ae8fb6e82a942a9b722169014bc1be6ec3119231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26651
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 08:44:11 GMT
expires: Sun, 19 Feb 2023 08:44:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 157ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 08:44:10 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7363 13 KB
5 KB 39ms
37ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 22:30:59 GMT
expires: Sun, 18 Feb 2024 22:30:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3062 783 B
968 B 46ms
46ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

762a4d5b65ea5d650f692bcc7a870b93e69c68471262fb60986fd2806a0ea2c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S5NxrYQi6onEaSkIwcBIgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-S5NxrYQi6onEaSkIwcBIgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 08:44:10 GMT
expires: Sun, 19 Feb 2023 08:44:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3062 0
0 72ms
72ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230215&jk=2041264160343101&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame 7363 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 22:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 22:20:57 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7363 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7LbvDg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK z Show response
ad.adverticum.net/ 152 B
820 B 21ms
21ms Script
text/javascript 81.0.120.8
INVITECH

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adverticum.net/z?s=JSONP&p=eyJoIjoic3RvcmFnZTIubWFtbXV0bWFpbC5jb20iLCJxIjoiIiwidSI6Imh0dHA6Ly9zdG9yYWdlMi5tYW1tdXRtYWlsLmNvbS9odS9kb3dubG9hZC81MTcwYmNiMTkyOTdjYTcyMjM2YzI0MTBjOGY3MzEyOSIsImQiOnsibCI6Imh1IiwiayI6eyJqZWxzesOzdmFsIjoxLCJ2w6lkZXR0IjoxLCJjc29tYWciOjF9LCJtayI6bnVsbCwiYyI6InRleHQvaHRtbCIsInIiOiIifSwiY1QiOm51bGwsImxjVCI6ZmFsc2UsInBJIjoxNjc2Nzk2MjUwMDMyLCJzIjpbXSwidEQiOnt9LCJ6Z2JzIjpbXX0%3D&c=eyJjIjp7InUiOiIwMDAwMDAwIiwiaCI6IiJ9LCJ2IjoiMi4xNC40YjciLCJiIjp7ImNocm9tZSI6dHJ1ZSwid2Via2l0Ijp0cnVlfSwiYlYiOjExMCwiYkwiOiJlbi1VUyIsImJQIjp7ImphdmEiOjAsImZsYXNoIjpudWxsLCJzbCI6MH0sImJUIjoiZGVza3RvcCIsInMiOnsidyI6MTYwMCwiaCI6MTIwMCwiZCI6MjQsIm1XIjoxNjAwLCJtSCI6MTIwMH0sImciOnt9LCJ0Ijp7fX0%3D&z=eyJ6Ijp7IjQwODQ4NjMiOnt9fSwicyI6ZmFsc2V9&cb=_jqjsp
Requested by: Host: ad.adverticum.net
URL: http://ad.adverticum.net/g3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.0.120.8 , Hungary, ASN12301 (INVITECH, HU),
Reverse DNS: ad.adverticum.net
Software: /
Resource Hash: b4caba6d7a2d95a54197fe39f477310531d0b383cf3362619529795f96559373

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: text/javascript;charset=UTF-8
Pragma: no-cache
P3P: policyref="https://ad.adverticum.net/w3c/p3p.xml", CP="NON DSP COR PSAa PSDa OUR IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: private,no-cache,no-store,must-revalidate,max-age=0
Transfer-Encoding: chunked
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7107966befc99674a8f7bbfac02129220564668e805d466160866c5424e4034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52064
x-xss-protection: 0
server: cafe
etag: 13790973812508842571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 08:44:11 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=storage2.mammutmail.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=storage2.mammutmail.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/ Frame 36EA 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 03:18:45 GMT
etag: 10353107486223812946
expires: Sun, 05 Mar 2023 03:18:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/ Frame 356E 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 03:18:45 GMT
etag: 10353107486223812946
expires: Sun, 05 Mar 2023 03:18:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/ Frame 9B17 10 KB
4 KB 36ms
35ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://storage2.mammutmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 03:18:45 GMT
etag: 10353107486223812946
expires: Sun, 05 Mar 2023 03:18:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C601 152 KB
51 KB 111ms
71ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5EABioEAAGIw0MEjVpYATGL7PyOSQ&u=%7CZJvxsEhL7mdCU7ZVWSn0oTaYAqWMcyRpPIsATiExgBQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsPmYEtHnfFj6VuzCRzykUZR02TVEKmv1rKr9bOK9iNFmeP_535lN3J94qA5ri38_NALlrmy9cxxffwosa1MXvZLRYCmLsxTnZvuXBblswLlz7BvJDkGSCJ8Q0nk53hQvu_cMvdLYhstNR7OlpzCNlpl-deP-ANlZo_qwa4ZgrJ-t-tsKUxidWaJau3VJXDCqxOZcDnKWjIcbHDQGgfhjkpGdHEVhczvN-oqDxq24EVO5coGUwfuBM8wTbY7KW7Db41VIokngMgNdwwI4h2yEwLayrl7PG0x3_Rp0vUdRXnWlNY2oXLjoTUAZeI1MlPZCblEKDdkUCI7uEYJZVubzn_liE9_k7Ue3V2lwEPAJTweAcldCix7uDy-iMKUwhfjvU-OwY7bWFQoou82xCrLxHReIOTjLpQv_LrFKf031bP9UyQKeU19m-zggFF1y7lq2772pdcUnUzRVhw9vA6QB5QO9SyGFm92RyGhP6k1hyfoOtpul_8rW0eHJ04JciRXQk8as3khyXcL2d_JgCrHYk3EflnSpfk7tAtiRsHgV9Nl-ubqYW9G6g8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsv-PWuHxY5HXJYTUmLAPw5GGyAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDEyODQxNzExODA4MzHIAQmpAmB7KGJN8bE-qAMBqgT2AU_QVPqK7WDdPg9F-4PvzUg_LHlLWArK1ItpixnTUGhBLTI5fJwkCIrfejqGnzvQP-b7f2N_x9U97BpNmkW8E8_5TFE5i2Um74W_p4y8vMDGXsfXUTkogZIkcscWOxRS1cHJy8y2JHjLwU3V30ecGaRlmC3y2HNiVUtP-NnC8jP7PoqoE9w3-sHGIYtFQcT2YHxECDMZ0A6ccjUpYjUfsIayfyl1wS0LsAmhg7M4Lr6q4Cx38XJIQidLTPn8kffwFHDSqT4-6IndBcG_9mUvNYVm8LI2L2Sb6Qa3MEBpbTW33E6cg1FpvM9Hk2mV4Mt9VOpJdOOsL4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3c7ZseQQLdatJTzD8wNiXTvuB5ig%26client%3Dca-pub-6041284171180831%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6345b446e670bc9d61048d9074e6207ec2469c92e16d36a70e977366ae9d38d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 08:44:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8upBMaQ1IVoLBJYlkO2cj6BNfMFoEE9O7uhDouaTnWf4QnFA8nybSU65k0Ir9ecY6WoyO7Rel29Q2uWByjjKEDEBM1AU8oG8i2FsyuvTZ5PKJAHVamel0HjW_I0sSl6OpupKukhoclr93fcHktL1wo4Rx9m-Nb8p7CrQrtiVNo8F0UVnym_KjwCMkz0S26Nj7tf3sP9J58zM2IGy5VvqZEJYse1UyVbV0QvlGEm1VWLB3nk3I4OXwvnXcyVZ3cCyR1CKzQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 51277956
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 36EA 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2850 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:13:19 GMT
etag: 48472445140208031
expires: Sun, 19 Feb 2023 17:13:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 36EA 20 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 36EA 0
0 47ms
46ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQb7YzLX0G7Zb-S3Hf0nV7iMPdvl6ah4AnOqQlfm-885PJBDk2MjZn60HFw_h_2EKOpxQMN08jsuVmlP0FdEeNy5rtj3A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36EA 156 KB
48 KB 158ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 08:44:11 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0143 148 KB
49 KB 127ms
98ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5IABioEAAGIw-ivOEhMEdTU18i7mw&u=%7CZJvxsEhL7meD6Cdqr%2BPiiYDNS5%2FuPDqK6chX9uNO5q8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsPmYEtHnfFj6VuzCRzykUZR02TVEKmv1pvQMrMXwGae4kWjHOYYAubpmagcoBikmNILr7NfuSJN-xl7nOPMoe1oa8S4jSCCrLPROplYCCjyhV4nrQOPzxMy_wdpStGmabNdxv0C8OMSRSCle-7q9OLcJruwP1dlXFLhep58gqQ4rUspYJu_vauTM0YyYNqF4sh5Ho9jLpRlzVUaDvhuBV1l4XcOSmsyoe0gM-NfMDHxlbl6piSmaxbinmLDcBbdoMeb8Z2jayX31waRL7fyXdfl5qfH2zWzfg_Ey0dpCbxBML32V9TmoPvAn9mhWGjx2cqUfbSyuS2Hub5Wg_uHEEgopuABaOHnYa3SXXHl1eTSqtyuQfPw3HuD9aG5zwCMrgwUOupFXiW75Mm91igTA4cMt7_CgIAfdzI6qcUq2EH8fb0yLJXRJnI5GWEZ1satvhX8dDgn4o4Lr58dAS0kMLIl9ZAjD26V3MmwLALE4OZliQrnfD-7edcWCuTATelVb1HiugtCvV0imD6f6JDpMEq9ayyUfjCDsWWIrsn7xx24ZyEn4eFuaRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyUaYWuHxY5LXJYTUmLAPw5GGyAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDEyODQxNzExODA4MzHIAQmpAmB7KGJN8bE-qAMBqgT2AU_QwO0f3d0xUk-XVhNJA0r5aumTc3S1sxV4ct_nki1uJX6RlVUZFioNL0zfPBdWICOrG9cHHc9WxpqJXPqzV5UCI1sfyb4b8u-12JL2NXOleqVRdv0xmAtrdjmHM0plEbVdauHNqShdXznLU2TK_kN1vfSmAnFmBZYqPConN4hPT2JEPfUMEmINdYsq5HQ_WZxbGB_CsWaKaTNm39ewynm_3eX8vxK8SUS4PCJSsHXVYgoUaqIUD1ZtC4h2mbuAl5HpDCsd5KrUZecrz0xmn8CrjX_7ToEgbiUaA-f_4-RBg37mWeQLfDwwL3PyI55nrxw4Hldy5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37HXAjVQJRgyR136zng82FoSeM3g%26client%3Dca-pub-6041284171180831%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

735edd915e2ba5e19e7f272f3260a4108d266801bb1998a83cc9305b8c0a490e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 08:44:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=tWV5K6Q1IVoLBJYlZ1pFcknSGTjHafHUOOYAE_Oi6S06LkEsvCyayxonI0kAX3A22cACQAmKkR2f_RlDkisB3pISEyQhr1O9ibSlhtIy6yyEo4-cqrV8LwaPH916wzO48OREoMw7WERQOfLc7Dlj0l9Kx0LJ6f8SACnfa-j2I6csyN_fGdPq4_vr9h92redZctiAi9ULp_8gpaRLvrTTklIj_6DN_kBBXdkN-KD8Ki_2pUcBua390tzogHgELQ0VsCZ__g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 52508852
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 356E 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 84B2 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:13:19 GMT
etag: 48472445140208031
expires: Sun, 19 Feb 2023 17:13:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 356E 20 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 356E 0
0 46ms
45ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8k8orcXmkI543oPul0QYJM4ybPe6PX72N-A8pFYWdx30_Je0YEDEgv6itnFLzumAGQzdmYG0WVnPk7kTgBxIUWYvEcw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 356E 156 KB
48 KB 209ms
126ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 08:44:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B17 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1Dg-WuHxY5PXJYTUmLAPw5GGyAvJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQxMjg0MTcxMTgwODMxyAEJqQJgeyhiTfGxPqgDAaoE9AFP0AR9xvXYfYCew3_gbEjz_DgR0AcZCvcN5vv5RFueSeMVmjtu62-tuS3c2FjuMMeCtY3BEtbL-u4ejOAbAePYgisJTPSH_hX_QmAt04n9TzAASY6kZHdD4q1LMIk3CSqlUelTr3rtBovJvMfv8xbuKSddy7JuNS0iF6G9hjW9xvKnP-4TAFrdKPud7yXvDOdy4vEZAPeACYoGoJ7vUEcKir6DtkIxNX4e9NS91FM3wEQz-ryjd23ISvYgegN1v9ZE1AeBDWovCigfE5hhCAYE9GaQHl55cJm332XDp_7sXBd_TOQU9_ixJ2GAlOpHDJQn6u2egAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02MDQxMjg0MTcxMTgwODMxGAA&sigh=4gftZppB5_E&uach_m=[UACH]&cid=CAQSOwDUE5ymOYXxRsDnKe3DTvIQKeHhYANdlhxTipWfxlk4pKdiLqjBLtZujm1iKLkP4U3fLK9hU3o2IPSDGAE

