urlscan.io logo urlscan.io
SecurityTrails logo

testies.xyz Open in urlscan Pro
108.167.172.188  Public Scan

Go To Rescan Add Verdict Report
URL: http://testies.xyz/
Submission: On July 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 15 domains to perform 95 HTTP transactions. The main IP is 108.167.172.188, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is testies.xyz.
This is the only time testies.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 108.167.172.188 46606 (UNIFIEDLA...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 8 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.251.36.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638::b 44788 (ASN-CRITE...)
14 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.0.160 44788 (ASN-CRITE...)
2 2600:9000:206... 16509 (AMAZON-02)
14 178.250.0.139 44788 (ASN-CRITE...)
3 178.250.2.150 44788 (ASN-CRITE...)
1 2a00:1450:401... 15169 (GOOGLE)
95 23
15    108.167.172.188 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.sierrapacificwest.com
testies.xyz
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
8    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
7    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
5    2606:4700:3032::6815:1e29 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.251.36.98 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s11-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
14    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
2    2600:9000:206e:b400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
14    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4014:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
31 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
pix.eu.criteo.net — Cisco Umbrella Rank: 7179
csm.eu.criteo.net — Cisco Umbrella Rank: 7348
73 KB
15 testies.xyz
testies.xyz
2 MB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
230 KB
8 unpkg.com
unpkg.com — Cisco Umbrella Rank: 893
113 KB
6 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13433
ads.eu.criteo.com — Cisco Umbrella Rank: 7319
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9222
112 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
26 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1888
ka-f.fontawesome.com — Cisco Umbrella Rank: 4402
176 KB
3 gstatic.com
fonts.gstatic.com
24 KB
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1409
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
86 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 96
www.google.com — Cisco Umbrella Rank: 10
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8252
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 873
644 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 613
83 KB
95 15
Domain Requested by
15 testies.xyz testies.xyz
14 pix.eu.criteo.net ads.eu.criteo.com
14 static.criteo.net ads.eu.criteo.com
8 unpkg.com 4 redirects testies.xyz
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 pagead2.googlesyndication.com testies.xyz
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 ka-f.fontawesome.com kit.fontawesome.com
testies.xyz
3 csm.eu.criteo.net ads.eu.criteo.com
3 fonts.gstatic.com fonts.googleapis.com
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com testies.xyz
1 code.jquery.com testies.xyz
1 kit.fontawesome.com testies.xyz
95 22

This site contains links to these domains. Also see Links.

Domain
instagram.com
discord.gg
Subject Issuer Validity Valid
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-12 -
2022-09-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://testies.xyz/
Frame ID: 67A30AD934DBFD5E45BB25C5735BAD8F
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Frame ID: 6CB13C80E8FCB6409740E093F4EA2005
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&adk=1812271804&adf=3025194257&lmt=1659254913&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ftesties.xyz%2F&ea=0&pra=5&wgl=1&dt=1659254912756&bpp=3&bdt=385&idt=272&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4305112330042&frm=20&pv=2&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287
Frame ID: F092273C4440C0B7CB519A8C45B65A5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
Frame ID: 007D0A61E8517AD24C4C82772EFF3B76
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Frame ID: 85DEBFB3EF494831B55DA0432E45E871
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Frame ID: 69024D5BDD8DEA8823AA5947F19C596E
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Frame ID: 949F0F69BDE59D4D798C887486CAF273
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3EE26F9E13CC55C697A6D09955171AE0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EDA4E67503C04B3F4465451EF484E33
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Testies | Welcome to the Official Home of Practice Tests

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

80 %
HTTPS

77 %
IPv6

15
Domains

22
Subdomains

23
IPs

5
Countries

3231 kB
Transfer

4880 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://unpkg.com/swiper/swiper-bundle.css HTTP 302
  • https://unpkg.com/swiper@8.3.2/swiper-bundle.css
Request Chain 6
  • https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css
Request Chain 16
  • https://unpkg.com/swiper/swiper-bundle.js HTTP 302
  • https://unpkg.com/swiper@8.3.2/swiper-bundle.js
Request Chain 17
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.3.2/swiper-bundle.min.js

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
testies.xyz/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
3bcaf0608f1dcf48e5669da9ed1c4b87dd984039336d80c778901d479e31a9f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
8654
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Jul 2022 08:08:32 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=75
Pragma
no-cache
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
250e4911bd.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/250e4911bd.js
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6735555a0df48607ebf88b6aa6835519bf00b22e470529be0092301b71315391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://testies.xyz/
Origin
http://testies.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
7334d8c30eeb9182-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FwayIsx5S8Qd4UxCWckC
style.css
testies.xyz/css/ 		43 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://testies.xyz/css/style.css
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
ae0aed061f9800fcf31e6f65796b13139473545e32e793fcc527b961e22fd6ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Mar 2022 14:34:49 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
10701
header.css
testies.xyz/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://testies.xyz/css/header.css
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
54321d67f9cb1c75ec906c593f61991d264f93a82354ba1d5f8092ef3071cab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 06 Mar 2022 05:44:30 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Content-Length
3715
footer.css
testies.xyz/css/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://testies.xyz/css/footer.css
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
f86db19dee631c6971463fe03f2cdf7ff53e7cc98ea26db489866b546f1e0797

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Feb 2022 01:48:30 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Content-Length
668
pages.css
testies.xyz/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://testies.xyz/css/pages.css
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
d7c1827b5a2e403566636d032d0406df6c21adbc2078e8874e1fe54028d9de73

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Mar 2022 19:01:11 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Content-Length
6136
swiper-bundle.css
unpkg.com/swiper@8.3.2/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.css
  • https://unpkg.com/swiper@8.3.2/swiper-bundle.css
19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.3.2/swiper-bundle.css
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6374664859de43bae20c67aa36f83a1fd02420b3a43d87189d1898f75446c767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
420696
fly-request-id
01G8X3JK99QK6PFQ0MVVYTA9M8-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"4b61-iGaoA0cg4gVRzaXl8czrWHrI3z8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7334d8c35d6d68eb-FRA

Redirect headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G99MQ1TJ7R967XN9RGYABA9M-fra
server
cloudflare
age
77
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.3.2/swiper-bundle.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7334d8c30cea68eb-FRA
access-control-allow-origin
*
swiper-bundle.min.css
unpkg.com/swiper@8.3.2/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
420793
fly-request-id
01G8X3FQPSYY4JQ35AP7WQRNMH-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"4052-dxUYZpo3DZFa3w0gfyoiCSp2jNE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7334d8c35d6968eb-FRA

Redirect headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G99MB95RG673M5GJZZRZDJ4H-fra
server
cloudflare
age
463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.3.2/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7334d8c30ced68eb-FRA
access-control-allow-origin
*
testies-logo.png
testies.xyz/img/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testies.xyz/img/testies-logo.png
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
a7dbacac02aa57ea3269fb539f7d937b567275c8a215e76bb19d83f8c53a4742

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Last-Modified
Fri, 28 Jan 2022 00:03:53 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=75
Content-Length
89440
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3293738607182223
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beedd3110905c0ceafff429fee4ccf06163684960a638ace32cac516b8a2df66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://testies.xyz/
Origin
http://testies.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56967
x-xss-protection
0
server
cafe
etag
686082456282499313
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 08:08:32 GMT
testies-icon.png
testies.xyz/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testies.xyz/img/testies-icon.png
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
b64bf0ddba45a15152126f87e779d6059b0b469165f0db16610a54a75860ba9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Last-Modified
Fri, 11 Mar 2022 18:34:53 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
9535
testies-practice-tests-studying.jpg
testies.xyz/img/ 		841 KB
841 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testies.xyz/img/testies-practice-tests-studying.jpg
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
70ab6689dabc3d30235261f33a9086ade8ff219440b952e32b979a47c5343550

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Last-Modified
Sun, 30 Jan 2022 05:28:05 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
860984
testies-practice-tests.png
testies.xyz/img/ 		583 KB
583 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testies.xyz/img/testies-practice-tests.png
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
51ddcc25504bd66e068a15bc67fdb2425630894885036de907ca4efe32b37d1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Last-Modified
Sun, 13 Mar 2022 20:18:34 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
597223
testies-practice-tests-favorite.png
testies.xyz/img/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testies.xyz/img/testies-practice-tests-favorite.png
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
9f9773fb15d43897122b5d7fe7808dd5cd6008b3c02d4a991ebe17cab11ba896

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Last-Modified
Sun, 13 Mar 2022 05:38:56 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=72
Content-Length
31308
testies-practice-tests-all-devices.png
testies.xyz/img/ 		328 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testies.xyz/img/testies-practice-tests-all-devices.png
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
75faa71dba05edfbceaaa0aa28e5abd5c0686c92060c6df22927045f1bf69ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:33 GMT
Last-Modified
Sun, 13 Mar 2022 19:51:02 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
336036
cookie-policy.js
testies.xyz/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://testies.xyz/js/cookie-policy.js
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
38df37c8ac8b83372d93ac7179318523a1100641747568bba185867cbb7a0f88

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Feb 2022 02:16:48 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
2627
jquery-3.5.0.js
code.jquery.com/ 		281 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.0.js
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37

Request headers

Referer
http://testies.xyz/
Origin
http://testies.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-463a1"
vary
Accept-Encoding
x-hw
1659254912.dop215.fr8.t,1659254912.cds016.fr8.hn,1659254912.cds165.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
84374
swiper-bundle.js
unpkg.com/swiper@8.3.2/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.js
  • https://unpkg.com/swiper@8.3.2/swiper-bundle.js
330 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.3.2/swiper-bundle.js
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
420857
fly-request-id
01G8X3D60ANFY8PQ4EY3XXZMWP-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"5286d-fnJ9mf6owxwvLjFzEF1YXuMonTE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7334d8c3bdd068eb-FRA

Redirect headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G99MRW3VJCTY3QSP35M4K3TA-fra
server
cloudflare
age
18
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.3.2/swiper-bundle.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7334d8c36d7568eb-FRA
access-control-allow-origin
*
swiper-bundle.min.js
unpkg.com/swiper@8.3.2/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.3.2/swiper-bundle.min.js
140 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.3.2/swiper-bundle.min.js
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc52733b73530cdb8ff7665895e0b1be88f67f1dcf738ec1ca3ec404f2723f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
420879
fly-request-id
01G8X3D1VQJ0GKKAK1DRXWE4TC-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"22fb1-KGtkeSGy9PWRWjtO2CswTE1NohY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7334d8c3bdd168eb-FRA