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Feb 2023 08:44:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 9B17 0
0 48ms
15ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMz6RO0HfJ2DYgICAAAARoE82PqnHUSCrb87EFnh8WOKmzqLoaSonCi7fQASAAAKDkFRVUJBUVlCQVFFQkFR&wp=Y_HhWgAJa5MABioEAAGIwzw4U2Y5XhmBehCPBg

Requested by

Host: storage2.mammutmail.com
URL: http://storage2.mammutmail.com/hu/download/5170bcb19297ca72236c2410c8f73129

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 189155
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6BF9 147 KB
48 KB 126ms
108ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5MABioEAAGIwzw4U2Y5XhmBehCPBg&u=%7CZJvxsEhL7mdZ05n6pLL%2BF0oYr0moDkJYKUl0jsoTubw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Ngpf3CH59wRcAK1df8GsuyJRce0udb-6kPEZHyDoz0MEAqeoSmpqXo_LCZ1mCDArqriXzNyfMV3iiX0z6EgSJA3wM7QTCMshaExudyAVOKQuUnrkii3BSGip9e5G-DOKIJUyzO1iRmbY00z2rjJGY60GeBuRW6ngJ0bCr72oVAz9SLNX01uaP1taG4q66edMmVlf9CBj6gd0k6_BNncxlPvZR0imE2cQXPpfjB5CQUOSBXSxdqqqJNcCPgu2P18uXg4ORis0V-P6Pv9-Oz1rQOVMVCFajwGsy9H8fcgoainMI5uPULZm6iW-cl-XSzraZnpi2T8wqB_TiVBHVhZjASTCB55HYEpmAQcBmMrRS-qOrzAmD6g809AtxxtyUlKBB1oEbYb3LcGBXAcueEPTWb56q7rDBP3Jr_61Vn0TS5n74T5UhBVp69dCF5oIQAtmYRB6onOOkdCPzP30xmplkdQzxaxmuSDC5dEZ250nmfhtAtoS6yx3U7a8uTzQiXnq9e5UOwQaH-HsNxfHm1Q5H_Zwich_YTR_Pp1KfoDOUShFcRd-SDFrjIXMZDI7w3gw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPU5KWuHxY5PXJYTUmLAPw5GGyAvJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQxMjg0MTcxMTgwODMxyAEJqQJgeyhiTfGxPqgDAaoE9wFP0AR9xvXYfYCew3_gbEjz_DgR0AcZCvcN5vv5RFueSeMVmjtu62-tuS3c2FjuMMeCtY3BEtbL-u4ejOAbAePYgisJTPSH_hX_QmAt04n9TzAASY6kZHdD4q1LMIk3CSqlUelTr3rtBovJvMfv8xbuKSddy7JuNS0iF6G9hjW9xvKnP-4TAFrdKPud7yXvDOdy4vEZAPeACYoGoJ7vUEcKir6DtkIxNX4e9NS91FM3wEQz-ryjd23ISvYgegN1v9ZE1AeBDWovCigfE5hhCEQG1fQXkcJqzwWjfLX-AQblSB3JRsoMdUx5GsdyK_RrFBGNbv4h6BnTgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nT5HeJISzSZRMuKuOAiFktt7L4g%26client%3Dca-pub-6041284171180831%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

04e666357199e40d2b979ba24afe33e1bcc4ed05b3e1af49b26da0bb385c8c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 08:44:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=HoEQxKQ1IVoLBJYlVms1O2DSY5ILMbluYwi_aXg97EkMrod_HtS-vFiuPthDYf2rK_cziV_WDkF9b1dcXZI23qGw_qqJFafeEOcPjuwi3VQQaPXV2_FErXGzvz-xrQO3efnfZzlybGt2K7BYnUsH5njut9405t7yUCcB7awHu-0R-fWT8ALqZbzCHCSu9clvdumolgDagxUUZy4KHmRs8TKUeiXkogXsJ1h_yUWgrzYZGnlLc7YZYRMJCjjqzBEkTTAiTQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61419171
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9B17 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1460 1 KB
643 B 42ms
38ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:13:19 GMT
etag: 48472445140208031
expires: Sun, 19 Feb 2023 17:13:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 9B17 20 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9B17 0
0 47ms
46ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRO2PG3AXQhX--gyEEFRTDvUEts3_c1QO2iRLwIlZ4X0vKVxOjAj9phuXliNXnWAW0YoQaxqNIfwdsF8qolQmMVCCajeA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B17 156 KB
48 KB 184ms
113ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 08:44:11 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2850 35 B
464 B 43ms
8ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBQT7EffoEWbydtB_-GX1sM&google_cver=1&google_push=Aa02lx_OT8hIezvAzlySFk1cfcAg7cIsQjI-M0ihwzOrCIzV0LL7kq8qZ1kg2hbexxPYufyXipHRJO3zm6ZatCnxWTyT3RjN1idhdUI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 2850 0
98 B 68ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8vdbCFO5G_i9fCoZz40hVEhnHvVIg3NtIv6dEkikkOFzcKChOcHDlLJ-s9u-Nf7SvSyOrKMN4Tv1CzdcixdcKq4TdXOTtRtQ&google_gid=CAESENvtfkF7NLxZaB75WLwO93o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2850
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOYMe4h7M6AUV4mF0gz69pg&google_cver=1&google_push=Aa02lx82S-hQBAF3mRkFLW-fWnGOwsHjlAZ5mQhZr8BzAbQXR3veMhf6m-dFp5LcqrLQubelg66SvN5B4pIjkw3Oo7s5IEd...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx82S-hQBAF3mRkFLW-fWnGOwsHjlAZ5mQhZr8BzAbQXR3veMhf6m-dFp5LcqrLQubelg66SvN5B4pIjkw3Oo7s5IEdsmywR3A&google_hm=eS0ybXQ5a1d4RTJwRVJE...

170 B
232 B

58ms
54ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx82S-hQBAF3mRkFLW-fWnGOwsHjlAZ5mQhZr8BzAbQXR3veMhf6m-dFp5LcqrLQubelg66SvN5B4pIjkw3Oo7s5IEdsmywR3A&google_hm=eS0ybXQ5a1d4RTJwRVJEOFEzSU1yc2JnWU5TZlRucmIwan5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx82S-hQBAF3mRkFLW-fWnGOwsHjlAZ5mQhZr8BzAbQXR3veMhf6m-dFp5LcqrLQubelg66SvN5B4pIjkw3Oo7s5IEdsmywR3A&google_hm=eS0ybXQ5a1d4RTJwRVJEOFEzSU1yc2JnWU5TZlRucmIwan5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2850
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDRNH9x3BNZQ8Eql1aJDk7g&google_cver=1&google_push=Aa02lx8ugA2J5ELy_PhqcNGq6DnQ1RWgCS_Xqz1UgtInG85adiF8KsOBQF4DNAuHWKkbnRrN_6E9F0dh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDRNH9x3BNZQ8Eql1aJDk7g&google_cver=1&google_push=Aa02lx8ugA2J5ELy_PhqcNGq6DnQ1RWgCS_Xqz1UgtInG85adiF8KsOBQF4DNAuHWKkbnRrN_6E...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNzE1MDcyODgxNzU3NDY3Mw&google_push=Aa02lx8ugA2J5ELy_PhqcNGq6DnQ1RWgCS_Xqz1UgtInG85adiF8KsOBQF4DNAuHWKkbnRrN_6E9F0...

170 B
232 B

48ms
47ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNzE1MDcyODgxNzU3NDY3Mw&google_push=Aa02lx8ugA2J5ELy_PhqcNGq6DnQ1RWgCS_Xqz1UgtInG85adiF8KsOBQF4DNAuHWKkbnRrN_6E9F0dhu4RjEnY7FpLpQpHSPIOutTs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQxNzE1MDcyODgxNzU3NDY3Mw&google_push=Aa02lx8ugA2J5ELy_PhqcNGq6DnQ1RWgCS_Xqz1UgtInG85adiF8KsOBQF4DNAuHWKkbnRrN_6E9F0dhu4RjEnY7FpLpQpHSPIOutTs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2850 43 B
135 B 67ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHlg7nuF5q5BcnNUE2NcAxk&google_cver=1&google_push=Aa02lx88AhUT9wXOAaGldq3jUezXAyG4qH6bx5nF3WizCrHApSjMJIBYsBKeUJhvznfZUdTquftHsL-CLwNn_6l1aokswwPsGYf1iH0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5sdnekou0vnlrpf9onh40chgfi9k867h

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2850
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECf9kE4cDphJ7DpyKy0CFxo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECf9kE4cDphJ7DpyKy0CFxo&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECf9kE4cDphJ7DpyKy0CFxo&google_hm=Y_HhW2_rsuAqUq7BsEC5qQAABLAAAAIB&google_nid=index&google_push=Aa02lx-_6YdzKY3KF-GNvkboSo1ZWZs7PHcAs...

170 B
232 B

74ms
68ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECf9kE4cDphJ7DpyKy0CFxo&google_hm=Y_HhW2_rsuAqUq7BsEC5qQAABLAAAAIB&google_nid=index&google_push=Aa02lx-_6YdzKY3KF-GNvkboSo1ZWZs7PHcAsodO_aQjh9yDKdZBrykYaxl9IJXFkwf3UXLZJYLOark93OOgzpi-_42rvUYHYk_xv5A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzITQ70GMhWf9ciQhTxUq6CVi7IB5xu1yh9A6841gCtxvxQ098xVwLcqE3kubp86L54hHQSkQJ6jo9IwQH05a45jbUZmwhX%2FyMN85f7by2mhbu6Ao5ME9qGm2rJHD1f77MTnKJdrn3Nm3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECf9kE4cDphJ7DpyKy0CFxo&google_hm=Y_HhW2_rsuAqUq7BsEC5qQAABLAAAAIB&google_nid=index&google_push=Aa02lx-_6YdzKY3KF-GNvkboSo1ZWZs7PHcAsodO_aQjh9yDKdZBrykYaxl9IJXFkwf3UXLZJYLOark93OOgzpi-_42rvUYHYk_xv5A
cache-control: no-cache
cf-ray: 79bdb81b3f989ba6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2850
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL0inGJ5teD37MMG1X-eNLo&google_cver=1&google_push=Aa02lx_rpCMkYMj19jNav5MoFz61GeQu4oUBOZ3j_DaUl_LPWV1xSA5fYcC7Pc4VAlmlDgikeLsT7Ltr46eo-EiF...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_rpCMkYMj19jNav5MoFz61GeQu4oUBOZ3j_DaUl_LPWV1xSA5fYcC7Pc4VAlmlDgikeLsT7Ltr46eo-EiFvYGgZysp-jyrJYA

170 B
232 B

115ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_rpCMkYMj19jNav5MoFz61GeQu4oUBOZ3j_DaUl_LPWV1xSA5fYcC7Pc4VAlmlDgikeLsT7Ltr46eo-EiFvYGgZysp-jyrJYA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 19 Feb 2023 08:44:11 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_rpCMkYMj19jNav5MoFz61GeQu4oUBOZ3j_DaUl_LPWV1xSA5fYcC7Pc4VAlmlDgikeLsT7Ltr46eo-EiFvYGgZysp-jyrJYA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: tu6iJEHqY4wY29jtiAlwvRP5ztXt9GogLaoS_Dczap2hD0-bgvxwJQ==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2850 0
139 B 150ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHd_obqYv7wmzS3LIviRehIjPoHmj5g7hZsayoIKMyfhy3cNZavrYVj-G11Zy9tJ3evpPy

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 84B2
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM8xT0OiNtanNMmCODMLZtA&google_cver=1&google_push=Aa02lx-9ZGugPA40PefQA1U4z1QoSzGWxsjuEK3W6Z5ChjmF2v2kTTd4UGlPrQHEG4Kygr1zAfSndfEU_jaMc88OnP_sWftE8GhiJfuM
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU2NTgxNTk2ODY2Mjc1NDkzOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM8xT0OiNtanNMmCODMLZtA&google_cver=1

43 B
398 B

68ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM8xT0OiNtanNMmCODMLZtA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM8xT0OiNtanNMmCODMLZtA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 84B2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJE18fMOXfa5FQfR0wvBFp8&google_cver=1&google_push=Aa02lx_UD9t_qz81OjPEhl0b0A13k836NCGhUwyyYZ4j_FrwRmYNmnuENWQlUfC3nwBsaMi4Q4iXtdnLV_AqgSL2TavGi6C3Tt6lBQ2y
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50F909E2AED844DB9DC03B82C6823E47&google_push=Aa02lx_UD9t_qz81OjPEhl0b0A13k836NCGhUwyyYZ4j_FrwRmYNmnuENWQlUfC3nwBsaMi4Q4iXtdnLV_AqgSL...

170 B
232 B

73ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50F909E2AED844DB9DC03B82C6823E47&google_push=Aa02lx_UD9t_qz81OjPEhl0b0A13k836NCGhUwyyYZ4j_FrwRmYNmnuENWQlUfC3nwBsaMi4Q4iXtdnLV_AqgSL2TavGi6C3Tt6lBQ2y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=50F909E2AED844DB9DC03B82C6823E47&google_push=Aa02lx_UD9t_qz81OjPEhl0b0A13k836NCGhUwyyYZ4j_FrwRmYNmnuENWQlUfC3nwBsaMi4Q4iXtdnLV_AqgSL2TavGi6C3Tt6lBQ2y
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 18 Feb 2023 08:44:11 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 84B2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECA647mzo7QDceI_n3fKdPY&google_cver=1&google_push=Aa02lx9UyDBmNLZgeiBtwLZWSzrHP7KrYmRS1L69zVDfqnSDu4fdkjHYR8SjZl_IYClSye0xRWSed9ZTf-FRt3...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMTc4NTA2MDExMTQxNTQzOA%3D%3D&google_push=Aa02lx9UyDBmNLZgeiBtwLZWSzrHP7KrYmRS1L69zVDfqnSDu4fdkjHYR8SjZl_IYClSye0xRWSed9ZTf-FRt31uvF...

170 B
232 B

94ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMTc4NTA2MDExMTQxNTQzOA%3D%3D&google_push=Aa02lx9UyDBmNLZgeiBtwLZWSzrHP7KrYmRS1L69zVDfqnSDu4fdkjHYR8SjZl_IYClSye0xRWSed9ZTf-FRt31uvFV6IQbmvwnAxnM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMTc4NTA2MDExMTQxNTQzOA%3D%3D&google_push=Aa02lx9UyDBmNLZgeiBtwLZWSzrHP7KrYmRS1L69zVDfqnSDu4fdkjHYR8SjZl_IYClSye0xRWSed9ZTf-FRt31uvFV6IQbmvwnAxnM
Date: Sun, 19 Feb 2023 08:44:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 84B2
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEEzeWSWuyFXIG4n5mDUZrb4&google_cver=1&google_push=Aa02lx-fXW7XLtMAsT3q9HQtSRJGS-mtgyAigtfasrnXLMA1otgqwKFcQFhiLcIinRvKB-9tRyRygXyoMqThCnFL5QL7yn5...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEEzeWSWuyFXIG4n5mDUZrb4&google_cver=1&google_push=Aa02lx-fXW7XLtMAsT3q9HQtSRJGS-mtgyAigtfasrnXLMA1otgqwKFcQFhiLcIinRvKB-9tRyRygXyoMqThCnFL5QL7y...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-fXW7XLtMAsT3q9HQtSRJGS-mtgyAigtfasrnXLMA1otgqwKFcQFhiLcIinRvKB-9tRyRygXyoMqThCnFL5QL7yn5t6VnxRkvr

170 B
232 B

46ms
46ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-fXW7XLtMAsT3q9HQtSRJGS-mtgyAigtfasrnXLMA1otgqwKFcQFhiLcIinRvKB-9tRyRygXyoMqThCnFL5QL7yn5t6VnxRkvr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-fXW7XLtMAsT3q9HQtSRJGS-mtgyAigtfasrnXLMA1otgqwKFcQFhiLcIinRvKB-9tRyRygXyoMqThCnFL5QL7yn5t6VnxRkvr
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 84B2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDRNH9x3BNZQ8Eql1aJDk7g&google_cver=1&google_push=Aa02lx9w17jwJleWA5wS-4rLECY8-KXgHQoYYGEYeP7iRBCEdzNuVMreaCJ5v1E0TevN58lGbIIDs4cY...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDRNH9x3BNZQ8Eql1aJDk7g&google_cver=1&google_push=Aa02lx9w17jwJleWA5wS-4rLECY8-KXgHQoYYGEYeP7iRBCEdzNuVMreaCJ5v1E0TevN58lGbII...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2NTEzMTczNTQxMjI2MjU2OA&google_push=Aa02lx9w17jwJleWA5wS-4rLECY8-KXgHQoYYGEYeP7iRBCEdzNuVMreaCJ5v1E0TevN58lGbIIDs4...

170 B
232 B

47ms
46ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2NTEzMTczNTQxMjI2MjU2OA&google_push=Aa02lx9w17jwJleWA5wS-4rLECY8-KXgHQoYYGEYeP7iRBCEdzNuVMreaCJ5v1E0TevN58lGbIIDs4cYPRUeXPo_gJGKVa949D2VaBQ3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2NTEzMTczNTQxMjI2MjU2OA&google_push=Aa02lx9w17jwJleWA5wS-4rLECY8-KXgHQoYYGEYeP7iRBCEdzNuVMreaCJ5v1E0TevN58lGbIIDs4cYPRUeXPo_gJGKVa949D2VaBQ3
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84B2
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEBGRBWoECLFYT1nzHdaJTyQ&google_cver=1&google_push=Aa02lx8IkQuwBfgNTCxmWsBkJd9GPOxWiIydz5pNJkXzmgd9BYJ9qWlaZN5AMzGD4g1Kfq-QmZIWYXeBvBUUxpB8B753oG...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBGRBWoECLFYT1nzHdaJTyQ&google_cver=1&google_push=Aa02lx8IkQuwBfgNTCxmWsBkJd9GPOxWiIydz5pNJkXzmgd9BYJ9qWlaZN5AMzGD4g1Kfq-QmZIWYXeBvBUUxpB8...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WIQ8l-bCQMGwgLY3Zdoldw&google_push=Aa02lx8IkQuwBfgNTCxmWsBkJd9GPOxWiIydz5pNJkXzmgd9BYJ9qWlaZN5AMzGD4g1Kfq-QmZIWYXeBvBUUxpB...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WIQ8l-bCQMGwgLY3Zdoldw&google_push=Aa02lx8IkQuwBfgNTCxmWsBkJd9GPOxWiIydz5pNJkXzmgd9BYJ9qWlaZN5AMzGD4g1Kfq-QmZIWYXeBvBUUxpB8B753oGnQ08cMfbo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=WIQ8l-bCQMGwgLY3Zdoldw&google_push=Aa02lx8IkQuwBfgNTCxmWsBkJd9GPOxWiIydz5pNJkXzmgd9BYJ9qWlaZN5AMzGD4g1Kfq-QmZIWYXeBvBUUxpB8B753oGnQ08cMfbo
access-control-allow-origin: *
date: Sun, 19 Feb 2023 08:44:11 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 84B2
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKJQGupNkNXfYoQKEIcL27w&google_cver=1&google_push=Aa02lx8wnd6IDRLeWjrqd73m_L1DwzYgcdH9Hq9wgey-cln40Gi6gOqgjk9oZPxm44zZNrKY1sRo4hQu5rCma2n_Z6mb93nOKt...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8wnd6IDRLeWjrqd73m_L1DwzYgcdH9Hq9wgey-cln40Gi6gOqgjk9oZPxm44zZNrKY1sRo4hQu5rCma2n_Z6mb93nOKtT...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg2MDY5OTEzNzY5NjgwMzk2OTU3&google_push=Aa02lx8wnd6IDRLeWjrqd73m_L1DwzYgcdH9Hq9wgey-cln40Gi6gOqgjk9oZPxm...

170 B
329 B

91ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg2MDY5OTEzNzY5NjgwMzk2OTU3&google_push=Aa02lx8wnd6IDRLeWjrqd73m_L1DwzYgcdH9Hq9wgey-cln40Gi6gOqgjk9oZPxm44zZNrKY1sRo4hQu5rCma2n_Z6mb93nOKtTefcYH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzg2MDY5OTEzNzY5NjgwMzk2OTU3&google_push=Aa02lx8wnd6IDRLeWjrqd73m_L1DwzYgcdH9Hq9wgey-cln40Gi6gOqgjk9oZPxm44zZNrKY1sRo4hQu5rCma2n_Z6mb93nOKtTefcYH
date: Sun, 19 Feb 2023 08:44:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 84B2 0
49 B 139ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjHnjKrzyj9UjykRXSC-DslowHalk4fp_2r8PKPd4ILEBqt05Un_MiLgan7QZhlkzF1D6W

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9B17 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cb8300736a1daf829e84149461d1a74619412555609cdb251ece52c70f0a147

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1460
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB8vDE-MlgtYffRBboCmYVs&google_cver=1&google_push=Aa02lx94Y_Rd0BWv2ESOezWv2tStENLuBLmrsZMzBXeoRw3xW7WA8ay3hJuY4411pv3BYsIJO_AizM_SgPwO_Iiv...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx94Y_Rd0BWv2ESOezWv2tStENLuBLmrsZMzBXeoRw3xW7WA8ay3hJuY4411pv3BYsIJO_AizM_SgPwO_IivvQp_qiXpr8_K_kw9EiJOvUbkkhUHRV...

170 B
232 B

46ms
45ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx94Y_Rd0BWv2ESOezWv2tStENLuBLmrsZMzBXeoRw3xW7WA8ay3hJuY4411pv3BYsIJO_AizM_SgPwO_IivvQp_qiXpr8_K_kw9EiJOvUbkkhUHRVSbFuts0iG-6cO0d2AjoCEGDeLBeig

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 19 Feb 2023 08:44:11 GMT
Server: MT3 475 4bd2ccd master zrh-pixel-x5 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx94Y_Rd0BWv2ESOezWv2tStENLuBLmrsZMzBXeoRw3xW7WA8ay3hJuY4411pv3BYsIJO_AizM_SgPwO_IivvQp_qiXpr8_K_kw9EiJOvUbkkhUHRVSbFuts0iG-6cO0d2AjoCEGDeLBeig
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 19 Feb 2023 08:44:10 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1460 0
173 B 59ms
19ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOa-vEBROhpzmlJtCVHwqv4&google_cver=1&google_push=Aa02lx8dmmbaj7HG-MWK1XYgvnocUJWG56CCaIntrfFt13bZmWsyi2SQ6Sgo_fMQ2QBUyqRsfuVqRZcyZQbM75D8RMv-oquKSF3dDReld63_6z2RLX4oNZKrVwkMuhoOzqNRBZD3pv8HO_LuReA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1460
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOQiU-Ukk0fyG1f2lC14etE&google_cver=1&google_push=Aa02lx_fZxdm_bxhsuzxpTsnX30yfGOJmwxhxkqAW_ALoiMIo1y1IaPHuwiuUZYYCdy3OPJ3PDoAdMnUgWZW6F_O...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=EHEfuUHfTfiQgKQkzJQOoQ2&google_push=Aa02lx_fZxdm_bxhsuzxpTsnX30yfGOJmwxhxkqAW_ALoiMIo1y1IaPHuwiuUZYYCdy3OPJ3PDoAdMnUgWZW6F_OvZcaS_nnGMltzM...