Redirect headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G99MH6EGTW75H7X0SA18BQFZ-fra
server
cloudflare
age
269
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.3.2/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7334d8c36d7668eb-FRA
access-control-allow-origin
*
app.js
testies.xyz/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://testies.xyz/js/app.js
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
0433c907ca7e31f1dcbcc7c8cbe8078e153065f75ebbe19f91af8dc336dd0b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Mar 2022 20:07:30 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5, max=75
Content-Length
1305
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=250e4911bd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/250e4911bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JofGgoSE4zetzAxLlXzUrxpMP%2BvogQU30Gzoz32gu38SNydn9yCbs51%2BuwXZ8jGdWESAQ6eSDrSImTyuiAd2hQ3V22yf9%2FcW94AtwH2A3LHTpQc2euAaUR0rhK%2F%2FOGXXjnOtAzlCIZiXv1PJzAoZ7eeDkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7334d8c3fb14bbb3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
2WdXttJo-k-B-OZgyOcbDBCpma4ey_07-k14ZcvVPJmCDgoudBtUcQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=250e4911bd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/250e4911bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHV7loGAA3Ei4CDHiRHwbrJYCfN8Vk7TOJUuYcgENX6BdLGA1Q72vykjynjQA5rbNjfULsNEPJ20LQNGdsCI3P3O5uFvbSAejtvXFc1EhA%2Fb74yMc22FVnBXeOpG59eY7vtPz3XzYwPCtRwWE50O4Yh%2BHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7334d8c3fb16bbb3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
FESSF5aIGCXhZmieWb_hh4vWNV935iuMRaObPnGE-FgveShhFMkrOA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=250e4911bd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/250e4911bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crsCnRTuRLZs8uZivchtJ69XlEdeYjydUYoPGvhwfZazspretwt%2BMXOSoJrWJ4Ebqj8B4YXycnfgFWDPYFRDtL%2FDhoZK%2B8i5jizDWbYDktDJaXYRkhN4LJSwoz5AGhQoizlQhKAmR3%2BYMoB9DL9HfBEOOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7334d8c3fb18bbb3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
srwNlWmHEZaW1SmOMEeC98kgMXNR7e7GjPPYNmbElm3xm3u7ZxNgEQ==
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300&display=swap
Requested by
Host: testies.xyz
URL: http://testies.xyz/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf7f7f14ec0e9fbad155f7f168dd87c7f857b5efd9822560b4411f404e0fab91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 31 Jul 2022 08:08:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 31 Jul 2022 08:08:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Jul 2022 08:08:32 GMT
search.png
testies.xyz/img/ 		604 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testies.xyz/img/search.png
Requested by
Host: testies.xyz
URL: http://testies.xyz/css/header.css
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
ca72e76277ba20848542f63bff8873f300b6b59bdb765ab586c61de4a9a50508

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/css/header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:32 GMT
Last-Modified
Fri, 28 Jan 2022 18:14:05 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
604
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://testies.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 19:25:44 GMT
x-content-type-options
nosniff
age
304968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 19:25:44 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
http://testies.xyz/
Origin
http://testies.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRR6BNfJnXzbn94fTKGDMSodwZuL4zm6SEOX%2FPavpBLPTLlCIUoRAr9987UAmE6JVo%2BLSLYMQWN0WBuIn38pMdZqnM5rHPg07RuDXMBa0bkjDXv%2BdUg51QTbu1QnlPTzPYlRaASxXYWcRevXGX4NA3Nt0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7334d8c4cc03bbb3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
ddxCImE_xay8KLJDKiMHPYjI-R6A5-GULObCstmGXT26KBV6lApGWQ==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://testies.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 19:24:53 GMT
x-content-type-options
nosniff
age
305019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 19:24:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/ 		341 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3293738607182223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a7cf3e7a9de7bfa11a7ce2f22b7df2efd369916aa1472644d21b009f6cd22ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123418
x-xss-protection
0
server
cafe
etag
12050214477927777895
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 31 Jul 2022 08:08:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/ Frame 6CB1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3293738607182223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://testies.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Jul 2022 19:53:13 GMT
etag
8616628553774171045
expires
Sat, 13 Aug 2022 19:53:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
isometric-education-banner.jpg
testies.xyz/img/ 		386 KB
386 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testies.xyz/img/isometric-education-banner.jpg
Requested by
Host: testies.xyz
URL: http://testies.xyz/css/pages.css
Protocol
HTTP/1.1
Server
108.167.172.188 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.sierrapacificwest.com
Software
Apache /
Resource Hash
4aa7a9b5763469657cba189a458802d4106b728255d10b882c6b2dfe4bf2b65c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/css/pages.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 31 Jul 2022 08:08:33 GMT
Last-Modified
Sun, 30 Jan 2022 06:08:14 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
395472
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: testies.xyz
URL: http://testies.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer
http://testies.xyz/
Origin
http://testies.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:32 GMT
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45537
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uh5rNLNwlh2lTTa8QigDQk1mnq%2F%2Bcu7TlcHiq0A8leyNsXkKJJVlSltSIj5MAfyExAPggsOFhm%2Bc4g6r9p20pgrDJhHF5lkkb5VYRhDO5azNlw6%2BKtEF%2BUD3%2BwqbUdCq%2BnPfjlQrsLqO9xNR6EWDN2nO1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
cf-ray
7334d8c51eb5918e-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
r3i5xI0Kr6TzaI1oXkgz-QghVWicElLV_ixVNXodcZkhkfQtXFsGKw==
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://testies.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 23:09:49 GMT
x-content-type-options
nosniff
age
464323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 23:09:49 GMT
cookie.js
partner.googleadservices.com/gampad/ 		215 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=testies.xyz&callback=_gfp_s_&client=ca-pub-3293738607182223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.36.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s11-in-f2.1e100.net
Software
cafe /
Resource Hash
117cb3ff7f8041c985d8493a7757b64df777d752d2210412ac0969b2c92f73b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=testies.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=testies.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F092 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&adk=1812271804&adf=3025194257&lmt=1659254913&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ftesties.xyz%2F&ea=0&pra=5&wgl=1&dt=1659254912756&bpp=3&bdt=385&idt=272&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4305112330042&frm=20&pv=2&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=287
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://testies.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 08:08:33 GMT
expires
Sun, 31 Jul 2022 08:08:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 007D 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83ffb8766dba54690e5c67d52f762d9534f2d9ebf3623805600ccf5b82081578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://testies.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10623
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 08:08:33 GMT
expires
Sun, 31 Jul 2022 08:08:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 85DE 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4b77515ac1224470cd0e2fc5987ad072aee8de3ccdac100fb359bee9a09a7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://testies.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10639
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 08:08:33 GMT
expires
Sun, 31 Jul 2022 08:08:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 85DE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 07:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:33:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85DE 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658922152796835"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 08:08:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 85DE 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Aug 2022 08:06:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 85DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C_cBAgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBKoBT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfxA0CZNTSuEewhTM0wQzjmUaBv-zxZVg2EA4jJ-HEwUGTd35uudGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzI5MzczODYwNzE4MjIyMxgA&sigh=RxXWkVCVGUI&uach_m=[UACH]&cid=CAQSGwCsnQUxgdMZsvpEpt25WYDwaXmkSgYQKfVv1RgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 31 Jul 2022 08:08:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 31 Jul 2022 08:08:33 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 85DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RLAJmAKdg2ICAgAAAHvdHuvZxG8fEIA45mIeT3z3XaDuXLm-JwASAAA&wp=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