170 B
232 B

54ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=EHEfuUHfTfiQgKQkzJQOoQ2&google_push=Aa02lx_fZxdm_bxhsuzxpTsnX30yfGOJmwxhxkqAW_ALoiMIo1y1IaPHuwiuUZYYCdy3OPJ3PDoAdMnUgWZW6F_OvZcaS_nnGMltzM7sNslqFysGNBR8vX0NdSYE48hm3lysnIJjJSZTgIRGSA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 19 Feb 2023 08:44:11 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=EHEfuUHfTfiQgKQkzJQOoQ2&google_push=Aa02lx_fZxdm_bxhsuzxpTsnX30yfGOJmwxhxkqAW_ALoiMIo1y1IaPHuwiuUZYYCdy3OPJ3PDoAdMnUgWZW6F_OvZcaS_nnGMltzM7sNslqFysGNBR8vX0NdSYE48hm3lysnIJjJSZTgIRGSA
x-host: tde-deliveryengine-production-bb6cbfb9d-7d24h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1460
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOYMe4h7M6AUV4mF0gz69pg&google_cver=1&google_push=Aa02lx8FfB8ZA4vidnd58yNdh74VAgAJmb7bkXItQNDvO21F8Nryl4FhMJNWIBsjGlYxgnuXMZUOwVKITANq6OMNTvbQohH...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8FfB8ZA4vidnd58yNdh74VAgAJmb7bkXItQNDvO21F8Nryl4FhMJNWIBsjGlYxgnuXMZUOwVKITANq6OMNTvbQohHw7YBaU78CGmR9r8TguW0zK47XeA69_KT7Ncnhv...

170 B
232 B

57ms
54ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8FfB8ZA4vidnd58yNdh74VAgAJmb7bkXItQNDvO21F8Nryl4FhMJNWIBsjGlYxgnuXMZUOwVKITANq6OMNTvbQohHw7YBaU78CGmR9r8TguW0zK47XeA69_KT7Ncnhv7lHLSSNM-TCuw&google_hm=eS02cUtUaE9GRTJwR1BBSEZmYnZabHJ2VWI2ZjdVV1JrQ35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8FfB8ZA4vidnd58yNdh74VAgAJmb7bkXItQNDvO21F8Nryl4FhMJNWIBsjGlYxgnuXMZUOwVKITANq6OMNTvbQohHw7YBaU78CGmR9r8TguW0zK47XeA69_KT7Ncnhv7lHLSSNM-TCuw&google_hm=eS02cUtUaE9GRTJwR1BBSEZmYnZabHJ2VWI2ZjdVV1JrQ35B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1460 43 B
351 B 35ms
21ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHlg7nuF5q5BcnNUE2NcAxk&google_cver=1&google_push=Aa02lx_3R54aRw8Nv8FhNCRh-KAWbTBD_jeOWXeBSFGn_p76QCG2Q-qikAMMm040YDFLXbW-3x7tpSvtsZgeLfUBe03KYVtlH-LGPKe5T9ak1p_VfpgthY2MXsV-5Lk8ZC0GYQW_1imojLrLr8s
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 1t6p997qgrenmmdlpqecql19q8e5p9vj

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1460
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEBGRBWoECLFYT1nzHdaJTyQ&google_cver=1&google_push=Aa02lx_J3BggghjOWtxHgPRFcpImhj6lsXlO70xClSItubiCoo7w2_8Z5bC-OZZm3mCNay5gxSLExmzgfQIq4RHl4gM28d...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBGRBWoECLFYT1nzHdaJTyQ&google_cver=1&google_push=Aa02lx_J3BggghjOWtxHgPRFcpImhj6lsXlO70xClSItubiCoo7w2_8Z5bC-OZZm3mCNay5gxSLExmzgfQIq4RHl...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sXt7oqJ9RiSADYvUmdtVSw&google_push=Aa02lx_J3BggghjOWtxHgPRFcpImhj6lsXlO70xClSItubiCoo7w2_8Z5bC-OZZm3mCNay5gxSLExmzgfQIq4RH...