server
Kestrel
server-processing-duration-in-ticks
240113
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6902 		170 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9770d538e2934743781febc6d0b054435a308e55aafd68e76e4bee6a945b86d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 08:08:33 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=J_J_I6x46Jz3dJ6VSaspa41IckZJld9nSN2FQc1uBxkdJBLMNbXci5ComZRDvke6hxZl4NMaLA9Ry-VSLDr3rNfhfQfFCFKCYGSHPone41mUb2FGvS38gucODWY7m6DL1j417688TnbPRUPHsJ6dLBZuUp2CsDkH7Ia-R53fsGB1rsWmVtmaMXkNPQC1P1tpliVXEzTwgkUFuS6JACeEeo_NTM24xgq_B7T3eZwzlI44mdRX3Rf5-c82zox6aF0ofmF4Tw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
99460146
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 007D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 07:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:33:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 007D 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658922152796835"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 08:08:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 007D 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Aug 2022 08:06:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 007D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRlJ5gTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKIBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVWV2D4CA880oHTIckYlmTTnO_qfvhvgsr12Wgkcka8WxO8kqvUdhgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMyOTM3Mzg2MDcxODIyMjMYAA&sigh=dgRzHiOmaA8&uach_m=[UACH]&cid=CAQSGwCNIrLMvExXQyPMsoQlEkvM6me0i3qJCVkK6hgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 31 Jul 2022 08:08:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 31 Jul 2022 08:08:33 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 007D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EN6BMNgFWp2DYgICAAAAKZSF-h40OtIQgTjmYt-mjZddIC3rBAqzABIAAA&wp=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
server
Kestrel
server-processing-duration-in-ticks
261301
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 949F 		200 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=90&slotname=9501085921&adk=3577181671&adf=925843003&pi=t.ma~as.9501085921&w=728&lmt=1659254913&rafmt=12&psa=0&format=728x90&url=http%3A%2F%2Ftesties.xyz%2F&wgl=1&dt=1659254912776&bpp=1&bdt=405&idt=273&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=23&ifi=2&uci=a!2&fsb=1&xpc=wPWT2O0Nmt&p=http%3A//testies.xyz&dtd=278
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
96e2c40bcf80e86a9475d7f705004b6fc88bc5dfc8fbbf8c73e14f4415b6887a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 08:08:33 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oSkf1Kx46Jz3dJ6VDyeL03hXLoyYUBsO3vu5FX5BE8Z4iQDAoM_9QctnO-SUVE1eqEloeCn7EqS5d7nGWw_W7GZADuCNpBFKb69sSJYe_c1bNduSjsqpHVVOIp6Rje7Hsccywcp-zBpOaehUTz0Pm3s70qUIwLnc7b13qVFerROTfEIedEw33PLWWoqAHU6tCiLRY7LLigpWPyi1HkZtwFZ9Zsp0nMurkqEofQ_Phu-8nDvmSSTVvIpeGDPT67lOzqmtDQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
104261254
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 85DE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
507b230a049846270599b19daac55ff8bb4cd2626c723ff999356cea4ee31d5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 007D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
154e3b828f31a64be04554438c0166219cbadce0e3b2b815c435c1b54b2677b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6902 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6902 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6902 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 26 Jul 2023 08:08:34 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6902 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 26 Jul 2023 08:08:34 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6902 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=dyDNTqIgar3PdS5R9BM-mVDRxQXIiGRa2mekDnHFuGym7U1EE5J9q2MTlJXykJJXT9jkPeSIpCj_x0lWmua4eMUJ_eJmx77kRVoDcJffDk82m93OLvMM9s6ixfSxtmmmxPJX9fA6b7J9mSr7Hg8tE9uw8E27TL4QC6PhlnshHmI02i9sfJbg8dHwLMNpX2rjqy2wp4-MzVKoQm4dYV-a7QXPKcsX902PBuo0Y9JUk30jld2m0d7jkY3mACmgwSbEoqTpbMH8Y-8vfU7VDLwa4BHbEAzYP_upIHvoyTz_1WAspuHnkJU7z_2vepiT0qqsi9-34IoYYQiQ0XqLeFNaZMWfwbWR37xK4zZ-t25z0qfLNgTg2eg4GSR4zisb1dt_EShmijqVMJlV_SHHpSEfMuN82xSYRxSNyEcVzQYrkL5HyGqS
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 08:08:34 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2487592
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6902 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1659254913
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:b400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 08:08:34 GMT
via
1.1 e010e3963cfd47d783f0503a3dbc3b90.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
VIE50-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
Mtkpk0EbHRXYEU9AkltRPyrZXvOo82KgUe1ekrp0zullQFvB23L1DA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 6902 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
img
pix.eu.criteo.net/img/ Frame 6902 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29292907
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Wed, 05 Jul 2023 09:03:42 GMT
img
pix.eu.criteo.net/img/ Frame 6902 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoMaritim-Hotel-Stuttgart-259197DE-2103011524.gif%3Feb%3D1&v=3&w=400&s=r707bxG7Pz45L_qKFYhxy_IS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a9ee93fe5c14eb6fbc5f687f6a37b5454289364c3eebb1cccb1b3876879d972c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2090
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2452
expires
Sun, 31 Jul 2022 08:43:25 GMT
img
pix.eu.criteo.net/img/ Frame 6902 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoLowenstein-Medical-GmbH-Co-KG-74111DE-2105110848.gif%3Feb%3D1&v=3&w=400&s=2-_TANSLS_KEsZlOLAgpT42z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=272976
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3486
expires
Wed, 03 Aug 2022 11:58:11 GMT
img
pix.eu.criteo.net/img/ Frame 6902 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=400&s=t5TW_8UYa2eFuuuPo_Q7nmQe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1339895
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1100
expires
Mon, 15 Aug 2022 20:20:09 GMT
img
pix.eu.criteo.net/img/ Frame 6902 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=400&s=u8QjTuzx4yQwWOjyD8TMxXfP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1119945
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1960
expires
Sat, 13 Aug 2022 07:14:20 GMT
img
pix.eu.criteo.net/img/ Frame 6902 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoWentzel-Dr-GmbH-72929DE-2203151009.gif%3Feb%3D1&v=3&w=400&s=uCg-mOa70Sq-wX6b2LZcSwAb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cde9e51128d4ee7ca1a42dddb79b1cc1c3b23387aa3b610b2a866971a70c8707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1060253
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5758
expires
Fri, 12 Aug 2022 14:39:28 GMT
img
pix.eu.criteo.net/img/ Frame 6902 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=420051
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Fri, 05 Aug 2022 04:49:26 GMT
img
pix.eu.criteo.net/img/ Frame 6902 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoTesto-SE-Co-KGaA-43463DE.gif%3Feb%3D1&v=3&w=400&s=0DwEnGK5w_iiS4FwLKkJ8_AR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d4e2046c9b8ce89e2f999b9c25478e88a591b5300c82942f2c8276a4ab02f5fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=142304
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2104
expires
Mon, 01 Aug 2022 23:40:19 GMT
all
csm.eu.criteo.net/ Frame 6902 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=J_J_I6x46Jz3dJ6VSaspa41IckZJld9nSN2FQc1uBxkdJBLMNbXci5ComZRDvke6hxZl4NMaLA9Ry-VSLDr3rNfhfQfFCFKCYGSHPone41mUb2FGvS38gucODWY7m6DL1j417688TnbPRUPHsJ6dLBZuUp2CsDkH7Ia-R53fsGB1rsWmVtmaMXkNPQC1P1tpliVXEzTwgkUFuS6JACeEeo_NTM24xgq_B7T3eZwzlI44mdRX3Rf5-c82zox6aF0ofmF4Tw&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 31 Jul 2022 08:08:34 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6902 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6902 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACfcIIFUDvAAWSDz0VHz-YHk1Y7MkBOA&u=%7CBqqB6L%2F2Z4Aacpw%2FY4a7nZhLiWo6OjPoUKafq1%2FCuwo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86z-v4_ZG7uRnq2ff4qIEl1d9WfBzFhf6yPK8y2k-epBBYODcJyCKiA5F8uytyNuAGeY2_yFne53gPIUxQXKKiXtVfeiX6Z48Y3orbxR2AXLHJxAyoWm9tSlqjIlyHPEjDrAKCryOlYoAAt7wa79VtowsR52FY1wZjEU0TqbTDsp4Z0vMi9Ckk4B_kE9RC2Br9dGB4y40kVvFWsXMnXRy00W_b6S91vJ9-8Wdgo60IHv0yFeXauTu81IyrJPFA1GYVXyw20z664Y5UwbHSA3imYlYv-nCLMJrxuI36uIDq2rHJUadmetdaGfZRDVOrH-Dp6ommuLKjtmnsV8nHS5JAVSPIM3SX1XHW9x64g7lZ2DdpPvRTST3pqBW22Cfg5mIugFhLp7YAxlBwfEG9RjIwhs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCinqGgTjmYsL7Ce-B1fAPj6SWqA3JntKxXPWR3r6xAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi0zMjkzNzM4NjA3MTgyMjIzoAHVttLqA8gBCakCBDJji1YlsT6oAwGqBK0BT9Dt7Dljq_qKKlfE_t3QYT3FPCN1pruvyDPUWrj7jkEEy0A7pBjBJ5EC6OMceOBXoEk1YZVvUmsr7P0Ug-RTpW1beYsQguyaMBWtMCWJfghFTJlAIbet6nXhJLM5wMKl6iVhNgLX73ZPrK_h-w0xMA5WMRFs2Dr_iG1-bC9_OvgFgpsfhg8j9lNdJFQPGSeXETFFYU-VtVr7S0C0pMYegRN7322L8tTqqm6jxL-ABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3yJuZUu7uq6xBtyJZGb0gbWQi0mg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 949F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 949F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 949F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 26 Jul 2023 08:08:34 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 949F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 26 Jul 2023 08:08:34 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 949F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ENOup_dilEUGzUYjtvasR3GqREflp3OE0ICB_yTXYWd1uBwyQ7cy2g65XrhHo8qw9C1qoHWVVdHwR33wbertkl9CqRUKrx7s4rGrjamNIeFaXSZPwSbrBtw_FCN3c8mFtQWeqKB9CSrPYUBYRNKtD0FbuafPVgB0H59HHKzRwMDwSD_lx4RKXKcd9dRMhwdfspWWGDFwCOCsjpenBY9rdXsaZJzv1plESxYG03-wuAeS-p11eABZTjfM3vNZrMdSKSEKZZMFpaMnn42cr0cCiwaixQfYzINYrRp68hPxAnMcj2SwOQi-INeKdl_8PACI7PRRk-f2Xsn2rirAh20ybshQzSoOsUq3pXQ0PL1UVr81uq1-u5Mh5E8ne8r55_Y2tcd5wT-dJMExOunBQ8JvJKGpxeeFicTP6MFOeMYlBsZhYk_z
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 08:08:33 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4524381
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 949F 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1659254913
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:b400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 08:08:34 GMT
via
1.1 e010e3963cfd47d783f0503a3dbc3b90.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
VIE50-C1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
jmnExcmChyiCEDdj9yZ5PICMcsIL-OAIXJ3D9B4izjFitMN16aWbtA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 949F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
img
pix.eu.criteo.net/img/ Frame 949F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=OoHbAbMjs34limBOASsMBFuJ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30474662
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7142
expires
Wed, 19 Jul 2023 01:19:37 GMT
img
pix.eu.criteo.net/img/ Frame 949F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=800&s=DI0SONUVXrdIf4n2KRU4NSEh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=420051
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1266
expires
Fri, 05 Aug 2022 04:49:26 GMT
img
pix.eu.criteo.net/img/ Frame 949F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=800&s=p7imNlwxxrodxxqEMEPxBMSf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1119945
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1960
expires
Sat, 13 Aug 2022 07:14:20 GMT
img
pix.eu.criteo.net/img/ Frame 949F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoLowenstein-Medical-GmbH-Co-KG-74111DE-2105110848.gif%3Feb%3D1&v=3&w=800&s=JijzJWBzMZm7U9QYvYYkey6k&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=272976
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3486
expires
Wed, 03 Aug 2022 11:58:11 GMT
img
pix.eu.criteo.net/img/ Frame 949F 		898 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGKS-Gesellschaft-fur-Kommunikationsservice-mbH-148116DE.gif%3Feb%3D1&v=3&w=800&s=oYyeyoIGWuLVJQzf4NyU10P1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2058965
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
898
expires
Wed, 24 Aug 2022 04:04:39 GMT
img
pix.eu.criteo.net/img/ Frame 949F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoWentzel-Dr-GmbH-72929DE-2203151009.gif%3Feb%3D1&v=3&w=800&s=CWE1W8rKkDTiIV5no3I2fuPj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
cde9e51128d4ee7ca1a42dddb79b1cc1c3b23387aa3b610b2a866971a70c8707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1060253
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5758
expires
Fri, 12 Aug 2022 14:39:28 GMT
all