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sXt7oqJ9RiSADYvUmdtVSw&google_push=Aa02lx_J3BggghjOWtxHgPRFcpImhj6lsXlO70xClSItubiCoo7w2_8Z5bC-OZZm3mCNay5gxSLExmzgfQIq4RHl4gM28d_TiTN-W273zIM_wmXjfx88ZybQpLHp8-Yk4FNsj_cWNbWLVC9dpt4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sXt7oqJ9RiSADYvUmdtVSw&google_push=Aa02lx_J3BggghjOWtxHgPRFcpImhj6lsXlO70xClSItubiCoo7w2_8Z5bC-OZZm3mCNay5gxSLExmzgfQIq4RHl4gM28d_TiTN-W273zIM_wmXjfx88ZybQpLHp8-Yk4FNsj_cWNbWLVC9dpt4
access-control-allow-origin: *
date: Sun, 19 Feb 2023 08:44:11 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 1460 0
75 B 138ms
17ms Image
text/plain 185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELqzZgkElfX5-jmtnWb5rzk&google_cver=1&google_push=Aa02lx8Sl7lwLKxJHzVzF5uBsmVOjpTTFKnw-OemV-gffk1o5nVXdnMlrknS-mVv8b9SDyYrWJshagBLTdLDY8LQobJ_nqzfY26BiI6lc1Z0XrffFuH9uM3U0R81rQN2j67nTTNkM2pPpab5xA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1460 0
49 B 121ms
48ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMvi2nd0ic_eNFx5GfFGz0dIKpYsJL9MOKPQLndfLeohmDospweeEnTr9Al-UOIW34pTTz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C601 2 KB
1 KB 65ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5EABioEAAGIw0MEjVpYATGL7PyOSQ&u=%7CZJvxsEhL7mdCU7ZVWSn0oTaYAqWMcyRpPIsATiExgBQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsPmYEtHnfFj6VuzCRzykUZR02TVEKmv1rKr9bOK9iNFmeP_535lN3J94qA5ri38_NALlrmy9cxxffwosa1MXvZLRYCmLsxTnZvuXBblswLlz7BvJDkGSCJ8Q0nk53hQvu_cMvdLYhstNR7OlpzCNlpl-deP-ANlZo_qwa4ZgrJ-t-tsKUxidWaJau3VJXDCqxOZcDnKWjIcbHDQGgfhjkpGdHEVhczvN-oqDxq24EVO5coGUwfuBM8wTbY7KW7Db41VIokngMgNdwwI4h2yEwLayrl7PG0x3_Rp0vUdRXnWlNY2oXLjoTUAZeI1MlPZCblEKDdkUCI7uEYJZVubzn_liE9_k7Ue3V2lwEPAJTweAcldCix7uDy-iMKUwhfjvU-OwY7bWFQoou82xCrLxHReIOTjLpQv_LrFKf031bP9UyQKeU19m-zggFF1y7lq2772pdcUnUzRVhw9vA6QB5QO9SyGFm92RyGhP6k1hyfoOtpul_8rW0eHJ04JciRXQk8as3khyXcL2d_JgCrHYk3EflnSpfk7tAtiRsHgV9Nl-ubqYW9G6g8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsv-PWuHxY5HXJYTUmLAPw5GGyAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDEyODQxNzExODA4MzHIAQmpAmB7KGJN8bE-qAMBqgT2AU_QVPqK7WDdPg9F-4PvzUg_LHlLWArK1ItpixnTUGhBLTI5fJwkCIrfejqGnzvQP-b7f2N_x9U97BpNmkW8E8_5TFE5i2Um74W_p4y8vMDGXsfXUTkogZIkcscWOxRS1cHJy8y2JHjLwU3V30ecGaRlmC3y2HNiVUtP-NnC8jP7PoqoE9w3-sHGIYtFQcT2YHxECDMZ0A6ccjUpYjUfsIayfyl1wS0LsAmhg7M4Lr6q4Cx38XJIQidLTPn8kffwFHDSqT4-6IndBcG_9mUvNYVm8LI2L2Sb6Qa3MEBpbTW33E6cg1FpvM9Hk2mV4Mt9VOpJdOOsL4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3c7ZseQQLdatJTzD8wNiXTvuB5ig%26client%3Dca-pub-6041284171180831%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C601 2 KB
1 KB 62ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C601 308 B
636 B 63ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C601 293 B
621 B 62ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C601 43 B
348 B 66ms
23ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=N6YBedf-d25BDl79y1zj0KUH4QXUDoI2Xh1KNj9OCXoXUGwKvfumGkmkfYijzus1QTBfA808dxOgaEzzvtkMknvVvbXzo83Mrco2HfBjxQfKfveC2qEAHEzX8aKWW6e5w_yDlsEi8lgNhAUJLvECbJb9jadNdD7FUMsaMP5Yn__IGVwzkP6ZCeuRvneULY7WSQh4x0d6Pr5jNHxjbt3TkhOIdn9PbGlaZtJhI4v69goXal0oZ8obmG3i4hnqVyCJHwQNLXVhdLeM_iZ7GqTa8obMlOU2u3DVSveY6KSvI5TxCbssaLglyMfhVh_sNshcVGoSiuF7d5B_8KmZB1NZBN70jNplKu-6ist2MCkdNTsEG7pv4PSX2nSOTScTblI7iLSXNOsRc3XpSne0vUdpNGbY9PjlQs3kNtjxQR4vbKabNnq2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1949312
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C601 12 KB
5 KB 62ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 215636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrjzCBsfjiLIMuQZmvJQNsLYynkzzpRs7iqWy667lgG%2FM%2FXbMrVxt7KpSzE%2Bso3VvOUedZNpgDlg0t7SN7PAJc1mgTOuwxfNr2Nh1SNe5ipy1Ok5GuQyUAo%2BSjNpbjMHzuPsmfWQVfR7ohMyFvz2xKl9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79bdb81b780bbbda-FRA
expires: Fri, 09 Feb 2024 08:44:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C601 12 KB
6 KB 51ms
26ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0143 2 KB
1 KB 31ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5IABioEAAGIw-ivOEhMEdTU18i7mw&u=%7CZJvxsEhL7meD6Cdqr%2BPiiYDNS5%2FuPDqK6chX9uNO5q8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zsPmYEtHnfFj6VuzCRzykUZR02TVEKmv1pvQMrMXwGae4kWjHOYYAubpmagcoBikmNILr7NfuSJN-xl7nOPMoe1oa8S4jSCCrLPROplYCCjyhV4nrQOPzxMy_wdpStGmabNdxv0C8OMSRSCle-7q9OLcJruwP1dlXFLhep58gqQ4rUspYJu_vauTM0YyYNqF4sh5Ho9jLpRlzVUaDvhuBV1l4XcOSmsyoe0gM-NfMDHxlbl6piSmaxbinmLDcBbdoMeb8Z2jayX31waRL7fyXdfl5qfH2zWzfg_Ey0dpCbxBML32V9TmoPvAn9mhWGjx2cqUfbSyuS2Hub5Wg_uHEEgopuABaOHnYa3SXXHl1eTSqtyuQfPw3HuD9aG5zwCMrgwUOupFXiW75Mm91igTA4cMt7_CgIAfdzI6qcUq2EH8fb0yLJXRJnI5GWEZ1satvhX8dDgn4o4Lr58dAS0kMLIl9ZAjD26V3MmwLALE4OZliQrnfD-7edcWCuTATelVb1HiugtCvV0imD6f6JDpMEq9ayyUfjCDsWWIrsn7xx24ZyEn4eFuaRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyUaYWuHxY5LXJYTUmLAPw5GGyAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDEyODQxNzExODA4MzHIAQmpAmB7KGJN8bE-qAMBqgT2AU_QwO0f3d0xUk-XVhNJA0r5aumTc3S1sxV4ct_nki1uJX6RlVUZFioNL0zfPBdWICOrG9cHHc9WxpqJXPqzV5UCI1sfyb4b8u-12JL2NXOleqVRdv0xmAtrdjmHM0plEbVdauHNqShdXznLU2TK_kN1vfSmAnFmBZYqPConN4hPT2JEPfUMEmINdYsq5HQ_WZxbGB_CsWaKaTNm39ewynm_3eX8vxK8SUS4PCJSsHXVYgoUaqIUD1ZtC4h2mbuAl5HpDCsd5KrUZecrz0xmn8CrjX_7ToEgbiUaA-f_4-RBg37mWeQLfDwwL3PyI55nrxw4Hldy5oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37HXAjVQJRgyR136zng82FoSeM3g%26client%3Dca-pub-6041284171180831%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0143 2 KB
1 KB 34ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0143 308 B
636 B 19ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0143 293 B
621 B 21ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 0143 43 B
347 B 22ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QwqbUNf-d25BDl79y1zj0KUH4QVoPQdNE-ethiCXQfdWQW6E00NXfzj-g65yOe8Hf_s3ohZcGSoiJ-4JhDf6UMehoezad7PBuDNboOKk9Bd915Uqck_FFQdQRPeqbrtzRFk0ePbZnpWudva0Q6W_Uqq-zBHGUX2dchJk-uMNKoH3_WVeezQ7sMSB2yjN54V3IOE2bMkgB6tJoWzWgnu0XsHnzZprPVDeRpxUCIchwnImPsv5C2DxD4gtdK6x8nDEKVDh5rSZpB2YHxMmowCUDcz3yMFXflX3sf2vpuZwfxVCpyyV4S8qs49d-ROrLoFvY4GF1zbjN7S5T4-0OtITKJpk-Wz-Dsgn8wC-TI6jEgJg20rMVTR2TiJxFWlZEGcJoFitJw0fMillVhjM1qCSsOwEqkp3XoszNYr-LlgkbuqxyvKQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1726933
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C601 0
128 B 89ms
33ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=8upBMaQ1IVoLBJYlkO2cj6BNfMFoEE9O7uhDouaTnWf4QnFA8nybSU65k0Ir9ecY6WoyO7Rel29Q2uWByjjKEDEBM1AU8oG8i2FsyuvTZ5PKJAHVamel0HjW_I0sSl6OpupKukhoclr93fcHktL1wo4Rx9m-Nb8p7CrQrtiVNo8F0UVnym_KjwCMkz0S26Nj7tf3sP9J58zM2IGy5VvqZEJYse1UyVbV0QvlGEm1VWLB3nk3I4OXwvnXcyVZ3cCyR1CKzQ&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C601 2 KB
1 KB 28ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C601 2 KB
1 KB 20ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6BF9 2 KB
1 KB 29ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_HhWgAJa5MABioEAAGIwzw4U2Y5XhmBehCPBg&u=%7CZJvxsEhL7mdZ05n6pLL%2BF0oYr0moDkJYKUl0jsoTubw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Ngpf3CH59wRcAK1df8GsuyJRce0udb-6kPEZHyDoz0MEAqeoSmpqXo_LCZ1mCDArqriXzNyfMV3iiX0z6EgSJA3wM7QTCMshaExudyAVOKQuUnrkii3BSGip9e5G-DOKIJUyzO1iRmbY00z2rjJGY60GeBuRW6ngJ0bCr72oVAz9SLNX01uaP1taG4q66edMmVlf9CBj6gd0k6_BNncxlPvZR0imE2cQXPpfjB5CQUOSBXSxdqqqJNcCPgu2P18uXg4ORis0V-P6Pv9-Oz1rQOVMVCFajwGsy9H8fcgoainMI5uPULZm6iW-cl-XSzraZnpi2T8wqB_TiVBHVhZjASTCB55HYEpmAQcBmMrRS-qOrzAmD6g809AtxxtyUlKBB1oEbYb3LcGBXAcueEPTWb56q7rDBP3Jr_61Vn0TS5n74T5UhBVp69dCF5oIQAtmYRB6onOOkdCPzP30xmplkdQzxaxmuSDC5dEZ250nmfhtAtoS6yx3U7a8uTzQiXnq9e5UOwQaH-HsNxfHm1Q5H_Zwich_YTR_Pp1KfoDOUShFcRd-SDFrjIXMZDI7w3gw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPU5KWuHxY5PXJYTUmLAPw5GGyAvJntKxXLWY49aTAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02MDQxMjg0MTcxMTgwODMxyAEJqQJgeyhiTfGxPqgDAaoE9wFP0AR9xvXYfYCew3_gbEjz_DgR0AcZCvcN5vv5RFueSeMVmjtu62-tuS3c2FjuMMeCtY3BEtbL-u4ejOAbAePYgisJTPSH_hX_QmAt04n9TzAASY6kZHdD4q1LMIk3CSqlUelTr3rtBovJvMfv8xbuKSddy7JuNS0iF6G9hjW9xvKnP-4TAFrdKPud7yXvDOdy4vEZAPeACYoGoJ7vUEcKir6DtkIxNX4e9NS91FM3wEQz-ryjd23ISvYgegN1v9ZE1AeBDWovCigfE5hhCEQG1fQXkcJqzwWjfLX-AQblSB3JRsoMdUx5GsdyK_RrFBGNbv4h6BnTgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nT5HeJISzSZRMuKuOAiFktt7L4g%26client%3Dca-pub-6041284171180831%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6BF9 2 KB
1 KB 27ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6BF9 308 B
636 B 19ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6BF9 293 B
621 B 20ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6BF9 43 B
347 B 22ms
19ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=u_FD73snO68UYrYiDu2RaQt1qcyshE6DHq9L2mwjLfLzJB4dU3O4TbLT3zssdjfQCNQ0HdHlyDV_bmElwvEqZTqmXh3njiB9ZTooeB0BGKghLwu_lulsjhEKE9R7KH1VlbMVOlBMfb4tQ3yEanKlgEGzYbI-rRdGfytuCVK1pu-cbcHdvQx3fzBD3o4qG4cRhQGR973QldiWYt9JYB9pjqJBEMi_xUoVdRi_MOxQuZg6weaxqAf9o3pooUFccQLqhL-VPhJ1Uc8jrkM3Dq6IhjXHnFuOY7qS9c9da5H7_W-if0m9sPFw3qcXH1cGvslzOY8Zu9wJPcw8YFhePbgRYn5pYsZPrazlU8GdH-yVHAejRhZTw28cziYj0XrkvnjutYK7G3BAsudLRalCXed4ER76qqy627PBrerPEKbiBYUEoHuL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2317406
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0143 12 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 215636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt%2FG0AaDd%2BYsg4tenPQu19NVkpbA90XbTsgB6Td465icZFWakwZTuyJcm1hv8jdw2MNYPv3KZtbP4BfrCwBf6MV4FucrhBcp4Q2dkiXK2JpTLH0dk1ZfkJbOa9hFYsazjZOo3p89lp2jTwmXrE7IRHX%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79bdb81be8a6bbda-FRA
expires: Fri, 09 Feb 2024 08:44:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0143 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0143 0
127 B 16ms
15ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=tWV5K6Q1IVoLBJYlZ1pFcknSGTjHafHUOOYAE_Oi6S06LkEsvCyayxonI0kAX3A22cACQAmKkR2f_RlDkisB3pISEyQhr1O9ibSlhtIy6yyEo4-cqrV8LwaPH916wzO48OREoMw7WERQOfLc7Dlj0l9Kx0LJ6f8SACnfa-j2I6csyN_fGdPq4_vr9h92redZctiAi9ULp_8gpaRLvrTTklIj_6DN_kBBXdkN-KD8Ki_2pUcBua390tzogHgELQ0VsCZ__g&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0143 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0143 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6BF9 12 KB
5 KB 14ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 215636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cFwhg3CxP3tW10x%2BhaPjUjDDN5xewJ8nhP0DlLEp%2F50%2B24CJCwtZZqmM9GqKgJD1Ra752TBTyhjXTDwsyduDLBfsINMII5sXY3y8gjbqKZPTcNGVwfAQ6V6anZUO98b5LJOC%2BpnH3dgvkADjPd2sZm8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79bdb81c6b71902a-FRA
expires: Fri, 09 Feb 2024 08:44:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6BF9 12 KB
6 KB 17ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 172ms
51ms Ping
image/gif 2a00:1450:4016:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~leb56z40&c=2041264160343101&e=44759926%2C44759842%2C44759875%2C44782466%2C31061691%2C31061692&ctx=1&met.3=158.cs_d~158.f9_4~1032.kb~326.ke_2~832.ki~868.ki~216.kb_8~215.kb_8~843.ka_9~779.kk~889.kr~639.kz~1032.l2~326.l2~832.l2~868.l2~216.l2_1~215.l2_1~779.l3~889.l4~639.l7~112.m2_2~629.on_1~168.s3_1~168.s3_1~168.s4~168.s4~168.s4_1~168.s5~168.s5~168.s5~168.s5~168.s5~168.s5~168.s5~168.s5~168.s5~168.t5~168.t5~168.t5~168.t5_1~168.t5_1~168.t6~168.t6~168.t6~168.t6~168.t6~168.t6~168.t6~168.t6~168.t6~113.to_1~1001.wu_1__1~1032.ww~326.ww~832.wx~868.wx~164.ww_2~165.wu_4~166.wq_m~779.xb~889.xn~639.xp~429.1an_1~210.1ea_1~1032.1ec~326.1ec~832.1ed~868.1ed~164.1ec_1~165.1eb_2~466.1eb_2~1032.1ee~326.1ee~832.1ef~868.1ef~164.1ee_1~165.1ee_2~466.1ed_2~1032.1eg~326.1eg~832.1eh~868.1eh~164.1eg_1~165.1eg_1~466.1eg_2~522.1eb_6~779.1eh~779.1eh~779.1ei~525.1el_3~525.1eo_2~1013.1eu~525.1eq_8~639.1ey~639.1ey~639.1ey~264.1ez~264.1f1~264.1fd~264.1g5~264.1h3~264.1h6~264.1h8~168.1hu~168.1hu~168.1hu~168.1hu~168.1hu~168.1hu~168.1hu~168.1hu~168.1hv~168.1hv~168.1hv~168.1hv~168.1hv~168.1hv~264.1hv~264.1i8~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ii~168.1ij~264.1it~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~168.1iv~264.1j3~264.1jj~264.1k0~264.1kt~264.1lm~264.1ng~264.1p3&met.1=1.leb56yhy~6.1z~7.1z~8.2r~9.2r~10.3f~12.3f~13.46~14.46~15.48~16.gm~17.gm~18.i9~19.t6~20.t6~21.t9~22.at~23.at
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230215/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4016:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
74ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230215&jk=2041264160343101&bg=!8vGl8aXNAAZYlHKzeJQ7ADkAdvg8WjtmIIDkfYkFOXgUsT3KHB-isPqrh5RULWoh4XObyb6mB9a7pWQhtyZifpo7Q27CGTn9CU4CAAAAQlIAAAADaAEHCgCAzecPDsThTJRYZbNwKw2YEnssPPgeN6smvLl3uVkQ61Oa_O4bvjssBYptpFahpc11dIH9E94MDXybo9p2s5yUCb8n51ohauUG8HY6JoLEMYFzCvoXbTYArquOQQ5CriVJ9Qsm4U_uLzy37glfo1Nn1IG5YlAttswOFQYi34_vwMaZAqr5yftdkPgsPMTiLIh9baj3NcVFOPiFwhIXiwBRta0pDGS_ehxIyHS9HCfar35cI1QdN59xaliNO0fAE02FefunCQ9_E3cHTYAX5u5j8Gzj12TKf-a1fSfbTz8aI73QUDW2i_EVALvcGsjSq3vu4V0BGGZi3CTLrzOX1pklZZcexFU8ayjjHWP3pP_jpcVz1SLQbjNe1bmebfOhHg14fAq8o7lrI3tQGNjpEvFhtLIaXEFWzXStG-TxWax9RjPzrCE4JY4SxFipnODag3P1p0HkvPT1WxNmmSoftckgeTthQW5wk93uycDjDgGnuGkHspvMqCXw76e5Yn8tKk0qTYMS7R_AHkbSUdd3jjgDElev2lQuatCQpvr22mxMkzjqRPC_txBI8HzEKYEIcm3oGqvD1fkgNKLLSXnZ82kkCD1m5wSLQT0r0uSEjpXxTOKFrVz0f-ucsz9gaq9x214AB4xesWczJ8oBvH6ecmObJQZWDHBuKDNussJc05yc5-XXozmQ8FhnwG__Rq8xftpX0M0UcpCjgz2H_ELO0AJKD6hsWkJ447XNkeDd1moev26kUfUOFTb-L4n8-TTs8l6N-Ru7zwqFkyJbUWQSAfdqLW-TbYcknue3c9xQyjFXJvgJx9pVZO4Juwdft4YRQGSQWW-vlVEaCJTrd2FJoBKFFDz4Am1NwlJ6dqMU0zeZmdG1fSvpfXSds1ExHfE1_33MtQsqSzO2yrrIDmO_fPKi_uR1BoSc1hNQQJO9jeiRQzkJv04BafDZc19uddyJh_Mh_zwx0ae3ql_ETe4SN_-XwfU5NcJsAjJv3_AYRLssxxAaK1pqw9hx3MncPYTpIIEjDztdboDKEvEQPLFwwq0fEMdRus9L_9-H5EbaP_9_342RMWfXiyvyxRmztSsU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://storage2.mammutmail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 6BF9 46 KB
46 KB 59ms
29ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 6BF9 38 KB
38 KB 77ms
47ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 29 KB
29 KB 66ms
27ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=464&s=LXvd4IhYTsrp88PoXjHtvmjE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c4e1d6dac257b1f10f34c13ef8ec41e9e0cd8133c8e947aef4d756e19213649c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30761518
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29187
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 62 KB
63 KB 100ms
62ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2F71409a64baf248aca03b351b9195ce6d_img_horizontal_1.jpg&v=3&w=1200&s=k5RdnlfCBqvV5W6iPtb3VuAT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30762258
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 63762
expires: Sat, 10 Feb 2024 09:48:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 62 KB
62 KB 80ms
42ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1661780577%2F22196979-qIC02jMB.jpg&v=3&w=400&s=ZTjBaiWp5th-HwrAiaZRmoNN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

64e81916eb246a7b161b5b3ccd70b56e6c022ecb49cee6b43701c771da9b81b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=374153
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 63352
expires: Thu, 23 Feb 2023 16:40:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 117 B
381 B 69ms
31ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fstarrating%2Fstars_empty.png&v=3&w=400&s=T9IsSUAn7JLfzEl8Ey6C1Gv5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30761521
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 117
expires: Sat, 10 Feb 2024 09:36:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 12 KB
12 KB 93ms
55ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18157127-Eb4W7rUO.jpg&v=3&w=400&s=XfEdDM4htGsgCrt99CydWQZN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

de3208873287df65b8835364a9f0f9576ca8eb8b6bf3597d0680247add2ad9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=196910
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12442
expires: Tue, 21 Feb 2023 15:26:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 12 KB
12 KB 101ms
63ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1582304147%2F20059477-fjz9TDcX.jpg&v=3&w=400&s=H7kVsVxyyiEvxGXHP4lN77CG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9dbe622c1742e5fe5671268abb77b05974a3d31e41d9703086ed1c89573527f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=255285
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12028
expires: Wed, 22 Feb 2023 07:38:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 354 B
618 B 47ms
45ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=razrptKBi3DfvApO0YzRGhyS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30761559
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 354
expires: Sat, 10 Feb 2024 09:36:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 41 KB
42 KB 49ms
47ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22025015-gc6cQpfG.jpg&v=3&w=400&s=GDrKvudbuFYVZLZZQGcyFK2Y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6d3279d1fa1d8da2e69f72a9e7b893ac322fc0bb34736906b45b66fed3a31082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=310343
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42366
expires: Wed, 22 Feb 2023 22:56:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 305 B
569 B 52ms
50ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=jcK49oeUiuuNLVIfXvpJTqGu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30761586
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 305
expires: Sat, 10 Feb 2024 09:37:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 7 KB
7 KB 53ms
51ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1668546002%2F22227692-TYVdi7E4.jpg&v=3&w=400&s=VSyUaCWymrEmD-hEoeurF1Ap&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8e08ae0e522684f6ab791d65b05bab9d4c9ca39b6529c82344de36ff5cfa9e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=439662
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6780
expires: Fri, 24 Feb 2023 10:51:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BF9 26 KB
26 KB 53ms
51ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20266421-SFFeKXd4.jpg&v=3&w=400&s=pDUTbeGSX7guL1Uy7IrgBgd0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=191451
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26196
expires: Tue, 21 Feb 2023 13:55:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6BF9 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=HoEQxKQ1IVoLBJYlVms1O2DSY5ILMbluYwi_aXg97EkMrod_HtS-vFiuPthDYf2rK_cziV_WDkF9b1dcXZI23qGw_qqJFafeEOcPjuwi3VQQaPXV2_FErXGzvz-xrQO3efnfZzlybGt2K7BYnUsH5njut9405t7yUCcB7awHu-0R-fWT8ALqZbzCHCSu9clvdumolgDagxUUZy4KHmRs8TKUeiXkogXsJ1h_yUWgrzYZGnlLc7YZYRMJCjjqzBEkTTAiTQ&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6BF9 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6BF9 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame C601 46 KB
46 KB 38ms
37ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 0143 46 KB
46 KB 33ms
32ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
DATA 200
OK truncated
/ Frame 36EA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0564649e718947d23c3073e2255114a2c5ba094c533c8a57807c1a3a3a96ff04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 356E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5354dd0e6deb18fb7031642dd54117a4fbfb6d3a25dcb7e7d32b063337141e67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 36EA 62 KB
23 KB 178ms
35ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5fb8d061e093ea8613642f6f3d57335fd98b4d701153885cd86d57d5f461b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 793
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23494
x-xss-protection: 0
server: cafe
etag: 8450971440953511634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 09:30:58 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame C601 38 KB
38 KB 29ms
28ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 0143 38 KB
38 KB 18ms
18ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Feb 2024 08:44:11 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 356E 62 KB
23 KB 205ms
85ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5fb8d061e093ea8613642f6f3d57335fd98b4d701153885cd86d57d5f461b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 793
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23494
x-xss-protection: 0
server: cafe
etag: 8450971440953511634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 09:30:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 27 KB
27 KB 16ms
15ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=232&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=356&s=Acazjw5e91lpSWkxU3Hl0ktf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30761517
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27603
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 107 KB
108 KB 18ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2Fadb1b255a8a44e859d22e584c7a782d4_img_square_1.jpg&v=3&w=1200&s=-h9mHin1PTSSF-uh9UynI-QT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30762017
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Sat, 10 Feb 2024 09:44:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 7 KB
8 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544803151%2F18300358-BQBk5bjM.jpg&v=3&w=400&s=7q9r08ZyY2ZjqaZMxEethEAi&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=166607
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7468
expires: Tue, 21 Feb 2023 07:00:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 33 KB
33 KB 19ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1624958192%2F20266365-ZLzQEwTp.jpg&v=3&w=400&s=5h5AB64DcgccHzD58iNqSgxL&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a1a9f7d14f93b81dd4ba4c3b46b3bdcf912705b5b58be13de2101fb14898f661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=253419
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33958
expires: Wed, 22 Feb 2023 07:07:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 45 KB
45 KB 23ms
22ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18061239-jOHN5mYk.jpg&v=3&w=400&s=b3sy640OznvVNFOFVYXDjrOq&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e7f5189b109477efcc8c6390528543ed375fbc471916425852cbda7a49867043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=244712
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45728
expires: Wed, 22 Feb 2023 04:42:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 36EA 0
18 B 79ms
78ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgfy8WuHxY5HXJYTUmLAPw5GGyAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDEyODQxNzExODA4MzHIAQmpAmB7KGJN8bE-qAMBqgTzAU_QVPqK7WDdPg9F-4PvzUg_LHlLWArK1ItpixnTUGhBLTI5fJwkCIrfejqGnzvQP-b7f2N_x9U97BpNmkW8E8_5TFE5i2Um74W_p4y8vMDGXsfXUTkogZIkcscWOxRS1cHJy8y2JHjLwU3V30ecGaRlmC3y2HNiVUtP-NnC8jP7PoqoE9w3-sHGIYtFQcT2YHxECDMZ0A6ccjUpYjUfsIayfyl1wS0LsAmhg7M4Lr6q4Cx38XJIQidLTPn8kffwFHDSqT4-6IndBcG_9mVtN6T0dz2qPNsH_aVnDeaRZCG9akSym9PddPLhYdaLzNP4_m5ay4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjA0MTI4NDE3MTE4MDgzMRgA&sigh=4WW2au2cGfY&uach_m=[UACH]&cid=CAQSOwDUE5ymOYXxRsDnKe3DTvIQKeHhYANdlhxTipWfxlk4pKdiLqjBLtZujm1iKLkP4U3fLK9hU3o2IPSDGAE&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Feb 2023 08:44:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 36EA 0
125 B 16ms
16ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMC-MLQB9AOdg2ICAgAAAEaBPNj6px1Egq2_OxBa4fFj6VL-TotDRWMQ4lcAEgAACg5BUVVCQVFZQkFRRVBBUQ&wp=Y_HhWgAJa5EABioEAAGIw0MEjVpYATGL7PyOSQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 186020
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 356E 0
18 B 83ms
81ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUNFZWuHxY5LXJYTUmLAPw5GGyAvJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTYwNDEyODQxNzExODA4MzHIAQmpAmB7KGJN8bE-qAMBqgTzAU_QwO0f3d0xUk-XVhNJA0r5aumTc3S1sxV4ct_nki1uJX6RlVUZFioNL0zfPBdWICOrG9cHHc9WxpqJXPqzV5UCI1sfyb4b8u-12JL2NXOleqVRdv0xmAtrdjmHM0plEbVdauHNqShdXznLU2TK_kN1vfSmAnFmBZYqPConN4hPT2JEPfUMEmINdYsq5HQ_WZxbGB_CsWaKaTNm39ewynm_3eX8vxK8SUS4PCJSsHXVYgoUaqIUD1ZtC4h2mbuAl5HpDCsd5KrUZecrz0wkneE5CvBnXT68eobKPkEH6vBLNXTIQWa_tAGW3czsD4biBZgroYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjA0MTI4NDE3MTE4MDgzMRgA&sigh=-M4l05Hctpc&uach_m=[UACH]&cid=CAQSOwDUE5ymOYXxRsDnKe3DTvIQKeHhYANdlhxTipWfxlk4pKdiLqjBLtZujm1iKLkP4U3fLK9hU3o2IPSDGAE&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Feb 2023 08:44:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 356E 0
126 B 61ms
21ms Image
text/plain 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMC-MLQB9AOdg2ICAgAAAEaBPNj6px1Egq2_OxBa4fFjqzrCboh0aSdqzAUAEgAACg5BUVVCQlFZQkJRRUJCUQ&wp=Y_HhWgAJa5IABioEAAGIw-ivOEhMEdTU18i7mw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 262633
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 27 KB
27 KB 20ms
20ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30761517
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27603
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 107 KB
108 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30762017
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Sat, 10 Feb 2024 09:44:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 7 KB
8 KB 16ms
15ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=166607
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7468
expires: Tue, 21 Feb 2023 07:00:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 11 KB
11 KB 18ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22016779-LndJaXnZ.jpg&v=3&w=400&s=TkV2TiW4hS34FrbpK4DSVt3w&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0f6692162615e26ffa71e9baae3a75afdead4e9b9a4d70bb5b6e5e82c77ed8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=382936
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10812
expires: Thu, 23 Feb 2023 19:06:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 7 KB
7 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1526043655%2F18134812-WfDHYhBg.jpg&v=3&w=400&s=y8L5szJHCnPrp6tz5d38apO0&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