csm.eu.criteo.net/ Frame 949F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=oSkf1Kx46Jz3dJ6VDyeL03hXLoyYUBsO3vu5FX5BE8Z4iQDAoM_9QctnO-SUVE1eqEloeCn7EqS5d7nGWw_W7GZADuCNpBFKb69sSJYe_c1bNduSjsqpHVVOIp6Rje7Hsccywcp-zBpOaehUTz0Pm3s70qUIwLnc7b13qVFerROTfEIedEw33PLWWoqAHU6tCiLRY7LLigpWPyi1HkZtwFZ9Zsp0nMurkqEofQ_Phu-8nDvmSSTVvIpeGDPT67lOzqmtDQ&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 31 Jul 2022 08:08:33 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 949F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 949F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:34 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 08:08:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 007D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2YpvU9EycHIJXI_O_g0d9GZa_EstCsAnjYq3zHKMqqmZQr9shY_JiaYaxqmSfWydptFXWseTeh18UZh2R57VaoXg&sig=Cg0ArKJSzGjYdfzU1pJrEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220727&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3577181671&rs=2&la=0&cr=0&vs=4&r=v&rst=1659254913055&rpt=559&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Jul 2022 08:08:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220727&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d39418cd8f5e72de196566efc824edf9ac1a8236a5a32301488caab92a06ff79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Jul 2022 08:08:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10521
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3293738607182223&plah=testies.xyz&bust=31068683
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 08:08:35 GMT
all
csm.eu.criteo.net/ Frame 949F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=oSkf1Kx46Jz3dJ6VDyeL03hXLoyYUBsO3vu5FX5BE8Z4iQDAoM_9QctnO-SUVE1eqEloeCn7EqS5d7nGWw_W7GZADuCNpBFKb69sSJYe_c1bNduSjsqpHVVOIp6Rje7Hsccywcp-zBpOaehUTz0Pm3s70qUIwLnc7b13qVFerROTfEIedEw33PLWWoqAHU6tCiLRY7LLigpWPyi1HkZtwFZ9Zsp0nMurkqEofQ_Phu-8nDvmSSTVvIpeGDPT67lOzqmtDQ&sds=2&rev=82250&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YuY4gQACllEKm5RBAAyAL7xJCgC4h299rVb7Pw&u=%7CBqqB6L%2F2Z4CoZEWwdvRbLius7ZBFlFfMQ9X%2BJ5bo5FM%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-Wb6C9K-cesMV_WPikrq5at_ACdAcfQ797USal5xGSAmW45qs5D_t01BwXfQCkaXb3sNWF0D-NGUHmdT0YLBCRYLXlCW8d3GqVkFYcxAaDHv2QCSi8HXyqE7QwUU6pGwjrPnSZqQX0_jipSVEVaA6XTYYDtt9y2CDfCDfi0vUQ42RxEydcgsQhL3viqnDLsbhqVFXPM5L44aTwHMJ-N2nGjGePHektXDaSDJgEu0zTQrcs_r4jmSD7hO_HQ5v_B63_wkYORp4MLOGmj4mILVTgkwALatmib2PVf4vtJeG1PcVumNwlr5pokwptfhjJ50BHrL0learKdM4jZqWK_fy_hKy0U_Y3iLvu2F7g_L8orVJm-8rhD7JiIA-msBybqOfWqi8XDUiNZMn7O69aeIozk1e-gqhO67jVx-AfN8T2yHmzDlrFp1r5XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMNHSgTjmYtGsCsGo7gSvgLLgB8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAuAeCARdjYS1wdWItMzI5MzczODYwNzE4MjIyM8gBCakCBDJji1YlsT6oAwGqBKUBT9DJ6xkXaqLHrerMK6srkhMBs3E3od58ErJW28jtrjHFLu-OYTQIq7heIgqaRBkGCH_KZXKr7uK1dqov3m68MPXzMRyYdIRQjV4mVb7IbIXvYvzqBrz8P7SrGbamZzI1IdXKD7yfxNKVi1-_dtphIub4sRDpHICioGQrVSd0LhIHfFE7oq4IMllb68HH6q1ZjNY0Lelev-HW1NudI0yAOVTem9MCgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_7h4YygrzMlmRdO3wOmYWRzWxdg%26client%3Dca-pub-3293738607182223%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 31 Jul 2022 08:08:34 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3EE2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://testies.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
568
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 07:59:07 GMT
expires
Mon, 31 Jul 2023 07:59:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0EDA 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e692ba0cbf71bb6410cab34ba9ebfa2791c917a6c5418a1ed836a661686e5566
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VVHXB2aEzV48sz0enxPxcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://testies.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-VVHXB2aEzV48sz0enxPxcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 31 Jul 2022 08:08:35 GMT
expires
Sun, 31 Jul 2022 08:08:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame 3EE2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 30 Jul 2022 20:23:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
42280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 30 Jul 2023 20:23:55 GMT
generate_204
tpc.googlesyndication.com/ Frame 3EE2 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pttyRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 08:08:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0EDA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220727&jk=1693935576623023&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220727&jk=1693935576623023&bg=!DwylDEjNAAacadVKvGk7ACkAdvg8WkgDe9ArHldClkevZyV5Cyoo1zIeG_lMhM2vVFgh93Dt3QVxFAIAAABDUgAAAAZoAQcKAEmIN-u2wr8HMmUYNZoBxGvrPPUz1EmcdWu-diOfoZ_iQgo1OCL1oSMwlEbohqmv3OHtnoSbZrk5K6TQgVhOwWwgc5e_mHVhsXLCmQKh28v2mcz_USXzP8Gdnbq96ticWf-AFcQ01ecOAxP5B3tL6rk8yJ7dwg4igRoZ0WrpmBMaoJ1lstkrIjXSdXw7HA98dKbptev8BiuHs3OUGXbtgAFulyBtumCQ08EbAvGywtqMIGSrrLRgt5XMNv4d0rXLfPkNJQaI29FnOPMA76cnfLwB4b1p3D-y9SvH4hvaPAWnr_GruAu-Qhl6_dUtE-V2N4dqYwSkvD-3wF-c58TZyEDhgB6xyJpNVW-gPQ2UHi_M-Sceg3jWYjYnK0k00M_0I9eyQFLPf5jbip-b7nZ4UViix-HjriYw5CVqmj0eWoaPlsUgIj1tx7YgSvhN-aAfS3drdwE-cQko9ao7TU15Ay06_k6A6brmrFbQUlyaQ8PtMjiWSLe3Xg4XpVbMrkCqQesWWNicadKsCc23I_5tm0AnZOWyBtnSZPTWIq70YsLl7BWaQWmK-ituXO-UNp9tyKcks_yCfGulKYV-y02REgIPSV1csvnOEwzeDQox-PEeAB9s6GW4oAVyrkWdz-_btC0xr3Qqd3zkxyXRaohj00rELlweHvk_7MyBqGqIuw_xOm8-jCzEDnk48P18c7-4HcRTCLPnSF7hTn3XSZQPhTUbrjIlaaNqNAfBul0_MKD7pfo4L6by0IFZRP1NCZzoG8WBU4phgLSuyOlpXIgL6yFcFekj6Eyl_4325mGw4blqafJOgD18hvzUvgKNeWqnKiBU6HXFg-HBxl9z70IHVC137U9AVg1IHgFUVvUKgJRVSl1I7y-jiVs1P6GWUJE3Zko4-0kuYjjbOZJTTEZqreODMdti_ryELPvG9qt_xre_kZl1KcotIJjZl52Txn31cE4VENizu8XP0qgwMXseg0FZVm7zjVRf56Z199_XrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://testies.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| FontAwesomeKitConfig object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter number| google_lpabyc object| AcceptCookie function| $ function| jQuery function| Swiper function| hamburgerFunction object| mobileSearchButton object| profileBubble function| toggleActive function| checkWidth function| dropdownMenu function| clearableValue function| spinner object| swiper function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
testies.xyz/ Name: PHPSESSID
Value: 5305ace7dbf6152d80d71fb1f3c67c78
.testies.xyz/ Name: __gads
Value: ID=5fdf6c3d54ad3542-2285dc14dfcd0048:T=1659254913:RT=1659254913:S=ALNI_MZaVJ4Rw_F_3SQfnGCw7PId5LqEUg
.doubleclick.net/ Name: IDE
Value: AHWqTUmyZgGdtjKEuOtMGmfdy98J_0SL-PCcX9OCQie680A1tXZ_eWzOfKs48Ml2L1U