05f8effb5708bf6dd2aa7f41eee861b044e497b8bb00029cfce3b9be586fc503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=192352
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6900
expires: Tue, 21 Feb 2023 14:10:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 27 KB
27 KB 16ms
16ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30761517
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27603
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 7 KB
8 KB 16ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=166607
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7468
expires: Tue, 21 Feb 2023 07:00:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 33 KB
33 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a1a9f7d14f93b81dd4ba4c3b46b3bdcf912705b5b58be13de2101fb14898f661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=253419
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33958
expires: Wed, 22 Feb 2023 07:07:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 107 KB
108 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30762017
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Sat, 10 Feb 2024 09:44:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0143 45 KB
45 KB 20ms
20ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e7f5189b109477efcc8c6390528543ed375fbc471916425852cbda7a49867043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=244712
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45728
expires: Wed, 22 Feb 2023 04:42:44 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9B17 62 KB
23 KB 86ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5fb8d061e093ea8613642f6f3d57335fd98b4d701153885cd86d57d5f461b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 793
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23494
x-xss-protection: 0
server: cafe
etag: 8450971440953511634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 09:30:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 7 KB
8 KB 18ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=166607
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7468
expires: Tue, 21 Feb 2023 07:00:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 107 KB
108 KB 18ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30762017
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Sat, 10 Feb 2024 09:44:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 27 KB
27 KB 21ms
21ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30761517
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27603
expires: Sat, 10 Feb 2024 09:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 7 KB
7 KB 21ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

05f8effb5708bf6dd2aa7f41eee861b044e497b8bb00029cfce3b9be586fc503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=192352
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6900
expires: Tue, 21 Feb 2023 14:10:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C601 11 KB
11 KB 21ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0f6692162615e26ffa71e9baae3a75afdead4e9b9a4d70bb5b6e5e82c77ed8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=382936
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10812
expires: Thu, 23 Feb 2023 19:06:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 36EA 0
54 B 53ms
52ms Ping
image/gif 2a00:1450:4016:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~leb570ht&chm=1&ctx=2&gqid=WuHxY6CDJcGZ1wb7loKwBg&qqid=CJHsg-eYof0CFQQqBgAdw4gBuQ&met.4=fb.1m~lb.32~cmrload.3j~ol.f2~bdt.-1ad~bpp.-hp~idt.-hp~dtd.-gy~dt.-hs&met.3=492.1o_1~492.1p~200.1l_9~733.9n~748.a9~749.aa~742.9m_q~739.dk~738.f2~494.gq_1~736.hw~735.il_1~113.lb_4~112.l9_5&met.1=1.leb56zwj~6.1~7.1~8.1~9.1~10.1~11.1~12.2~13.11~14.12~15.14~16.dk~17.dk~18.dl~19.f2~20.f2~21.f3&met.7=CAwQCBgBMCY4ngRoAXAleL4jgAGSIYgBrEywAQG4AQM~CBsQBSA_OIgB~CB4QChgBIEAoQDBlOCVoQHBkeIAMgAHUCYgBgRWwAQG4AQM~CBwQBRgBIEEoQTBqOCloQ3BpeJYHgAHqBIgBlgmwAQG4AQM~CBwQChgBIEEoQTBmOCVoQXBleP5CgAHSQIgBjp0BsAEBuAED~CBsQBhgBIEIoQjByODA~CCoQChgBIEIoQjCRAjjPAQ~CCgQChgBIKYEKKYEMPsFONQBQKcESOIEUOIEWLQFYIcFaLUFcNkFePK5AYABxrcBiAHz7gOwAQG4AQM~CCEQBhgBINoEKNoEMKoFOFBo2wRwqQV4rAKwAQG4AQM~CBsQBiDaBDgR
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4016:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9B17 0
54 B 53ms
52ms Ping
image/gif 2a00:1450:4016:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~leb570i8&chm=1&ctx=2&gqid=WuHxY6CDJcGZ1wb7loKwBg&qqid=CJPsg-eYof0CFQQqBgAdw4gBuQ&met.4=fb.25~lb.41~cmrload.48~ol.i3~bdt.-1aj~bpp.-hv~idt.-hv~dtd.-h4~dt.-hy&met.3=200.22_9~733.ax~748.b8~749.b9~742.ax_g~736.c7~735.dk_1~739.do~738.i3~735.iz_1~113.lk_1~112.lk_1&met.1=1.leb56zwp~6.0~7.0~8.0~9.0~10.0~12.1~13.11~14.12~15.18~16.dn~17.dn~18.do~19.i2~20.i2~21.i3~22.4d~23.4d&met.7=CAwQCBgBKAEwJziLBWgCcCV4viOAAZIhiAGsTLABAbgBAw~CCEQBBgBIE8oTzCdAThPaE9wnQF4rAKwAQG4AQM~CBsQBCBPODA~CBsQBSBROIwB~CB4QChgBIFEoUTB1OCRoUnB1eIAMgAHUCYgBgRWwAQG4AQM~CBwQBRgBIFIoUjCAATgtaFlwfniWB4AB6gSIAZYJsAEBuAED~CBwQChgBIFIoUjB8OCloU3B2eP5CgAHSQIgBjp0BsAEBuAED~CBsQBhgBIFMoUzCCATgw~CCoQChgBIFMoUzC_AjjsAQ~CCgQChgBIKAFKKAFMIYGOGZosAVw9gV48rkBgAHGtwGIAfPuA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4016:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 356E 0
54 B 52ms
52ms Ping
image/gif 2a00:1450:4016:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~leb570iq&chm=1&ctx=2&gqid=WuHxY6CDJcGZ1wb7loKwBg&qqid=CJLsg-eYof0CFQQqBgAdw4gBuQ&met.4=fb.1w~lb.3n~cmrload.3s~ol.f4~bdt.-1ah~bpp.-ht~idt.-ht~dtd.-h2~dt.-hw&met.3=492.1y_1~492.1y~200.1t_a~733.bh~748.bs~749.bt~742.bh_f~739.dq~738.f4~494.gr~736.ht~735.ij_1~113.m3_1~112.m3_1&met.1=1.leb56zwn~6.0~7.0~8.0~9.0~10.0~12.2~13.11~14.11~15.14~16.dq~17.dq~18.dq~19.f3~20.f3~21.f4&met.7=CAwQCBgBMCY4oARoAnAleL4jgAGSIYgBrEywAQG4AQM~CBsQBSBIOIoB~CB4QChgBIEgoSDBtOCVoSXBseIAMgAHUCYgBgRWwAQG4AQM~CBwQBRgBIEkoSTBxOChoS3BxeJYHgAHqBIgBlgmwAQG4AQM~CBwQChgBIEooSjByOCloSnBteP5CgAHSQIgBjp0BsAEBuAED~CBsQBhgBIEooSjB5OC8~CCoQChgBIEooSjDCAjj3AQ~CCgQChgBILgEKLgEMJoGOOIBaLIFcIgGePK5AYABxrcBiAHz7gOwAQG4AQM~CCEQBhgBINsEKNsEMLEFOFZo3wRwsQV4rAKwAQG4AQM~CBsQBiDbBDhA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4016:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B17 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhtHaHkjtNMsIS6z2nhkqG4oj1l5ROcbZ2UeC-mI_yY7qkKZuorRsWoKStlf-p4PfGR7ZKoN_msu7OC1D2d7sKYFff&sig=Cg0ArKJSzE8q1kImI_gKEAE&cid=CAASF-RoGV_wfYGN1FuieqEWIp2YqVWuVoUk&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=150,777,1000,1000,1000&tos=150,627,223,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1676796251209&rpt=405&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6BF9 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 08:44:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame C601 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 08:44:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 0143 0
127 B 16ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Feb 2023 08:44:12 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 36EA 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstewgrThzaI7AJHa7C6v7Ms_qAjMFJvkBLvHntBWCAGABhp1-GFKVBQSLsw1a2H92yEFXSY4X15MdcrI54kQlpDFts&sig=Cg0ArKJSzG2ZErmhUPbnEAE&cid=CAASF-RoUaOQXQ-f_YIQGLnfawoWeEgVuEqU&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1676796251203&rpt=370&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 356E 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9bAoUJXTQCoWcSdvd6LIbtPepM4CxSgCOB5BUaEVP003QnFA50ToJQG8G5N1oZgIADeRotGAaQ7-MSH1OFN21UYc&sig=Cg0ArKJSzMLjXowTAVdIEAE&cid=CAASF-Rogt44SVykS73oNl4GXjxab42OXFYi&id=lidar2&mcvt=1002&p=0,0,500,180&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1676796251207&rpt=425&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Feb 2023 08:44:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

300 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
storage2.mammutmail.com/	1970-01-20 09:46:39	Name: MammutMail Value: k7u8fpm7576fnkadddrdkao1r7
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: AywLW9p6gYE
.youtube.com/	1970-01-20 14:05:48	Name: DEVICE_INFO Value: ChxOekl3TVRjNE5UQTFNalV5T1RjMk1qUXdNdz09ENnCx58GGNnCx58G
.youtube.com/	1970-01-20 14:05:48	Name: VISITOR_INFO1_LIVE Value: 0kD8zMPSB4Y
storage2.mammutmail.com/	1970-01-20 19:22:36	Name: __utma Value: 1.1756958618.1676796250.1676796250.1676796250.1
storage2.mammutmail.com/	1969-12-31 23:59:59	Name: __utmc Value: 1
storage2.mammutmail.com/	1970-01-20 14:09:24	Name: __utmz Value: 1.1676796250.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
storage2.mammutmail.com/	1970-01-20 09:46:36	Name: __utmt Value: 1
storage2.mammutmail.com/	1970-01-20 09:46:38	Name: __utmb Value: 1.1.10.1676796250
.storage2.mammutmail.com/	1970-01-20 19:22:36	Name: __utma Value: 27847678.994145205.1676796250.1676796250.1676796250.1
.storage2.mammutmail.com/	1969-12-31 23:59:59	Name: __utmc Value: 27847678
.storage2.mammutmail.com/	1970-01-20 14:09:24	Name: __utmz Value: 27847678.1676796250.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.storage2.mammutmail.com/	1970-01-20 09:46:36	Name: __utmt_b Value: 1
.storage2.mammutmail.com/	1970-01-20 09:46:38	Name: __utmb Value: 27847678.1.10.1676796250
.hit.gemius.pl/	1970-01-20 09:56:41	Name: Gtest Value: KlQUnMMGQMGGjCRa4EFBr4cissGMXP8cERbG
.hit.gemius.pl/	1970-01-20 19:15:24	Name: Gdyn Value: KlGzlRaGQMGGjCRa4EFBr4cissGMXP8cE8ySssX6nsGfGKZwH72xkSlsxcSHsyCtI8l8MG..
.adverticum.net/	1970-01-20 11:13:00	Name: _goa3TC Value: "eyI2MzMwMjMzIjoxNjU0MjQ2MjQ4NzgxLCI2MzMwMjEwIjoxNjUxMjYwMzg5NTc4LCI2MzMwMjE0IjoxNjU1Njk5NjAzNTQyLCI2MzMwMjA2IjoxNjUwNjU0NTM3MDQwfQ=="
.mammutmail.com/	1970-01-20 19:22:36	Name: _ga Value: GA1.2.994145205.1676796250
.mammutmail.com/	1970-01-20 09:48:02	Name: _gid Value: GA1.2.401301028.1676796250
.mammutmail.com/	1970-01-20 09:46:36	Name: _gat_UA-12345-1 Value: 1
.mammutmail.com/	1970-01-20 19:08:12	Name: __gads Value: ID=3ee537f467b4810f-22c73838e5dc00f8:T=1676796250:RT=1676796250:S=ALNI_MaJK9aZFz-4rW2rHQiq5hynliNkHA
.mammutmail.com/	1970-01-20 19:08:12	Name: __gpi Value: UID=00000bb9040694f5:T=1676796250:RT=1676796250:S=ALNI_MaUsUZjIVE47uheFfSKm6lWboaGUQ
.doubleclick.net/	1970-01-20 19:08:12	Name: IDE Value: AHWqTUmAvuqb0F5zeTm39da-zBpzDJrxJNUjC2IF-sPBDAZLiy0i6QMfvK8YE90fE_E
.adverticum.net/	1970-01-20 19:22:36	Name: _goa3test Value: "eyJzIjoxNjc2Nzk2MjUxMDYxLCJkIjp7fX0="
.adverticum.net/	1970-01-20 09:49:29	Name: _goa3session Value: 1676796251061
storage2.mammutmail.com/	1970-01-20 19:22:36	Name: _goa3 Value: eyJ1IjoiMDAwMDAwMCIsImgiOiIifQ==
storage2.mammutmail.com/	1970-01-20 19:22:36	Name: _goa3test Value: eyJzIjoxNjc2Nzk2MjUxMDYxLCJkIjp7fX0=
storage2.mammutmail.com/	1970-01-20 09:49:29	Name: _goa3session Value: eyJzIjoxNjc2Nzk2MjUxMDYxfQ==
.quantserve.com/	1970-01-20 11:56:12	Name: d Value: EBoBCQGqKIEA
.quantserve.com/	1970-01-20 19:16:50	Name: mc Value: 63f1e15b-59830-ba918-47096
.3lift.com/	1970-01-20 11:56:12	Name: tluid Value: 386069913769680396957
.adfarm1.adition.com/	1970-01-20 11:56:12	Name: UserID1 Value: 7201785060111415438
.casalemedia.com/	1970-01-20 18:32:12	Name: CMID Value: Y-HhW2-rsuAqUq7BsEC5qQAA
.casalemedia.com/	1970-01-20 11:56:12	Name: CMPS Value: 1200
.casalemedia.com/	1970-01-20 11:56:12	Name: CMPRO Value: 1200
.360yield.com/	1970-01-20 11:56:12	Name: tuuid_lu Value: 1676796251
.simpli.fi/	1970-01-20 18:33:38	Name: suid Value: 50F909E2AED844DB9DC03B82C6823E47
.blismedia.com/	1970-01-20 18:32:16	Name: b Value: 63F1E15BB302DF2B0F60C056BLIS
.travelaudience.com/	1970-01-20 19:13:57	Name: _tracker Value: %7B%22UUID%22%3A%2210711FB9-41DF-4DF8-9080-A424CC940EA1%22%7D
.turn.com/	1970-01-20 14:05:48	Name: uid Value: 8565815968662754939
.yahoo.com/	1970-01-20 18:32:33	Name: A3 Value: d=AQABBFvh8WMCENRr-nT7tDABhIj-rcD_KAoFEgEBAQEy82P7YwAAAAAA_eMAAA&S=AQAAAvcHytrXQpkOeCS0nkpHoJs
.de17a.com/	1970-01-20 18:25:00	Name: guid Value: 1.6547998731348513889
.adform.net/	1970-01-20 10:26:55	Name: C Value: 1
.mathtag.com/	1970-01-20 19:12:31	Name: uuid Value: c56763f1-e15c-4700-86e7-983f751cc6a9
.mathtag.com/	1970-01-20 10:29:48	Name: mt_mop Value: 4:1676796252
.adform.net/	1970-01-20 11:13:00	Name: uid Value: 4765131735412262568
.360yield.com/	1970-01-20 11:56:12	Name: tuuid Value: 58843c97-e6c2-40c1-b080-b63765da2577

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0108/7162.js Message: Failed to load resource: the server responded with a status of 410 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8vdbCFO5G_i9fCoZz40hVEhnHvVIg3NtIv6dEkikkOFzcKChOcHDlLJ-s9u-Nf7SvSyOrKMN4Tv1CzdcixdcKq4TdXOTtRtQ&google_gid=CAESENvtfkF7NLxZaB75WLwO93o&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adverticum.net
ad.turn.com
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
c1.adform.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dsp.adfarm1.adition.com
eb2.3lift.com
googleads.g.doubleclick.net
hu.hit.gemius.pl
id.rlcdn.com
mammutmail.com
match.360yield.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pr-bh.ybp.yahoo.com
r.turn.com
rtb.fr.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
script.crazyegg.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
storage2.mammutmail.com
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
weloveiconfonts.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
104.18.24.185
142.250.186.130
178.250.1.6
185.116.245.25
185.29.132.245
185.51.66.37
185.51.66.79
185.86.138.153
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
213.155.156.168
217.113.63.144
2600:9000:223f:be00:1b:5138:8a40:93a1
2606:4700::6811:190e
2606:4700::6813:9308
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:400c:c0b::9c
2a00:1450:4016:80c::2003
2a02:2638:3::12
2a02:2638:3::9
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::c
2a05:d018:d29:3601:b182:71dc:6cf5:e081
34.91.62.186
34.96.105.8
35.157.246.219
35.190.0.66
35.227.252.103
35.244.174.68
37.157.3.30
76.223.111.18
81.0.120.8
85.114.159.93
02457c0ea98cb1929e8a3b8e8a94b9a40c319310c882de628064f15debc8434b
04e666357199e40d2b979ba24afe33e1bcc4ed05b3e1af49b26da0bb385c8c10
0564649e718947d23c3073e2255114a2c5ba094c533c8a57807c1a3a3a96ff04
05a86778853bc93064bf17c58c64353e343ca8b03b8dc8c8cc57173d451613aa
05f8effb5708bf6dd2aa7f41eee861b044e497b8bb00029cfce3b9be586fc503
08a0af9f03516172bb3d8d31eebb64510f1e7ba84881c9d99f9809a28b94374f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a48130ff2e9d3f97f199c0eb2c7a4273eb96d9cc0fb585fb877d1498190739a
0b58ded0d4dae58a6a7e8d7476a34c55bdfa7f6b87a10dc0e62c3c09d9627220
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0a40ab702b52bcccc7116d58fbff97c5a9b51ce64efdd06aee4d2b50516921
0f6692162615e26ffa71e9baae3a75afdead4e9b9a4d70bb5b6e5e82c77ed8a2
111a99336ea21ac72d76be78f29d57d7824f3983e713ba0db786fd57ee668bff
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1511d779efff2e7c0a27d0fa4d46975df31c1b05fea03692fccb0c05a67d73f5
157a74033897672fd1c554137a7ed332ecece75c8e5b8b4a74d44906d1a86332
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
19bded2d9cba71a31fd4aa13a02b22c9b7648e067be1c27c4c9f90549e745cb9
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21437cf9c0d87c2e3c6ade864137f5536fd865a64333075ce431174e342dee74
218bbefc083add1bdbb990a49978d75a564e07b562605f9fed281fe56ddc650e
279706ee535e9198ec37dd074643f35afee1f720008e2c6307b91c468a0ccb55
27a4c378768bd08f78c63ff76b9f467301182ef9145136aaef7f0e0157963468
3142ae3f23a444996fc5f710cdd968dcddce120a366fe16899a598a0f07284e7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3174fe0090fc1dd5d0e272c46ea90ca96df05d77ef8da190b7f43f8919413525
3d44370097c9f3121780271480c8f58764d4c963df7ba0c2be2b11adce5dc0af
3e3e5823ca053398d153904843df07a73335a811e7b12e9994087bea5ec3c189
40af400e8c91f02188ba45f50e2fcfe9e0551221d23bf002f8ad1ee7c8cae18f
41f41aa3f32ea20a820c36488c40e2acb8f022c35d91c69a1d1c75e63edebf54
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
44a6c2d96a041a38e4eadea873108cf9f45e1dd763800bce5dffa01fcc6eb22f
45135e144bfbdee4aa4bbce74dddccf8062d84c08fabb9ad7195c371096e2a06
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
52974e1f2c9fb2f17952ee8185bb18407775682348bf1848083163cf841b10da
5354dd0e6deb18fb7031642dd54117a4fbfb6d3a25dcb7e7d32b063337141e67
54a361e4335bd3bc88de2221bc629dd6f63bb1a85df115efacfcdbd202604d56
54fe9c8668523ff74710ca832bc8396155bb36fee6e4aa4a1aacdc3dad8d2ba6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59c6a9c772e860a6ed3dfa8bb58a72d911f43d2d7f82b2db4b8b9992258d8efa
5cae548ba98e69c5a9a6f52aceff6efacf1df684fc86f4f30392f8aeaed1c5ca
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6345b446e670bc9d61048d9074e6207ec2469c92e16d36a70e977366ae9d38d3
64e81916eb246a7b161b5b3ccd70b56e6c022ecb49cee6b43701c771da9b81b6
6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d
6d0000b08cd91d60e92aa06a41e677c63c5d76710330d9432cf9efceb2e8d9d9
6d3279d1fa1d8da2e69f72a9e7b893ac322fc0bb34736906b45b66fed3a31082
70146862a04c07758674b8e452ad901ad19d38c7ff838b603e887789e168cd70
713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
735edd915e2ba5e19e7f272f3260a4108d266801bb1998a83cc9305b8c0a490e
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
762a4d5b65ea5d650f692bcc7a870b93e69c68471262fb60986fd2806a0ea2c8
770f843d22aac8636d8fc23ec39c0e359a085308118935213dd6f0069a1e48de
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
83b2feabab35b88d2eff37f9f1e1edc98812f124c002aacfcaa0106caa651ec1
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8e08ae0e522684f6ab791d65b05bab9d4c9ca39b6529c82344de36ff5cfa9e75
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f87f92ca7ccf8665ef26bffc1b204fd5c358a222420dc708f922a3075546b28
912e91f1da607f20bd0c37ae412553bbc778dbe41bf805b5debfe54e05e4bc63
9471f7d2613b17a6c369ca5df1686cb2a752d24ae90ddae9db40d997a1124378
96c28d16cf0ed4fcefa71cf23d10e5c8dfa9a2f31f19a32754bcc502bf207f8e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb8300736a1daf829e84149461d1a74619412555609cdb251ece52c70f0a147
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dbe622c1742e5fe5671268abb77b05974a3d31e41d9703086ed1c89573527f6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a9f7d14f93b81dd4ba4c3b46b3bdcf912705b5b58be13de2101fb14898f661
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a44268caa0acf1be2eb2060c715a525ba8053f3265ece6d2f5f0553e400ed103
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a643d5c3d245bb96a8d46f0ae1b6773805b77a942bb670060ca97a7140039ad9
a6fb906942932de53852ee244ee3fec27bca0bf63a96421672aa4784851b8d4b
a7107966befc99674a8f7bbfac02129220564668e805d466160866c5424e4034
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
a869db9a7b7a0b2a2d28c2d7a31217605a955eb7fd2554c09ea1ecd6f3783359
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b4caba6d7a2d95a54197fe39f477310531d0b383cf3362619529795f96559373
b9edd815648f1d9dfd9915505b3053dda2087b0421efd4d6926cb1c017666160
bca9b0890e434837446bcbc88fda1cb91a1cd1e7af1504b88389a37a3e8fdf92
bda4626079d40384245b08cf2cbe79ba640b342ae024acefa024896a51a5d92f
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
c4e1d6dac257b1f10f34c13ef8ec41e9e0cd8133c8e947aef4d756e19213649c
c98f2cbc31e1fad29b0eb23162c026a0d0e3f856ed02bf915a11dc02c9e136c0
cdf5bb6673f90343d2ba35bc2f76bbcec13381859706bb505360d5fcef081f77
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d5fb8d061e093ea8613642f6f3d57335fd98b4d701153885cd86d57d5f461b2e
d834ba1c8de1523c18338d80216e62cfdc56d69cfd2bffc5814dfd0c0f477cfd
de3208873287df65b8835364a9f0f9576ca8eb8b6bf3597d0680247add2ad9d3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e186cdb006192feaf9e4b468dfdeb3a7567c4ffd134ff264ef3f99786f5fdb87
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6473692d5095b22701c23f8ae8fb6e82a942a9b722169014bc1be6ec3119231
e7f5189b109477efcc8c6390528543ed375fbc471916425852cbda7a49867043
e9d21e3846bdcd32e5e54fcc6d1a089feb05b74aff41a92b5d2315cffe07bf35
eaab0f0f4a5dcdb29761df51a8f7a53e2e73aea329bf64976769d9b477f4fa0b
eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

storage2.mammutmail.com Open in urlscan Pro 217.113.63.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

204 Requests

73 %HTTPS

57 %IPv6

36 Domains

49 Subdomains

35 IPs

11 Countries

3739 kBTransfer

6484 kBSize

47 Cookies

3 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

storage2.mammutmail.com Open in urlscan Pro
217.113.63.144 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

73 %
HTTPS

57 %
IPv6

36
Domains

49
Subdomains

35
IPs

11
Countries

3739 kB
Transfer

6484 kB
Size

47
Cookies

204 HTTP transactions
3 data transactions