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3293738607182223&output=html&h=280&slotname=9876975549&adk=292431470&adf=3950588498&pi=t.ma~as.9876975549&w=1200&fwrn=4&fwrnh=100&lmt=1659254913&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Ftesties.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1659254912781&bpp=8&bdt=410&idt=276&shv=r20220727&mjsv=m202207270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4305112330042&frm=20&pv=1&ga_vid=829894555.1659254913&ga_sid=1659254913&ga_hid=1935404287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3776&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763505%2C31067983%2C31068260%2C31068683%2C42531605&oid=2&pvsid=1693935576623023&tmod=1759783134&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AR0ErHohjr&p=http%3A//testies.xyz&dtd=278
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
code.jquery.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
secure-gl.imrworldwide.com
static.criteo.net
testies.xyz
tpc.googlesyndication.com
unpkg.com
www.google.com
www.googletagservices.com
108.167.172.188
142.251.36.98
178.250.0.139
178.250.0.160
178.250.2.150
2001:4de0:ac18::1:a:3b
2600:9000:206e:b400:1e:a43d:b640:93a1
2606:4700:3032::6815:1e29
2606:4700::6810:7eaf
2606:4700::6812:1634
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4014:80e::2004
2a02:2638::2
2a02:2638::3
2a02:2638::b
0433c907ca7e31f1dcbcc7c8cbe8078e153065f75ebbe19f91af8dc336dd0b11
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
117cb3ff7f8041c985d8493a7757b64df777d752d2210412ac0969b2c92f73b9
12d6f2cc08c97c56eed865540784456fab04f1511531765d785585a7b90093f1
154e3b828f31a64be04554438c0166219cbadce0e3b2b815c435c1b54b2677b1
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
38df37c8ac8b83372d93ac7179318523a1100641747568bba185867cbb7a0f88
3bcaf0608f1dcf48e5669da9ed1c4b87dd984039336d80c778901d479e31a9f9
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d
46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2
4aa7a9b5763469657cba189a458802d4106b728255d10b882c6b2dfe4bf2b65c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb89fcf77b0f8b3bb92ffae01f6a2773d836e9b15201337de8fe87e7e5c7fa5
507b230a049846270599b19daac55ff8bb4cd2626c723ff999356cea4ee31d5f
51ddcc25504bd66e068a15bc67fdb2425630894885036de907ca4efe32b37d1e
54321d67f9cb1c75ec906c593f61991d264f93a82354ba1d5f8092ef3071cab7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6374664859de43bae20c67aa36f83a1fd02420b3a43d87189d1898f75446c767
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
6735555a0df48607ebf88b6aa6835519bf00b22e470529be0092301b71315391
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70ab6689dabc3d30235261f33a9086ade8ff219440b952e32b979a47c5343550
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75faa71dba05edfbceaaa0aa28e5abd5c0686c92060c6df22927045f1bf69ab7
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
83ffb8766dba54690e5c67d52f762d9534f2d9ebf3623805600ccf5b82081578
8a7cf3e7a9de7bfa11a7ce2f22b7df2efd369916aa1472644d21b009f6cd22ba
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
96e2c40bcf80e86a9475d7f705004b6fc88bc5dfc8fbbf8c73e14f4415b6887a
9770d538e2934743781febc6d0b054435a308e55aafd68e76e4bee6a945b86d2
9f9773fb15d43897122b5d7fe7808dd5cd6008b3c02d4a991ebe17cab11ba896
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7dbacac02aa57ea3269fb539f7d937b567275c8a215e76bb19d83f8c53a4742
a9ee93fe5c14eb6fbc5f687f6a37b5454289364c3eebb1cccb1b3876879d972c
ae0aed061f9800fcf31e6f65796b13139473545e32e793fcc527b961e22fd6ff
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b64bf0ddba45a15152126f87e779d6059b0b469165f0db16610a54a75860ba9d
beedd3110905c0ceafff429fee4ccf06163684960a638ace32cac516b8a2df66
bf7f7f14ec0e9fbad155f7f168dd87c7f857b5efd9822560b4411f404e0fab91
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
ca72e76277ba20848542f63bff8873f300b6b59bdb765ab586c61de4a9a50508
cc52733b73530cdb8ff7665895e0b1be88f67f1dcf738ec1ca3ec404f2723f97
cde9e51128d4ee7ca1a42dddb79b1cc1c3b23387aa3b610b2a866971a70c8707
d39418cd8f5e72de196566efc824edf9ac1a8236a5a32301488caab92a06ff79
d4b77515ac1224470cd0e2fc5987ad072aee8de3ccdac100fb359bee9a09a7cd
d4e2046c9b8ce89e2f999b9c25478e88a591b5300c82942f2c8276a4ab02f5fa
d7c1827b5a2e403566636d032d0406df6c21adbc2078e8874e1fe54028d9de73
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e692ba0cbf71bb6410cab34ba9ebfa2791c917a6c5418a1ed836a661686e5566
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f86db19dee631c6971463fe03f2cdf7ff53e7cc98ea26db489866b546f1e0797
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda