sasagefind.com Open in urlscan Pro
2606:4700:3036::6815:594c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sasagefind.com/
Effective URL:
https://sasagefind.com/
Submission: On November 25 via api (November 25th 2023, 5:34:09 am UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 22 domains to perform 123 HTTP transactions. The main IP is 2606:4700:3036::6815:594c, located in United States and belongs to CLOUDFLARENET, US. The main domain is sasagefind.com.
TLS certificate: Issued by GTS CA 1P5 on November 12th 2023. Valid for: 3 months.

This is the only time sasagefind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:9cf6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:594c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	23.212.205.62 23.212.205.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1	110.93.147.30 110.93.147.30	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2400:52e0:1e0... 2400:52e0:1e00::1079:1	200325 (BUNNYCDN) (BUNNYCDN)
1	143.204.215.43 143.204.215.43	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.33.153.203 3.33.153.203	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4010:c0f::5e	15169 (GOOGLE) (GOOGLE)
2	132.226.214.62 132.226.214.62	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	52.222.214.37 52.222.214.37	16509 (AMAZON-02) (AMAZON-02)
123	33

1 2606:4700:3031::ac43:9cf6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sasagefind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:594c (United States)

ASN13335 (CLOUDFLARENET, US)

sasagefind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.sasagefind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.205.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-205-62.deploy.static.akamaitechnologies.com

wcs.naver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

spoqa.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.93.147.30 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

wcs.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2400:52e0:1e00::1079:1 (Germany)

ASN200325 (BUNNYCDN, SI)

live-tag.creatopy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-43.fra53.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.153.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4b61a47cf5978487.awsglobalaccelerator.com

de2-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4010:c0f::5e (Finland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 132.226.214.62 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.214.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-37.fra56.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	248 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	265 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	91 KB
9	creatopy.net live-tag.creatopy.net — Cisco Umbrella Rank: 56265	187 KB
9	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732	125 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 t.clarity.ms — Cisco Umbrella Rank: 7395 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	566 KB
4	adsrvr.org de2-bid.adsrvr.org — Cisco Umbrella Rank: 13793 insight.adsrvr.org — Cisco Umbrella Rank: 584	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	255 KB
4	sasagefind.com 1 redirects sasagefind.com api.sasagefind.com	15 KB
3	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 872	8 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 647 mb.moatads.com — Cisco Umbrella Rank: 744	118 KB
2	gstatic.com csi.gstatic.com fonts.gstatic.com	16 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	298 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	761 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	980 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 883	10 KB
1	naver.com wcs.naver.com — Cisco Umbrella Rank: 25455	628 B
1	github.io spoqa.github.io — Cisco Umbrella Rank: 195360	1 KB
1	naver.net wcs.naver.net — Cisco Umbrella Rank: 23604	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	91 KB
123	22

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	sasagefind.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sasagefind.com
9	live-tag.creatopy.net	googleads.g.doubleclick.net live-tag.creatopy.net
6	csm.eu.criteo.net	ads.eu.criteo.com
6	cdn.jsdelivr.net	sasagefind.com spoqa.github.io
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	choices.trustarc.com	choices.truste.com
3	insight.adsrvr.org	googleads.g.doubleclick.net
3	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net sasagefind.com
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	t.clarity.ms	www.clarity.ms
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	sasagefind.com	1 redirects sasagefind.com
2	c.clarity.ms	1 redirects
2	mb.moatads.com	z.moatads.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	sasagefind.com www.clarity.ms
1	www.google.com	tpc.googlesyndication.com
1	c.bing.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	live-tag.creatopy.net
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	de2-bid.adsrvr.org	googleads.g.doubleclick.net
1	z.moatads.com	googleads.g.doubleclick.net
1	choices.truste.com	googleads.g.doubleclick.net
1	wcs.naver.com	wcs.naver.net
1	api.sasagefind.com	sasagefind.com
1	spoqa.github.io	sasagefind.com
1	wcs.naver.net	sasagefind.com
1	www.googletagmanager.com	sasagefind.com
123	34

This site contains no links.

Subject Issuer	Validity	Valid
sasagefind.com GTS CA 1P5	`2023-11-12` - `2024-02-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ssl.pstatic.net GeoTrust RSA CA 2018	`2023-08-01` - `2024-08-01`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
wcs.naver.com GeoTrust RSA CA 2018	`2023-08-01` - `2024-08-14`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
live-tag.creatopy.net R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-11-18` - `2024-12-15`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://sasagefind.com/
Frame ID: 8F07F5DBF983B0A63F12E1F75B778E73
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 43AC5604B3B6615F61CA97721208EB09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&adk=1812271804&adf=3025194257&lmt=1694892792&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443510&bpp=4&bdt=257&idt=117&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7304720097754&frm=20&pv=2&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=124
Frame ID: 7A49D29A6E61E5D6D0E0027C9E7B442F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=90&slotname=3242351562&adk=3443123301&adf=80450345&pi=t.ma~as.3242351562&w=728&lmt=1694892792&format=728x90&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443514&bpp=3&bdt=260&idt=122&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=125
Frame ID: 72D000441B4F8366632870AED6FD2A44
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124
Frame ID: 2C731410F70A3333C5AFE96DBC15DAAD
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&twa=1&slotname=7728391483&adk=3087759461&adf=184259038&pi=t.ma~as.7728391483&w=205&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&armr=4&format=205x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&rs=1&rh=600&rw=205&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=124&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1395&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=126
Frame ID: 3EF3C8199597E76D1A8D0D4F6C82874A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=280&slotname=2751396977&adk=3316842740&adf=1615842680&pi=t.ma~as.2751396977&w=1128&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&format=1128x280&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&fwrattr=true&rh=280&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443518&bpp=1&bdt=265&idt=126&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600%2C205x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=127
Frame ID: 8A6C38420AD58FAE3ED456462525ED4A
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKJdgIu-LKAAhCryrfwn7lLEaFJn3kfg&u=%7C8ZP%2FflWUfZ8Mv4v4apbesLNeAjNTr%2FNLcAuiBwwDiso%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANar0ObdwXpy1F5svD_V6m_RbOlSYTw3wjz94zm6DA7afHTyD1AWPZ6nnwfvregMxZ0oMA59bPDWs9nWog-0g1UxTEH9RjJxCBGc4tWi0oUDNT9HgqIR5k9INj0xlC-akXnrvoNYQslM6IZVd5sHStf5yl9vUHgpR33RlqbSYFydKk8nLFj6Z-OaKjzLQHVAG21FGQzv-Z6ElmxiSmabEqkWVJjw5I3ZH_W5nWAbEufqS7VIpEmmNTHmUvkQIP7WMGL_Mu_hV5AUoSj9CNdfl0XjeQFg6yQLkmNiDFLIg2uIDA5A6BgZ0_-2CN97f6iisVAKgYt3Pl32T5786YCKNVAAc51yawlQwd6WDB20iEjkWuXEdewG9WgQxbFI_8DpmvDrlr-9qtvX8ZZWfk8E_xjC6GYcwMx0VLHh2-9L3qIGCFSTlqXzGOtFhE9mN_8PIiwXNKiCLaAV2HKWu1vI1c4M9FKY0cBJIPR-TFS6eIlYk2NAx2GBgtW97fr_TqZ4dLZ1wRhAfgQh13k7VsFmh--yod5xKga4fIhm4Cw-Bk1bghvG8YI_ChJY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpznxS4dhZdjLKMrF7_UPr4WhwAfJntKxXM3x4t2IAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi00OTM2NDcwMjYyOTYzMDExyAEJqQIHxDQrk1qyPqgDAcgDAqoEvgFP0ESgEdga8b6yUeeGE1MeiZR2DFzZRGDwn91p8DAAE9M1fsT5ob2NnFx2e1FQZVo0xLXEHGJQjeUMHgrjNKwwn8ug5gtN0IG_sgagCitNwBGane9TAvl4EvYTXvNVJtrCgMQUQxEJkXkP_49uAA8I-6nB8rNtnTr2nPWN0ukcsCm8ntLnUt7L8yUNErxBjd_zCiy07dobheL1m0z6pZU2bwF3mhAqNdG4p70l7V-2tuikHOyOCzmuKgw3QXIhgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38muu28yGuiHogTAZ_G8FGWYOLeA%26client%3Dca-pub-4936470262963011%26adurl%3D
Frame ID: E977FBFB640F98A4F75AEC5819FC271D
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKFN0Iu-SDAAe4t5b4QEs37yHsZ7pHsg&u=%7C8ZP%2FflWUfZ8OG%2BtwlNATfN4AGM%2Bci1ad62g7TXVG65o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsFAAt1sErO_Khic4PiUUXOuFfcmLAFkJ_jhEYPdrU3CFCLy2x6y1vYrJuZ0P90yhVSW3OysXDmmNdd_iE1DU8ITatzYWx5uvwskaABEAwUnHnFbqaQJpkVxRLnP8EZGDQwWr2lYvzQMrkK4mFA0KouO8IaS0PG-AYriMCFos8X9mqI1N-VEtjLM2LZyTj0LQg2hW0FUM3LqWSjCiERB-37gRUukF_xW5KMkiM8RcMXVEgZucAa86R9uDwn-RhaS2bJ4OrxyKLIaR5I69mdHyAyqz6YlpZ5LSXwlTwnwQCnuSri1qsB9Lw2xp7AvKnrPNtocE0CE7IO-e9kI0wlSS9nc_XRPJi9z-5OROOlw7_ADfzRlFwtE7pJxGs_L_BRGiTMg20z1zzPsMT3kn-yuLcxXJpTOsSzIEyNjOtDTIY_ZVKjsN4515OsIrDz0I_SIjIel_-pil6RatqWeibAna3z0ChBfp8mqc_anB45UGB27sLX9ovj1uITKzvsuwkax1-KwXFiQiDzZvjvVrcRXYmr63cfAfujyLwVySmUUFwnpk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC67eSS4dhZd2pKIPJ7_UPt_GeqAzJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTQ5MzY0NzAyNjI5NjMwMTHIAQmpAgfENCuTWrI-qAMByAMCqgS8AU_QXac32zY_9RJB789HbMxbGzk20LCKVtRLhNIQPHjIIS-9-r3aDaVquUyIL0Vg5j33-Tzxb_8egi9f_B9UpOuJ1JMPtGkBaX8Bqn6Sp7IVzOgqgnEChRJH-PCPBMAlKdUBSFDknfTANb2Cg2wkKxzfDYDXMGpGXKqDL2Qnz0mrWRvusa4XWUu_-_xT7ywCuWhmuTiSQWEu3fxEPj0zqx1bGZuUbwKlHdLe_YX6CZOsFkED5rclJ6JxJ13FgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zYAv7eDZwHpALPKJunguJy0EvzA%26client%3Dca-pub-4936470262963011%26adurl%3D
Frame ID: 8EFAAEE46F619CCEAA84ABAD9233B9A8
Requests: 14 HTTP requests in this frame

Frame: https://live-tag.creatopy.net/embed/embed.js
Frame ID: D8D6D8C7634ED5DAFC9D781071049249
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKZTECO91tAAj3sqBJzhbBr5RzBdAaOA&u=%7C8ZP%2FflWUfZ%2BrlysJTQ40wBhuCcJru7bBXURqndcaK6k%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9egdX2BKwT-PZcJ-d-j9EfONhGQBa4lHkYbSeDh0fvp4TVQ48olH3HQfBct6QGIzSM7uUoaydhCJdt5v1yoBpN3F4k-gfsQQh1y2rPl2rCh9hedZJc0ZbbGLKaOfKR7sk6bCfphSRy5ZLOHwrA5X_MZey48QDcA6uYPkatnhZbesVNSHlQkExwpf3EDUr-y35v51YI7swE8aVIt8FwC85xVPwrJ0VnFzVZYxysOpc_7rIe82703CvEUQd1cmJU2xBBkXwaysYkFVCsSmtBhhjEcTXM-ydI7ioD3VRvWgIsEFBq47ZzqancvklJZGYROkB_N_sH6jlFKZsGvbhy7ECEG2R_QmGcO5-57FVNSa9yYi5v9Bwjw9mt-Ed3MIZ1CNvyzL0GJHryor_T0aIbOiUJeV2Lt6OvbMzI2_m2j7q_589krQwHcNfMPQUekyIt5WYPEs4cLN88mgDMejBf2NURrShQ3eE46RsOaAixF6ZUzLbJUeWjh94kdYsZtv62Jh_UF17k4rsFCpfphhNsQ1ZVBYgba-U0_6q5irsr492_faSRFKMVN_80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzbvFS4dhZbHKKe2678EPsu-jiALJntKxXL3xlPdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTQ5MzY0NzAyNjI5NjMwMTHIAQmpAgfENCuTWrI-qAMByAMCqgS9AU_Qjzs1zUBy0K7yveTBBNIFI8qhRe6i1ZJc1t3WIWzYloh2njODVk5jqW2Yh7WIY6N4MzkJjUbRPDmJaTpkrCj-_tMc53AtrXHxIjdLdFq5GgtEbSNg4M55yrLUnDI8GqYoA29D9-NRYb92_F4kc-wTLdUlC4gFl_EoTro1ZkIICdS-haCPRwZy-OQT4AJITOwg4Oy2oJJIrlOg-8QeO5fav2mQJjUTsSZdowzhklKOuuJtl4AjLqKRJV_CWIAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Nns06Sfz6iKeOSbGa5PoSWwVDaA%26client%3Dca-pub-4936470262963011%26adurl%3D
Frame ID: D4FA1BC596A5A339AB9AB5DBAA62E448
Requests: 12 HTTP requests in this frame

Frame: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
Frame ID: F227EE3DE341345F91B7F5D2C3791636
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45AB6707F7B9FFC0B50935B3387F2FEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B9D43D33F5B40AE762E9AE2D4812FCA
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: E9FF9D5B0B2DD223AF6B8DB0F73FE33A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

사사게 검색기

Page URL History Show full URLs

http://sasagefind.com/ HTTP 301
https://sasagefind.com/ Page URL

Detected technologies

Bulma (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+bulma(?:\.min)?\.css

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

123
Requests

99 %
HTTPS

68 %
IPv6

22
Domains

34
Subdomains

33
IPs

7
Countries

2035 kB
Transfer

4257 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sasagefind.com/ HTTP 301
https://sasagefind.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5AFC25AAE4774E1E83E41EFD1B9970C3&RedC=c.clarity.ms&MXFR=2DC1FB0A1C3760A736A1E8DE18376E66 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AFC25AAE4774E1E83E41EFD1B9970C3&MUID=2149114A30526D902BEC029E31806C3E

123 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sasagefind.com/
Redirect Chain

http://sasagefind.com/
https://sasagefind.com/

62 KB
12 KB

838ms
392ms

Document
text/html

2606:4700:3036::6815:594c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sasagefind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075b121fd737fe6f6fc92e66ab10b59979c014410cc8f6ae8c18a83efbff290a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 181
alt-svc: h3=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 82b785347cd80474-HKG
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Tue, 07 Nov 2023 17:31:41 GMT
last-modified: Sat, 16 Sep 2023 19:33:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPVsOj1hrlVCs3Edqedqi0luRRR0elnRttjiGuEICDv8Szl9S59adDMIWCwuAwFMnDt5iQUWsmuisFFRgzD3n6EC4%2FWaNhriiDBVZd9jBzZlD2vTg9%2Bh%2BG5ALcSCykjiknZN68XpvJfDizUuNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-fastly-request-id: d95e915136d05c7e69e1b1e14b99e58b77938fed
x-github-request-id: 425E:2D267A:D7F53D:E188AE:654A7224
x-proxy-cache: MISS
x-served-by: cache-nrt-rjtf7700056-NRT
x-timer: S1700890443.101900,VS0,VE0

Redirect headers

CF-RAY: 82b7853079ad87d7-SIN
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 25 Nov 2023 05:34:02 GMT
Expires: Sat, 25 Nov 2023 06:34:02 GMT
Location: https://sasagefind.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MdtNS4a5uSCrYeeOH0X3%2F%2FPhKF%2BcBSl33TmXoWb71ylRDP0CEYWykZ81CYTZTa1IJUQFh7fWLUdZiU9NRVlfhKVvZMXh7DLaLIGoyl4UVpPs7w21mph4TSa%2Fqwl6XRa32r1gEwOHMgTGyXfPg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 bulma.min.css
cdn.jsdelivr.net/npm/bulma@0.9.4/css/ 202 KB
28 KB 35ms
18ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.min.css

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3a5d3b41d7042369ade00772eead0763e9839d79568fb91ad612b2734bcfef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1296885
x-jsd-version: 0.9.4
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230055-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"329c6-nL+P0n9QpqJ97JxmCBpSBWnGeaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3IyQ8uz37jTN%2BKpPXIfHts2yYWyt22ghR%2BmpLXQpw1HuRjYT7Yqd4cWRoUuUmk%2BG4OsVE%2F7fOJOGbWVO5kGRez5wv0IlmlngvkI7fo7vujdVpUgRnYIy%2F8YqJBu2uMsxw5qhppGG1OCo3wg2Gs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82b785367ce41e57-FRA

GET
H2 200 email-decode.min.js Show response
sasagefind.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 221ms
221ms Script
application/javascript 2606:4700:3036::6815:594c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sasagefind.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgMqhddsxXghqcOEQorMw1uewa76jaUrWV8MrVDNZJcp8d2uHoRPJFD0Z2B%2FmUb2R7y7FXoskRnSw6LsT%2Fsf%2FQvbkAlNUl6a5%2FOvSAViDrQhqapAv7Itoa0nMAXgJdud%2BKNWTxkJtxRvhyNJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82b78537097a0474-HKG
expires: Mon, 27 Nov 2023 05:34:03 GMT

GET
H2 200 toastify-js Show response
cdn.jsdelivr.net/npm/ 7 KB
3 KB 21ms
16ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/toastify-js

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582becbb62bba81285347855cf7027db831b23e6419c89c427d05e4c3cea0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 679
x-jsd-version: 1.12.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1a78-gnILcfEIGOTS9BOxr62w14J/AJM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DezvoxMpRlgNSOovONaol7tz7xRS%2BHAbC4CRbNCRe7tGaX0h%2BZj%2Bx%2ByG5VmjNOZojLc1gyN3KBHynmIK2whMMUCTP3pKLW%2FFLfBrnpNz2LnPPE3NLnTBWFLOl8uPoexNv4tkcxUnP3fUkKQurU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82b785367ce61e57-FRA

GET
H2 200 toastify.min.css
cdn.jsdelivr.net/npm/toastify-js/src/ 1 KB
1 KB 20ms
15ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/toastify-js/src/toastify.min.css

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78551535760476bb888522b5653a06e9bb7b17063374574a90404466ba4cee58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 38803
x-jsd-version: 1.12.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230136-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"5f3-Gduk9jjIOe//5URKHgjXkQF9pPA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aw%2B9lm5P94rbahry2P1TQVXtYaowUeJJs4jqprNLZTFKF9AnPIYKMhfe7YgnUrr03Zb6EjSdSknj1on7%2BQnnmJ05Qst4fsNySAeEoMQiEetxLBdrqPJgC5zQz7Og8s8aMiIj5w5zXQRZPQHsz6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82b785367ce51e57-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 90ms
56ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4936470262963011

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

373a483d1324667552653341be0c44a8fd798d8931397cd92ca7c729cb5e1160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sasagefind.com/
Origin: https://sasagefind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52768
x-xss-protection: 0
server: cafe
etag: 11015402184052059470
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 05:34:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 68ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YNZE6H6P6F

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c61741886709440b509140f0fac55450186508cdc7b7a24032dbecdb8705f162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92902
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Nov 2023 05:34:03 GMT

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ 20 KB
7 KB 51ms
9ms Script
application/javascript 23.212.205.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: sasagefind.com
URL: https://sasagefind.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.212.205.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-205-62.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 25 Nov 2023 05:34:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Mar 2023 06:30:22 GMT
Server: nginx
ETag: "6400427e-4e4d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2031
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6784
Expires: Sat, 25 Nov 2023 06:07:54 GMT

GET
H2 200 SpoqaHanSansNeo.css
spoqa.github.io/spoqa-han-sans/css/ 4 KB
1 KB 31ms
7ms Stylesheet
text/css 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://spoqa.github.io/spoqa-han-sans/css/SpoqaHanSansNeo.css
Requested by: Host: sasagefind.com
URL: https://sasagefind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 6ff03d9590967ac30d1974872b8b51ed7abe34b5fa963c1f72ca8258e52654a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id: e437dbeba85d3448ca8d4c9821520a429d38793a
date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 2
age: 311
x-cache: HIT
x-proxy-cache: HIT
content-length: 937
x-served-by: cache-fra-eddf8230037-FRA
last-modified: Wed, 15 Jun 2022 08:19:11 GMT
server: GitHub.com
x-github-request-id: ADB8:A6CE:7D21277:7F4FC5A:654C7E5A
x-timer: S1700890443.296300,VS0,VE0
etag: W/"62a995ff-ea6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 09 Nov 2023 06:44:11 GMT

POST
H2 200 sasagerank Show response
api.sasagefind.com/ 2 KB
943 B 959ms
565ms Fetch
application/json 2606:4700:3036::6815:594c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sasagefind.com/sasagerank
Requested by: Host: sasagefind.com
URL: https://sasagefind.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35db23e2943d2a5236e618577f88429e954a2f495cdc8fe4299de61ee465687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6o%2Bv5f3j7gJlf1Ps6CM5CB6SJLXQ2h7fZfnmNbSDLNoxpdXDvuhgErLo%2Fw9VW%2FiWpmLHMfqYPI8N0GbAZE9sg6l%2B8lA0qPgaDbsP5ClCQJpEwMZ%2F061FBoCXhwWwODA8zlEMv2ajwCRzcFpsbwW8jNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://sasagefind.com
cf-ray: 82b7853acc709f80-SIN
alt-svc: h3=":443"; ma=86400

POST
H2 204 b
wcs.naver.com/ 0
628 B 975ms
267ms Ping
text/plain 110.93.147.30
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sasagefind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:04 GMT
x-content-type-options: nosniff
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: https://sasagefind.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H2 200 i12u65lvcx Show response
www.clarity.ms/tag/ 700 B
1 KB 161ms
104ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/i12u65lvcx
Requested by: Host: sasagefind.com
URL: https://sasagefind.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7775754a21bd40f138b01472e6442a4016aaa0416464ad123b7c6f37b2d77a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Sat, 25 Nov 2023 05:34:03 GMT
x-azure-ref: 20231125T053403Z-tu79u18c115bz89urt1t3y3es000000008ag000000002dwg
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 700
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 77ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4936470262963011&plah=sasagefind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4936470262963011

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b84e40e3ccad5447db1a0bce0a55fa951c40b51e01064d65c2fb6acc2e1a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138524
x-xss-protection: 0
server: cafe
etag: 9324638061782066901
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 05:34:03 GMT

GET
H3 200 SpoqaHanSansNeo-Regular.woff2
cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/ 176 KB
177 KB 61ms
51ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/SpoqaHanSansNeo-Regular.woff2

Requested by

Host: spoqa.github.io
URL: https://spoqa.github.io/spoqa-han-sans/css/SpoqaHanSansNeo.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4249bafc6673772edd9f3ed64589496ffbbd084a81dd85d6e170058fad86d117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spoqa.github.io/
Origin: https://sasagefind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40792
x-jsd-version: 3.3.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 180600
x-served-by: cache-fra-eddf8230132-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2c178-iWr6WTmm7FQP+OZi2/wWuqaXIzM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29Y4kRP1168w%2FvnSwvsomHnNC31avqF4pzi9sx7QoFjrSlAIvLRXhJu%2BgVryOwshg4EGjEoEwpH8wo%2B%2Fv8KPFBJpqfpM6aEMYDffLwlzSYnjC%2FAgcHl6XqeS7msy%2B9HAiJDJBD4ipbf203NhN3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82b785380f3a3a8b-FRA

GET
H3 200 SpoqaHanSansNeo-Bold.woff2
cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/ 179 KB
180 KB 50ms
42ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/SpoqaHanSansNeo-Bold.woff2

Requested by

Host: spoqa.github.io
URL: https://spoqa.github.io/spoqa-han-sans/css/SpoqaHanSansNeo.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c85faa3fa812cae9fad6eadc662b0e68c84f010b61c5c0ebc769a7b43e0fcd4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spoqa.github.io/
Origin: https://sasagefind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15943
x-jsd-version: 3.3.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 183708
x-served-by: cache-fra-eddf8230134-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2cd9c-sHcxCYIcT0XH4pfxPM8P5WsTzKs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Bi%2Fir9v2m%2BKQFqkLyP%2BDnJCGylg5AbwQaJDHHBjQ8rmK5b9xQbMzeEZAeRzi7phvl58todyf1geMFnicJItEZYCY%2BzK6L1Kn8aNYx1uX6FrIDe%2B74rSWTOoXgUWWIv7bcwUCc%2FHFXsRbxkP0hE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82b785380f383a8b-FRA

GET
H3 200 SpoqaHanSansNeo-Medium.woff2
cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/ 176 KB
176 KB 22ms
15ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/SpoqaHanSansNeo-Medium.woff2

Requested by

Host: spoqa.github.io
URL: https://spoqa.github.io/spoqa-han-sans/css/SpoqaHanSansNeo.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f98c688a6a270ccbc2b1dbf96bd89f40174c4b859edd8aa6d3c885d8346ad12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spoqa.github.io/
Origin: https://sasagefind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16337
x-jsd-version: 3.3.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 179960
x-served-by: cache-fra-etou8220040-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2bef8-HMEeJ6Qp+ZmCdZoYyxZIMoWThSo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a19flO%2Fp7FtsYf8TpzIkVUjhFQvi6h3AoPaP9T%2FWButSjpW8ad666GGtOo6Ja8jKXwxctsdZzHfIOVapojpC5PrCa2PbQhKbQtLrkn%2F1RkAZDgcwv5f%2Bqgl6THDyW6uTxZipXqawLQZ7bB7kBtY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82b785380f373a8b-FRA

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 43AC 9 KB
4 KB 48ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4936470262963011

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sasagefind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 12:20:00 GMT
etag: 16674218716276178799
expires: Fri, 08 Dec 2023 12:20:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 46ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YNZE6H6P6F&gtm=45je3b81v9135002277&_p=1700890443493&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1727665163.1700890444&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700890443&sct=1&seg=0&dl=https%3A%2F%2Fsasagefind.com%2F&dt=%EC%82%AC%EC%82%AC%EA%B2%8C%20%EA%B2%80%EC%83%89%EA%B8%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1519
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNZE6H6P6F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sasagefind.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A49 0
188 B 123ms
123ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&adk=1812271804&adf=3025194257&lmt=1694892792&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443510&bpp=4&bdt=257&idt=117&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7304720097754&frm=20&pv=2&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=124

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4936470262963011&plah=sasagefind.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sasagefind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Sat, 25 Nov 2023 05:34:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 72D0 36 KB
15 KB 239ms
239ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=90&slotname=3242351562&adk=3443123301&adf=80450345&pi=t.ma~as.3242351562&w=728&lmt=1694892792&format=728x90&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443514&bpp=3&bdt=260&idt=122&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=125

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3891c23811f10f5c636c64912c6f434d3cf01b4e602112c4cac6418c2d2b652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sasagefind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14682
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Sat, 25 Nov 2023 05:34:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C73 49 KB
17 KB 290ms
290ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf8905437079a7e9bbf28e3e1428a585ea2a216ca5e2a0cbab35afdddf9da202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sasagefind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17327
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Sat, 25 Nov 2023 05:34:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3EF3 36 KB
14 KB 324ms
324ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&twa=1&slotname=7728391483&adk=3087759461&adf=184259038&pi=t.ma~as.7728391483&w=205&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&armr=4&format=205x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&rs=1&rh=600&rw=205&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=124&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1395&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=126

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bebc407de67cbc0a0266e0e70d8c8f0f2d1c5e4aa0714a3178e5409b6877de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sasagefind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14658
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Sat, 25 Nov 2023 05:34:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A6C 40 KB
16 KB 120ms
120ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=280&slotname=2751396977&adk=3316842740&adf=1615842680&pi=t.ma~as.2751396977&w=1128&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&format=1128x280&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&fwrattr=true&rh=280&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443518&bpp=1&bdt=265&idt=126&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600%2C205x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=127

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d2274df1a4a6d0d786c38e3d15c7a337f0ea9ad65392c0bd9fb55ad3319de22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sasagefind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15761
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Sat, 25 Nov 2023 05:34:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 18ms
18ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/i12u65lvcx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
etag: W/"0x8DBE772F014B026"
vary: Accept-Encoding
x-azure-ref: 20231125T053403Z-tu79u18c115bz89urt1t3y3es000000008ag000000002dx0
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7b4fb916-301e-0000-76b1-1b2edb000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8A6C 3 KB
1 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=280&slotname=2751396977&adk=3316842740&adf=1615842680&pi=t.ma~as.2751396977&w=1128&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&format=1128x280&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&fwrattr=true&rh=280&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443518&bpp=1&bdt=265&idt=126&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600%2C205x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 08:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 08:54:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8A6C 20 KB
9 KB 45ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:09:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A6C 202 KB
64 KB 55ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 05:34:03 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E977 106 KB
39 KB 53ms
27ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKJdgIu-LKAAhCryrfwn7lLEaFJn3kfg&u=%7C8ZP%2FflWUfZ8Mv4v4apbesLNeAjNTr%2FNLcAuiBwwDiso%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANar0ObdwXpy1F5svD_V6m_RbOlSYTw3wjz94zm6DA7afHTyD1AWPZ6nnwfvregMxZ0oMA59bPDWs9nWog-0g1UxTEH9RjJxCBGc4tWi0oUDNT9HgqIR5k9INj0xlC-akXnrvoNYQslM6IZVd5sHStf5yl9vUHgpR33RlqbSYFydKk8nLFj6Z-OaKjzLQHVAG21FGQzv-Z6ElmxiSmabEqkWVJjw5I3ZH_W5nWAbEufqS7VIpEmmNTHmUvkQIP7WMGL_Mu_hV5AUoSj9CNdfl0XjeQFg6yQLkmNiDFLIg2uIDA5A6BgZ0_-2CN97f6iisVAKgYt3Pl32T5786YCKNVAAc51yawlQwd6WDB20iEjkWuXEdewG9WgQxbFI_8DpmvDrlr-9qtvX8ZZWfk8E_xjC6GYcwMx0VLHh2-9L3qIGCFSTlqXzGOtFhE9mN_8PIiwXNKiCLaAV2HKWu1vI1c4M9FKY0cBJIPR-TFS6eIlYk2NAx2GBgtW97fr_TqZ4dLZ1wRhAfgQh13k7VsFmh--yod5xKga4fIhm4Cw-Bk1bghvG8YI_ChJY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpznxS4dhZdjLKMrF7_UPr4WhwAfJntKxXM3x4t2IAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi00OTM2NDcwMjYyOTYzMDExyAEJqQIHxDQrk1qyPqgDAcgDAqoEvgFP0ESgEdga8b6yUeeGE1MeiZR2DFzZRGDwn91p8DAAE9M1fsT5ob2NnFx2e1FQZVo0xLXEHGJQjeUMHgrjNKwwn8ug5gtN0IG_sgagCitNwBGane9TAvl4EvYTXvNVJtrCgMQUQxEJkXkP_49uAA8I-6nB8rNtnTr2nPWN0ukcsCm8ntLnUt7L8yUNErxBjd_zCiy07dobheL1m0z6pZU2bwF3mhAqNdG4p70l7V-2tuikHOyOCzmuKgw3QXIhgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38muu28yGuiHogTAZ_G8FGWYOLeA%26client%3Dca-pub-4936470262963011%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eda5bb9e346e3fdd538f60bb38e436c50d660329b8fefd376eb886e4a576d2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7Jcd8333vu-CktAWDGiFDc0wgvKMA5wZ3j9H86cn9Vq7W27Ha-paZC7nOJ0h_-u6iQaKEovBbKRnArgwqL-_BCAJiujEzKWqlnUjI6kdh5Sj3yj3wUdW6inFxQDCQztn7VfD-KUh-76yWP9vXYxfZCnEx1Kbd1FZQ1e1L6W_sbjmw1uJrsbsPf63cUsypwsz7INk9TuGURpRPpqMMiCrm_4j2-S0nPOKeX7WxcVMEMBynI_qKuj911YYSDF6mcq8Rb1sqw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 10614042
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
294 B 359ms
110ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sasagefind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sasagefind.com
Date: Sat, 25 Nov 2023 05:34:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E977 2 KB
1 KB 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKJdgIu-LKAAhCryrfwn7lLEaFJn3kfg&u=%7C8ZP%2FflWUfZ8Mv4v4apbesLNeAjNTr%2FNLcAuiBwwDiso%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANar0ObdwXpy1F5svD_V6m_RbOlSYTw3wjz94zm6DA7afHTyD1AWPZ6nnwfvregMxZ0oMA59bPDWs9nWog-0g1UxTEH9RjJxCBGc4tWi0oUDNT9HgqIR5k9INj0xlC-akXnrvoNYQslM6IZVd5sHStf5yl9vUHgpR33RlqbSYFydKk8nLFj6Z-OaKjzLQHVAG21FGQzv-Z6ElmxiSmabEqkWVJjw5I3ZH_W5nWAbEufqS7VIpEmmNTHmUvkQIP7WMGL_Mu_hV5AUoSj9CNdfl0XjeQFg6yQLkmNiDFLIg2uIDA5A6BgZ0_-2CN97f6iisVAKgYt3Pl32T5786YCKNVAAc51yawlQwd6WDB20iEjkWuXEdewG9WgQxbFI_8DpmvDrlr-9qtvX8ZZWfk8E_xjC6GYcwMx0VLHh2-9L3qIGCFSTlqXzGOtFhE9mN_8PIiwXNKiCLaAV2HKWu1vI1c4M9FKY0cBJIPR-TFS6eIlYk2NAx2GBgtW97fr_TqZ4dLZ1wRhAfgQh13k7VsFmh--yod5xKga4fIhm4Cw-Bk1bghvG8YI_ChJY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpznxS4dhZdjLKMrF7_UPr4WhwAfJntKxXM3x4t2IAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi00OTM2NDcwMjYyOTYzMDExyAEJqQIHxDQrk1qyPqgDAcgDAqoEvgFP0ESgEdga8b6yUeeGE1MeiZR2DFzZRGDwn91p8DAAE9M1fsT5ob2NnFx2e1FQZVo0xLXEHGJQjeUMHgrjNKwwn8ug5gtN0IG_sgagCitNwBGane9TAvl4EvYTXvNVJtrCgMQUQxEJkXkP_49uAA8I-6nB8rNtnTr2nPWN0ukcsCm8ntLnUt7L8yUNErxBjd_zCiy07dobheL1m0z6pZU2bwF3mhAqNdG4p70l7V-2tuikHOyOCzmuKgw3QXIhgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38muu28yGuiHogTAZ_G8FGWYOLeA%26client%3Dca-pub-4936470262963011%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E977 2 KB
1 KB 41ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E977 308 B
636 B 51ms
24ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E977 293 B
622 B 39ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E977 43 B
348 B 47ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=6SqLg3H7feACxV7WL2nYIhEQoA9lHeTBc7fdwv-DMsmG27BRwQ0FJyODPy5zRmJIFbjwOqVfZTUL7keSj4uqPle9dcA2hLcrakiq17gRupDQimXfrfu8oQ_2KFnFSBWKNAt-iaCQhNH6uJUlSEASqoWu7GG2asPSd_banN7ARSJ5Lu3qsdNxkg6ot7cvb_dARsOUIXuamKgT5sSgjCNoArgOAx56EMxKLn7uL2Z1GxHMHey_Wnmqs_C9LXazABYDjgLJ7t_ObGzsNV1LWV7xQjfRy3cKxkiAwG12qTYlPRIC-ggsFICKEKH6kyeW92QPCjdP2d-0nSl1M9FFH6laPW3Vt8uC1b3a6MazLxEtbg0QSknB1eVKAH4ihNb8pJHjUB0jGjvWwX4ZbK0CcsscxB-J9q6Q2qtZVSqWnNuV2axEkxN7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1592063
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8A6C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09179fbf28cf2ce0b33ecc09151ffe30c39af2d283a8f1fc0bdd5f606ad189ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E977 12 KB
6 KB 33ms
23ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E977 8 KB
8 KB 41ms
13ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F4a7f80dda98047fca39f40cce2564e03_whatsapp_image_2023-11-20_at_08.22.14.jpeg&v=3&w=450&rid=4&s=p7zAwbEyf6Sl3VMs5EoUvC_U

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

45ac4bacbb656ac1f9e8a33f3bbfe9f02ce7ea89b1f00f667dbe13f144f52dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8166
expires: Thu, 14 Nov 2024 12:56:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E977 0
128 B 45ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=7Jcd8333vu-CktAWDGiFDc0wgvKMA5wZ3j9H86cn9Vq7W27Ha-paZC7nOJ0h_-u6iQaKEovBbKRnArgwqL-_BCAJiujEzKWqlnUjI6kdh5Sj3yj3wUdW6inFxQDCQztn7VfD-KUh-76yWP9vXYxfZCnEx1Kbd1FZQ1e1L6W_sbjmw1uJrsbsPf63cUsypwsz7INk9TuGURpRPpqMMiCrm_4j2-S0nPOKeX7WxcVMEMBynI_qKuj911YYSDF6mcq8Rb1sqw&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E977 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E977 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 72D0 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=90&slotname=3242351562&adk=3443123301&adf=80450345&pi=t.ma~as.3242351562&w=728&lmt=1694892792&format=728x90&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443514&bpp=3&bdt=260&idt=122&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 08:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 08:54:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 72D0 20 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:09:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72D0 202 KB
64 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 05:34:03 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8EFA 122 KB
43 KB 27ms
26ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKFN0Iu-SDAAe4t5b4QEs37yHsZ7pHsg&u=%7C8ZP%2FflWUfZ8OG%2BtwlNATfN4AGM%2Bci1ad62g7TXVG65o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsFAAt1sErO_Khic4PiUUXOuFfcmLAFkJ_jhEYPdrU3CFCLy2x6y1vYrJuZ0P90yhVSW3OysXDmmNdd_iE1DU8ITatzYWx5uvwskaABEAwUnHnFbqaQJpkVxRLnP8EZGDQwWr2lYvzQMrkK4mFA0KouO8IaS0PG-AYriMCFos8X9mqI1N-VEtjLM2LZyTj0LQg2hW0FUM3LqWSjCiERB-37gRUukF_xW5KMkiM8RcMXVEgZucAa86R9uDwn-RhaS2bJ4OrxyKLIaR5I69mdHyAyqz6YlpZ5LSXwlTwnwQCnuSri1qsB9Lw2xp7AvKnrPNtocE0CE7IO-e9kI0wlSS9nc_XRPJi9z-5OROOlw7_ADfzRlFwtE7pJxGs_L_BRGiTMg20z1zzPsMT3kn-yuLcxXJpTOsSzIEyNjOtDTIY_ZVKjsN4515OsIrDz0I_SIjIel_-pil6RatqWeibAna3z0ChBfp8mqc_anB45UGB27sLX9ovj1uITKzvsuwkax1-KwXFiQiDzZvjvVrcRXYmr63cfAfujyLwVySmUUFwnpk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC67eSS4dhZd2pKIPJ7_UPt_GeqAzJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTQ5MzY0NzAyNjI5NjMwMTHIAQmpAgfENCuTWrI-qAMByAMCqgS8AU_QXac32zY_9RJB789HbMxbGzk20LCKVtRLhNIQPHjIIS-9-r3aDaVquUyIL0Vg5j33-Tzxb_8egi9f_B9UpOuJ1JMPtGkBaX8Bqn6Sp7IVzOgqgnEChRJH-PCPBMAlKdUBSFDknfTANb2Cg2wkKxzfDYDXMGpGXKqDL2Qnz0mrWRvusa4XWUu_-_xT7ywCuWhmuTiSQWEu3fxEPj0zqx1bGZuUbwKlHdLe_YX6CZOsFkED5rclJ6JxJ13FgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zYAv7eDZwHpALPKJunguJy0EvzA%26client%3Dca-pub-4936470262963011%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c291a94f6707d39d5f4051a564adc835501659ea5c59c0a068362b00be3960ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Xmi4PH33vu-CktAWatUOQjxZW5LbMUjqgbdGpgaMBVVUTCj78E8OSSYtVcYQNDcNLkxWMFJd5kVil3hXfOzct71bcjGrqqyAS--HgzpETxr621Kq6U11Hmr0GhTRPPQ2Ut7nQCGMPo8WYNGLdp4Utl3AGTEVFJcYDovYRAMo9u7scyWjySdD1xQc6OpFSnLCuVY7_l_MgUzB9_GXOS5S449HMK6H5nekeZ90NLzNp-NuHwXNJTyOPAXtadtEredHyyKiNw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 13030664
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A6C 0
23 B 56ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHsw-S4dhZdjLKMrF7_UPr4WhwAfJntKxXM3x4t2IAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi00OTM2NDcwMjYyOTYzMDExyAEJqQIHxDQrk1qyPqgDAcgDAqoEuwFP0ESgEdga8b6yUeeGE1MeiZR2DFzZRGDwn91p8DAAE9M1fsT5ob2NnFx2e1FQZVo0xLXEHGJQjeUMHgrjNKwwn8ug5gtN0IG_sgagCitNwBGane9TAvl4EvYTXvNVJtrCgMQUQxEJkXkP_49uAA8I-6nB8rNtnTr2nPWN0ukcsCm8ntLnUt7L8yUNErxBjd_zCiy07ZgZpHB1CJzHA0URtY1Xc7QkEtsOrZM9b-t-i05Wo_KiE6FkvizegAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDkzNjQ3MDI2Mjk2MzAxMRgA&sigh=8b13hVuoX7k&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNNjn2Ji_GG8HVYompM2SazBIbeq1tZJTCq1xHmqoHklOPiRCfLk_zI5WfXmKFYdvDDFdNpb1H7ELs8PSeTU6kfaP1iHwCrxuZ-i4YAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=280&slotname=2751396977&adk=3316842740&adf=1615842680&pi=t.ma~as.2751396977&w=1128&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&format=1128x280&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&fwrattr=true&rh=280&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443518&bpp=1&bdt=265&idt=126&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600%2C205x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 05:34:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Nov 2023 05:34:03 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 8A6C 0
126 B 52ms
17ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGcz6ROgImAKdg2ICAgAAAFJWzUmLtSgJEEuHYWWBEubl-UfOmr28AAASAAAKCkFRVUJEd0VQRHc&wp=ZWGHSwAKJdgIu-LKAAhCryrfwn7lLEaFJn3kfg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:02 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 171451
server: Kestrel
content-length: 0

GET
DATA 200
OK truncated
/ Frame 72D0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02acbf387bc5f2a54c9889a35e6e77e6aa1a792f04f03cd136c2b2e8e8bda244

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8EFA 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKFN0Iu-SDAAe4t5b4QEs37yHsZ7pHsg&u=%7C8ZP%2FflWUfZ8OG%2BtwlNATfN4AGM%2Bci1ad62g7TXVG65o%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANVoEdisV7DxsFAAt1sErO_Khic4PiUUXOuFfcmLAFkJ_jhEYPdrU3CFCLy2x6y1vYrJuZ0P90yhVSW3OysXDmmNdd_iE1DU8ITatzYWx5uvwskaABEAwUnHnFbqaQJpkVxRLnP8EZGDQwWr2lYvzQMrkK4mFA0KouO8IaS0PG-AYriMCFos8X9mqI1N-VEtjLM2LZyTj0LQg2hW0FUM3LqWSjCiERB-37gRUukF_xW5KMkiM8RcMXVEgZucAa86R9uDwn-RhaS2bJ4OrxyKLIaR5I69mdHyAyqz6YlpZ5LSXwlTwnwQCnuSri1qsB9Lw2xp7AvKnrPNtocE0CE7IO-e9kI0wlSS9nc_XRPJi9z-5OROOlw7_ADfzRlFwtE7pJxGs_L_BRGiTMg20z1zzPsMT3kn-yuLcxXJpTOsSzIEyNjOtDTIY_ZVKjsN4515OsIrDz0I_SIjIel_-pil6RatqWeibAna3z0ChBfp8mqc_anB45UGB27sLX9ovj1uITKzvsuwkax1-KwXFiQiDzZvjvVrcRXYmr63cfAfujyLwVySmUUFwnpk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC67eSS4dhZd2pKIPJ7_UPt_GeqAzJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTQ5MzY0NzAyNjI5NjMwMTHIAQmpAgfENCuTWrI-qAMByAMCqgS8AU_QXac32zY_9RJB789HbMxbGzk20LCKVtRLhNIQPHjIIS-9-r3aDaVquUyIL0Vg5j33-Tzxb_8egi9f_B9UpOuJ1JMPtGkBaX8Bqn6Sp7IVzOgqgnEChRJH-PCPBMAlKdUBSFDknfTANb2Cg2wkKxzfDYDXMGpGXKqDL2Qnz0mrWRvusa4XWUu_-_xT7ywCuWhmuTiSQWEu3fxEPj0zqx1bGZuUbwKlHdLe_YX6CZOsFkED5rclJ6JxJ13FgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2zYAv7eDZwHpALPKJunguJy0EvzA%26client%3Dca-pub-4936470262963011%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8EFA 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8EFA 308 B
636 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8EFA 293 B
621 B 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 8EFA 43 B
347 B 18ms
17ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CwXb_cz4m3J9xcH_H2bfY04thIYQVfNs9V1wUGOivJjNXcfiJG_3-i3vfulSmCRXse-eoLbwlv2M1zigrvGKTWd954dNyLlZdYQlpouvxjy-7nCp7ImOdsbwyukHLD4b0UWToHXhej_4B80V8p09zYhWKYCy0w40JVI00N5Mk3hd5f4g0WuwQAiPE05UpWO3sh0MGgr2vEd05Pu-4O9-ACisRwZf4kgDa7S9n8D2BF7iNIqtfnd0YTFuViZy5rO1jvPjBC1mpFgVkXgA9UP6D1s8vxxhQBhR-pdpnNoKBVYGt77uxnIhuBQHW_flbWbqTgT7Npf8Un1GMDlJMpeLWC7QJ7PPBEdNtirY0lZB5BE1HMGu2SnquCLVko271a0WYO4e9Q0m0PCJwXmz7CuMR6L7agmT33CjnbhQc7Lj6DgzdX9q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1574837
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8EFA 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8EFA 98 KB
98 KB 19ms
19ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F1598aaf8288a47aab630ccc7ba14c5cc_231108_mf_image_blackweek_general_v3_16_9.jpg&v=3&rid=4&s=PQPbdDfHtmDPL6QoNzGjHl6F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 100128
expires: Thu, 14 Nov 2024 13:03:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8EFA 3 KB
3 KB 14ms
14ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F4a7f80dda98047fca39f40cce2564e03_whatsapp_image_2023-11-20_at_08.22.14.jpeg&v=3&w=1452&rid=4&s=mU_WOQRMY-t-UXLYMSc30L9f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

90e99da37a9cfcf525d4469e6039ad9638a569019278f91060cdd9fe6abc47be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2918
expires: Thu, 14 Nov 2024 12:56:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8EFA 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Xmi4PH33vu-CktAWatUOQjxZW5LbMUjqgbdGpgaMBVVUTCj78E8OSSYtVcYQNDcNLkxWMFJd5kVil3hXfOzct71bcjGrqqyAS--HgzpETxr621Kq6U11Hmr0GhTRPPQ2Ut7nQCGMPo8WYNGLdp4Utl3AGTEVFJcYDovYRAMo9u7scyWjySdD1xQc6OpFSnLCuVY7_l_MgUzB9_GXOS5S449HMK6H5nekeZ90NLzNp-NuHwXNJTyOPAXtadtEredHyyKiNw&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8EFA 2 KB
1 KB 12ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8EFA 2 KB
1 KB 20ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:03 GMT

GET
H2 200 embed.js Show response
live-tag.creatopy.net/embed/ Frame D8D6 1 KB
1 KB 90ms
18ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/embed/embed.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 31fb1563bc3a2acd8585b8fdcfdfa69862d6d3851dc822372b72703f06c6489e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-version-id: dkd.bQuiMXoYfuYmv2MvJWo_eDx5_vpn
cdn-edgestorageid: 756
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 09/09/2023 15:02:46
cdn-pullzone: 863157
last-modified: Mon, 29 May 2023 09:31:04 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "58a3be6f941c5964ebb0ecbcbb3ef14f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: max-age=2629800
cdn-requestid: e79fc2d4044ce88b32b526a7d19d09a6
cdn-requestcountrycode: DE
x-amz-cf-id: OpEFd_hboAsMZzDtISXYyvk3TTEk96V44RW8LAvky0fyGseI0i2caA==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ca Show response
choices.truste.com/ Frame D8D6 26 KB
10 KB 44ms
9ms Script
text/javascript 143.204.215.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=5ylvmne_ac4lunu_os9g1ojp&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-43.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

8060f5291c1432da759584d6fa9a150b37e720318c88d814bbccc3ee6083c7d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: FRA53-C1
cross-origin-embedder-policy: unsafe-none
age: 31426
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: XGOPo3IgSGHVjBLfLyzv4NzQgofKbcHYRFQUfycAKkGujRjW-pNYfA==

GET
H2 200 moatad.js Show response
z.moatads.com/thetradedeskv275874568748/ Frame D8D6 344 KB
118 KB 54ms
7ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7e416560c6c65a5ece272975ffd7ef087bd888eae50b1cd2a1a93eae6355be04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:16:13 GMT
server: AmazonS3
x-amz-request-id: 109HMFARBDT8VZKH
etag: "e8da0d7778465e752eb818ea8b33d68d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48796
accept-ranges: bytes
content-length: 120060
x-amz-id-2: /93iL8SdlVpD7fpP29CU0z9nk/EHtGNfiI8zQ2HgZAU0YFoyR/kxCu5gRY+aQcsDxZDD+8vVPDI=

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D8D6 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 08:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 08:54:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D8D6 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:09:15 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8D6 202 KB
64 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 05:34:03 GMT

GET
H/1.1 200
OK google
de2-bid.adsrvr.org/bid/feedback/ Frame D8D6 807 B
1 KB 31ms
8ms Image
image/gif 3.33.153.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de2-bid.adsrvr.org/bid/feedback/google?t=1&iid=baec9059-1b67-4dfb-86a9-4d13e1b43384&crid=os9g1ojp&wp=ZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g&aid=1&wpc=USD&sfe=1799074b&puid=&tdid=&pid=gtfhv5w&ag=ac4lunu&adv=069zspg&sig=1D3hnJ_ACsKFS_iTU5_R0Fzu0qc2yJIYTZBYcT6WzAi0.&bp=0.14431722933072452379&cf=5618665&fq=0&td_s=sasagefind.com&rcats=&mste=&mfld=3&mssi=&mfsi=&uhow=150&agsa=&rgz=56130&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=ko&mlang=&svpid=pub-4936470262963011&did=&rcxt=Other&lat=50.350000&lon=7.720000&tmpc=0.18000000000000682&daid=&vp=0&osi=&osv=&bx=70&bffi=41&c=CgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.&dur=CjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..&durs=AuzKvO&crrelr=&fpa=309&pcm=3&grdc=CAEYASABKAFAAUgC&vc=3&said=uAoepXc1kmCtFYgcCPF6oQ%3D%3D&auct=1&im=1&mc=f92c71b0-7475-47ff-86ff-470b3cfce4ed&abr=a6b7b956-c556-43dc-9940-1180c57cd41b&tail=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.153.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a4b61a47cf5978487.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:03 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type: image/gif
cache-control: must-revalidate, no-cache
x-connection: close

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8A6C 64 KB
24 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1480
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24357
x-xss-protection: 0
server: cafe
etag: 17020722232796629264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Nov 2023 06:09:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3EF3 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&twa=1&slotname=7728391483&adk=3087759461&adf=184259038&pi=t.ma~as.7728391483&w=205&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&armr=4&format=205x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&rs=1&rh=600&rw=205&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=124&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1395&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=126

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 08:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 08:54:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3EF3 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 10:09:15 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3EF3 202 KB
64 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 05:34:04 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D4FA 112 KB
41 KB 28ms
27ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKZTECO91tAAj3sqBJzhbBr5RzBdAaOA&u=%7C8ZP%2FflWUfZ%2BrlysJTQ40wBhuCcJru7bBXURqndcaK6k%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9egdX2BKwT-PZcJ-d-j9EfONhGQBa4lHkYbSeDh0fvp4TVQ48olH3HQfBct6QGIzSM7uUoaydhCJdt5v1yoBpN3F4k-gfsQQh1y2rPl2rCh9hedZJc0ZbbGLKaOfKR7sk6bCfphSRy5ZLOHwrA5X_MZey48QDcA6uYPkatnhZbesVNSHlQkExwpf3EDUr-y35v51YI7swE8aVIt8FwC85xVPwrJ0VnFzVZYxysOpc_7rIe82703CvEUQd1cmJU2xBBkXwaysYkFVCsSmtBhhjEcTXM-ydI7ioD3VRvWgIsEFBq47ZzqancvklJZGYROkB_N_sH6jlFKZsGvbhy7ECEG2R_QmGcO5-57FVNSa9yYi5v9Bwjw9mt-Ed3MIZ1CNvyzL0GJHryor_T0aIbOiUJeV2Lt6OvbMzI2_m2j7q_589krQwHcNfMPQUekyIt5WYPEs4cLN88mgDMejBf2NURrShQ3eE46RsOaAixF6ZUzLbJUeWjh94kdYsZtv62Jh_UF17k4rsFCpfphhNsQ1ZVBYgba-U0_6q5irsr492_faSRFKMVN_80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzbvFS4dhZbHKKe2678EPsu-jiALJntKxXL3xlPdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTQ5MzY0NzAyNjI5NjMwMTHIAQmpAgfENCuTWrI-qAMByAMCqgS9AU_Qjzs1zUBy0K7yveTBBNIFI8qhRe6i1ZJc1t3WIWzYloh2njODVk5jqW2Yh7WIY6N4MzkJjUbRPDmJaTpkrCj-_tMc53AtrXHxIjdLdFq5GgtEbSNg4M55yrLUnDI8GqYoA29D9-NRYb92_F4kc-wTLdUlC4gFl_EoTro1ZkIICdS-haCPRwZy-OQT4AJITOwg4Oy2oJJIrlOg-8QeO5fav2mQJjUTsSZdowzhklKOuuJtl4AjLqKRJV_CWIAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Nns06Sfz6iKeOSbGa5PoSWwVDaA%26client%3Dca-pub-4936470262963011%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f54bbb09dcb19ce85b53b7667d3028e41354fc3875da77bd34e253cf462f6710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=S50_vX33vu-CktAWb8_M2XMgvZ5mlOkxLuwMpYA0JE4MeOJi5PUXSSNWJGCOq2ajHKHdQfEk5xgfvC8XGw0cH340drTjhVMqbsv0GxsV0BwSXC7lkgRf2b2oBIkKls6SBGzjzDtM-SJq7lbf-kgTm0tZ1F7SCj36OoK58RgxEHOws2EjAA3yi5-0qmBpW4cO1bWcD0ai6G1ZS3bMf18_6UhxtCgIObsqCFbSElAw6xXoZjGnMotEQYRIzQTfVOdLJYu8Jg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 11120553
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 72D0 0
19 B 56ms
56ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cx_YLS4dhZd2pKIPJ7_UPt_GeqAzJntKxXNWdkfdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTQ5MzY0NzAyNjI5NjMwMTHIAQmpAgfENCuTWrI-qAMByAMCqgS5AU_QXac32zY_9RJB789HbMxbGzk20LCKVtRLhNIQPHjIIS-9-r3aDaVquUyIL0Vg5j33-Tzxb_8egi9f_B9UpOuJ1JMPtGkBaX8Bqn6Sp7IVzOgqgnEChRJH-PCPBMAlKdUBSFDknfTANb2Cg2wkKxzfDYDXMGpGXKqDL2Qnz0mrWRvusa4XWUu_-_xT7ywCuWhmuXqQYPOuTix5mO0UcZF78D-aSAgTF_zGfzEyNDVeqV8v_i_vs4KYgAa8rrWG2ZGhozGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDkzNjQ3MDI2Mjk2MzAxMRgA&sigh=mif6i5EnA7A&uach_m=%5BUACH%5D&cid=CAQSTgDICaaN9gw3tq77UyCcyqmzay5iJAYpJ8W9s78Mhd84qQzyLUle1htvhgcYa0yhLtq53JNMsAUw3ZYOObwZ9ZkGC0NubqReslZj1yihxxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=90&slotname=3242351562&adk=3443123301&adf=80450345&pi=t.ma~as.3242351562&w=728&lmt=1694892792&format=728x90&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443514&bpp=3&bdt=260&idt=122&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 05:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 72D0 0
125 B 17ms
17ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGd6BMNgFWp2DYgICAAAATpioPlr0sjoQS4dhZSd1X7wNQtqcsTkAABIAAAoKQVFVQkR3RUJEdw&wp=ZWGHSwAKFN0Iu-SDAAe4t5b4QEs37yHsZ7pHsg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 157043
server: Kestrel
content-length: 0

GET
DATA 200
OK truncated
/ Frame 3EF3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d9bb53263dffad44546bfdc02c788d4a8f39d568874247cf26e8c065b1fc2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D4FA 2 KB
1 KB 17ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWGHSwAKZTECO91tAAj3sqBJzhbBr5RzBdAaOA&u=%7C8ZP%2FflWUfZ%2BrlysJTQ40wBhuCcJru7bBXURqndcaK6k%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T9egdX2BKwT-PZcJ-d-j9EfONhGQBa4lHkYbSeDh0fvp4TVQ48olH3HQfBct6QGIzSM7uUoaydhCJdt5v1yoBpN3F4k-gfsQQh1y2rPl2rCh9hedZJc0ZbbGLKaOfKR7sk6bCfphSRy5ZLOHwrA5X_MZey48QDcA6uYPkatnhZbesVNSHlQkExwpf3EDUr-y35v51YI7swE8aVIt8FwC85xVPwrJ0VnFzVZYxysOpc_7rIe82703CvEUQd1cmJU2xBBkXwaysYkFVCsSmtBhhjEcTXM-ydI7ioD3VRvWgIsEFBq47ZzqancvklJZGYROkB_N_sH6jlFKZsGvbhy7ECEG2R_QmGcO5-57FVNSa9yYi5v9Bwjw9mt-Ed3MIZ1CNvyzL0GJHryor_T0aIbOiUJeV2Lt6OvbMzI2_m2j7q_589krQwHcNfMPQUekyIt5WYPEs4cLN88mgDMejBf2NURrShQ3eE46RsOaAixF6ZUzLbJUeWjh94kdYsZtv62Jh_UF17k4rsFCpfphhNsQ1ZVBYgba-U0_6q5irsr492_faSRFKMVN_80&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzbvFS4dhZbHKKe2678EPsu-jiALJntKxXL3xlPdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTQ5MzY0NzAyNjI5NjMwMTHIAQmpAgfENCuTWrI-qAMByAMCqgS9AU_Qjzs1zUBy0K7yveTBBNIFI8qhRe6i1ZJc1t3WIWzYloh2njODVk5jqW2Yh7WIY6N4MzkJjUbRPDmJaTpkrCj-_tMc53AtrXHxIjdLdFq5GgtEbSNg4M55yrLUnDI8GqYoA29D9-NRYb92_F4kc-wTLdUlC4gFl_EoTro1ZkIICdS-haCPRwZy-OQT4AJITOwg4Oy2oJJIrlOg-8QeO5fav2mQJjUTsSZdowzhklKOuuJtl4AjLqKRJV_CWIAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Nns06Sfz6iKeOSbGa5PoSWwVDaA%26client%3Dca-pub-4936470262963011%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:04 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D4FA 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D4FA 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 19 Nov 2024 05:34:04 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D4FA 293 B
621 B 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 19 Nov 2024 05:34:04 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame D4FA 43 B
347 B 19ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=wLvy2XH7feACxV7WL2nYIhEQoA-5JigDTLy7owe3liN2YfhQpmjiKx933G2veCP2qB_qMFbIm53_JxGDUt6EpEXBMjKqFPN9cajpHAjjOefqR13yxEMzSIVNh0WKKneDFnjZ8I4GqQGzW9d17PR8T4kbe81oeAjpwPLOlM5Y-eb1VMOLmNMc3ZZ187tDxETsd09nn5vPmXN86PztT9l96UDOoGlhy-2a7BRBxXzclSVJFUZUFspU6FOavwwHCwgTgvWJZRzjKo0Ewc2cveZlKXeOndKfL2kPT66TT3FQu3hDZuII8CyB1hGILFsG6YFc8j5E97Zk1rewIBIKV9_uTYo7UP_7k3NlcyN6LWQnmTadfDgZ-KBK4pjdbFBNGvUuiuGnbZCWGuqUXKBnNTmDyHeB1b7ZNVww1eliPaDoEObJFXhh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2068556
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D4FA 12 KB
6 KB 15ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D4FA 3 KB
3 KB 21ms
11ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=160&m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F4a7f80dda98047fca39f40cce2564e03_whatsapp_image_2023-11-20_at_08.22.14.jpeg&v=3&w=406&rid=4&s=4hfc60D6Db_wFQVoSswm6Ecu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a67b3821cfc745ddb7d6bab28d621cc7f8a23f663c0bdea72c5c0b58099220bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2622
expires: Thu, 14 Nov 2024 12:56:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D4FA 0
127 B 24ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=S50_vX33vu-CktAWb8_M2XMgvZ5mlOkxLuwMpYA0JE4MeOJi5PUXSSNWJGCOq2ajHKHdQfEk5xgfvC8XGw0cH340drTjhVMqbsv0GxsV0BwSXC7lkgRf2b2oBIkKls6SBGzjzDtM-SJq7lbf-kgTm0tZ1F7SCj36OoK58RgxEHOws2EjAA3yi5-0qmBpW4cO1bWcD0ai6G1ZS3bMf18_6UhxtCgIObsqCFbSElAw6xXoZjGnMotEQYRIzQTfVOdLJYu8Jg&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 05:34:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D4FA 2 KB
1 KB 18ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:04 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D4FA 2 KB
1 KB 19ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Nov 2024 05:34:04 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8A6C 0
234 B 125ms
42ms Ping
image/gif 2a00:1450:4010:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lpdm962t&e=21060101&ctx=2&gqid=S4dhZcyMKMLgx_APsf6tsAY&qqid=CJidydW23oIDFcriuwgdr0IIeA&met.4=fb.3j~lb.4x~ol.8z~bdt.-aw~bpp.-3i~idt.-1~dtd.0~dt.-3j&met.3=492.3k_1~492.3l~113.ax_2~112.aw_3&met.1=1.lpdm95rx~6.0~7.0~8.0~9.0~10.0~12.1~13.3d~14.3i~15.3e~16.6u~17.6u~18.6u~19.8z~20.8z~21.90~22.5h~23.5h&met.7=CAUQCBgBMH44wwJoAXB5eL19gAGRe4gB774CsAEBuAED~CB4QChgBIH4ofjCuATgwaJ8BcK4BeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIH4ofjCuATgwUH9YnwFgiwFonwFwrAF4iUWAAd1CiAHwoQGwAQG4AQM~CCoQChgBIH4ofjDLAThNUH9YnwFgiwFonwFwtQF42v4DgAGu_AOIAd3QDLABAbgBAw~CBsQBSCBATh9~CCEQBhgBIP4BKP4BMLYCODlo_gFwtgJ4rAKwAQG4AQM~CBsQBiD-ATg0~CCgQChgBIMUCKMUCMIMDOD5QxgJY6AJg0gJo6AJw9QJ40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c0f::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3EF3 0
19 B 59ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C91EeS4dhZbHKKe2678EPsu-jiALJntKxXL3xlPdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTQ5MzY0NzAyNjI5NjMwMTHIAQmpAgfENCuTWrI-qAMByAMCqgS6AU_Qjzs1zUBy0K7yveTBBNIFI8qhRe6i1ZJc1t3WIWzYloh2njODVk5jqW2Yh7WIY6N4MzkJjUbRPDmJaTpkrCj-_tMc53AtrXHxIjdLdFq5GgtEbSNg4M55yrLUnDI8GqYoA29D9-NRYb92_F4kc-wTLdUlC4gFl_EoTro1ZkIICdS-haCPRwZy-OQT4AJITOwg4Oz0orPaLsBwxmLOHE1Wn4A0KBIZByxzu45VWm8oSF1zu5i75DaxzIAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ5MzY0NzAyNjI5NjMwMTEYAA&sigh=3mwqP0oZrS8&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNaDZVbskhi22gNpfugNDo6-cELLYh_hjhS764UVoGmDnmzPUtDlH-wf8oCyNFlN0wkev4CxOP6zjZwZwCnmm1GDY54yjew3S9FBgB&cbvp=2&vis=1

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&twa=1&slotname=7728391483&adk=3087759461&adf=184259038&pi=t.ma~as.7728391483&w=205&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&armr=4&format=205x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&rs=1&rh=600&rw=205&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=124&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1395&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 05:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 3EF3 0
125 B 17ms
17ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGcz6RM0B2ASdg2ICAgAAAGjK19NWDOObEEuHYWXZCVzWBizfLpDlAAASAAAKCkFRVUJEd0VCRHc&wp=ZWGHSwAKZTECO91tAAj3sqBJzhbBr5RzBdAaOA&cbvp=2

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 132919
server: Kestrel
content-length: 0

GET
H2 200 index.html Show response
live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/ Frame F227 31 KB
5 KB 412ms
412ms Document
text/html 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/embed/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: b371766bd3577822496fb0355fea757cb445a5f58e53698e84c80da489a0a642

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0
cdn-cache: MISS
cdn-cachedat: 11/25/2023 05:34:04
cdn-edgestorageid: 874
cdn-proxyver: 1.04
cdn-pullzone: 863157
cdn-requestcountrycode: DE
cdn-requestid: df6cd458750909398c62cfde2021df16
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
content-encoding: gzip
content-length: 4689
content-type: text/html
date: Sat, 25 Nov 2023 05:34:04 GMT
last-modified: Fri, 15 Sep 2023 06:41:08 GMT
server: BunnyCDN-DE1-1079
vary: Accept-Encoding
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: 0gpnlHEdsVX8quvP-e27zeuQZIL7anB1tqSyQ8er6vLAB-RBOLMp0w==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 34j6U2u1giwC.k_VQ.c0t_CpchqcmTxU
x-cache: RefreshHit from cloudfront

GET
H2 200 n.js Show response
mb.moatads.com/ Frame 2C73 98 B
276 B 199ms
30ms Script
text/html 132.226.214.62
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=1731165928&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-53J%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-G8FnRoeeeVpMDA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRADEDESKV3&hp=1&ra=1&pxm=10&sgs=3&vb=-1&cm=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fsasagefind.com&lp=https%3A%2F%2Fsasagefind.com&t=1700890444063&de=593870688462&m=0&ar=51bd715ca6c-clean&iw=3e68dbc&q=2&cb=0&ym=0&cu=1700890444063&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=gtfhv5w%3A069zspg%3A5ylvmne%3Aac4lunu&zMoatJS=-&zMoatCachebuster=754566&zMoatCreative=os9g1ojp&zMoatDealID=-&zMoatDomain=sasagefind.com&zMoatImpressionId=baec9059-1b67-4dfb-86a9-4d13e1b43384&zMoatPartnerID=gtfhv5w&zMoatSite=sasagefind.com&zMoatSubdomain=sasagefind.com&zMoatSupplyVendor=google&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD1iYWVjOTA1OS0xYjY3LTRkZmItODZhOS00ZDEzZTFiNDMzODQmY3JpZD1vczlnMW9qcCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNzk5MDc0YiZwdWlkPSZwaWQ9Z3RmaHY1dyZhZz1hYzRsdW51JmFkdj0wNjl6c3BnJmJwPTAuMTQ0MzE3MjI5MzMwNzI0NTIzNzkmY2Y9NTYxODY2NSZmcT0wJnRkX3M9c2FzYWdlZmluZC5jb20mcmNhdHM9Jm1zdGU9Jm1mbGQ9MyZtc3NpPSZtZnNpPSZ1aG93PTE1MCZhZ3NhPSZyZ3o9NTYxMzAmc3ZidHRkPTEmZHQ9UEMmb3NmPVdpbmRvd3Mmb3M9V2luZG93czEwJmJyPUNocm9tZSZybGFuZ3M9a28mbWxhbmc9JnN2cGlkPXB1Yi00OTM2NDcwMjYyOTYzMDExJmRpZD0mcmN4dD1PdGhlciZsYXQ9NTAuMzUwMDAwJmxvbj03LjcyMDAwMCZ0bXBjPTAuMTgwMDAwMDAwMDAwMDA2ODImZGFpZD0mdnA9MCZvc2k9Jm9zdj0mYng9NzAmYmZmaT00MSZjPUNnZEhaWEp0WVc1NUVnOVNhR1ZwYm14aGJtUXRVR1poYkhvYUFDSUhRbUZrSUVWdGN6Z0JVQUdBQVFDSUFRR1FBUUd3QVFDNkFRUUlBUmdFMkFLMEVPQUNyQUw0QWdHQUF3R0lBd0dRQXdDWUF3QS4mZHVyPUNqQUtER05vWVhKblpTMWhiR3d0TVNJZ0NQX19fX19fX19fX193RVNFM1IwWkY5a1lYUmhYMlY0WTJ4MWMybHZibk1LU0FvaFkyaGhjbWRsTFdGc2JFMXZZWFJXYVdWM1lXSnBiR2wwZVZSeVlXTnJhVzVuSWlNSXBmX19fX19fX19fX0FSSU9iVzloZEMxeVpYQnZjblJwYm1jcUJnaWdqUVlZREEuLiZjcnJlbHI9JmZwYT0zMDkmcGNtPTMmZ3JkYz1DQUVZQVNBQktBRkFBVWdDJnZjPTMmc2FpZD11QW9lcFhjMWttQ3RGWWdjQ1BGNm9RJTNEJTNEJmF1Y3Q9MSZpbT0xJm1jPWY5MmM3MWIwLTc0NzUtNDdmZi04NmZmLTQ3MGIzY2ZjZTRlZCZhYnI9YTZiN2I5NTYtYzU1Ni00M2RjLTk5NDAtMTE4MGM1N2NkNDFiJnRhaWw9MSZzdj1nb29nbGUmdGFpbD0x&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=pub-4936470262963011&zGSRC=1&gu=https%3A%2F%2Fsasagefind.com%2F&id=0&ii=6&bd=sasagefind.com&zMoatOrigSlicer1=sasagefind.com&zMoatOrigSlicer2=N%2FA&gw=thetradedeskv275874568748&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A328&jk=-1&jm=-1&fs=205853&na=1065764336&cs=0&ord=1700890444063&jv=1684683576&callback=DOMlessLLDcallback_54276213
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 18110afce5b7cfcbee844e03e019e2fbf94d95b8e0c8a0b4bece7ab10b00d5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
server: istio-envoy
etag: "9d8ca9b8fb7888b5fcbf08794166c54629729254"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 8
timing-allow-origin: *
content-length: 98

GET
DATA 200
OK truncated
/ Frame D8D6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ad086c810c2e7b5ed08b21188fa19ed067375210b57a98f93c66df59e1b0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D8D6 0
19 B 54ms
53ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRD4US4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEvgFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicLCzTcYuiqZuDOgriaa063CuY-OJQtjA8f5J5dvK5nPt4N0wgdxgAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDkzNjQ3MDI2Mjk2MzAxMRgA&sigh=HCrkBk-YhTI&uach_m=%5BUACH%5D&cid=CAQSTgDICaaN8KmDr69vhpHwRSxKrOVh0Yt0IZnKhr0vG6eXGmJ_s5O3kCAnRx0THLLkt0GU7VhhgsUHWuh6X4aCFgc04bYAX3uLABbtZ0FnaxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Nov 2023 05:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=184259038&armr=4&client=ca-pub-4936470262963011&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&et=1&iaaso=1&io=0&saldr=aa&oa=0&qid=CPGbytW23oIDFW3dOwIdsvcIIQ&rafmt=1&roa=0&slot=7728391483&sp=0%2C0&tgt=div%2Faswift_3_host.0&tr=1395%2C120%2C1600%2C720&url=https%3A%2F%2Fsasagefind.com%2F&vp=1600x1200&pvc=2422037083187158

Requested by

Host: sasagefind.com
URL: https://sasagefind.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9bd7988c4202585bed4a77aa1a1e481b.js Show response
live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/ Frame F227 134 KB
39 KB 25ms
25ms Script
text/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/9bd7988c4202585bed4a77aa1a1e481b.js
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: e9afa2a61892b03195f43c289e0774de1044649cb2285536309c7817a798c16a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-version-id: GZXRwU.o97jTSoUuVpBomH8OGEpbqUV2
cdn-edgestorageid: 1079
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 09/30/2023 08:13:10
cdn-pullzone: 863157
last-modified: Fri, 15 Sep 2023 06:41:08 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "86e490e8c3f112eeac93a6ddfea86cf8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 38ede8947921b790f7548c7c1e6f2176
cdn-requestcountrycode: DE
x-amz-cf-id: 80zWNJS6zk1I9E7ahYGSefxDCKZmpC-QAS_qQ0_ImGtwqRqiuh9TXQ==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 stats-queue Show response
live-tag.creatopy.net/520783917495/ Frame F227 378 B
690 B 122ms
121ms XHR
text/xml 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.creatopy.net/520783917495/stats-queue?Action=SendMessage&MessageBody=%7B%22h%22%3A%22n536le3%22%2C%22t%22%3A%22v%22%2C%22uv%22%3A%221700890444526_n536le3_0883dfa3597d88%22%2C%22d%22%3A%22desktop%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36%22%2C%22r%22%3A%22https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124%22%2C%22tz%22%3A-60%2C%22jv%22%3A%22ek.JAYu6pu7Wj4pLT6RG2NjoAg2UXvg7%22%2C%22n%22%3A16%2C%22cb%22%3A1700890444528%7D
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/9bd7988c4202585bed4a77aa1a1e481b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 6a9343dee2011fa75f7eb22c4ce6bbae1fa17bee65a02302586febcaddb9a78c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
cdn-edgestorageid: 1053
x-amzn-requestid: c81d4480-ef96-5b94-bd07-195b661a8feb
cdn-cachedat: 11/25/2023 05:34:04
cdn-pullzone: 863157
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/xml
cdn-cache: MISS
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 24a682cb1183d90d1239c24fa08cf3d1
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 793e5baaf522152e1f8ae5c10236b990.jpg
live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/ Frame F227 31 KB
31 KB 22ms
21ms Image
image/jpeg 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/793e5baaf522152e1f8ae5c10236b990.jpg
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 7bcfce62514c7699cd16a2edffbcd5dbcf29a62a39af907c8e3af2c47cf1f0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-version-id: FYx_vJ9IILi7LF9CPzzZfCHFMdyl4vRQ
cdn-edgestorageid: 865
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cdn-cachedat: 09/30/2023 08:13:11
cdn-pullzone: 863157
content-length: 31272
last-modified: Fri, 15 Sep 2023 06:41:08 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 5e4621aae093300d66e8d6a100c8e6ad
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: gU7dS0rVoubseUjwFwu398JDjXYLBipXigXl8ei4iTo48w-PUGD4pQ==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 89f12c306cb2ca5af83d77ba4e28678d.png
live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/ Frame F227 4 KB
4 KB 19ms
19ms Image
image/png 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/89f12c306cb2ca5af83d77ba4e28678d.png
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: f7b39ccf2057a9bcededce765471ceeb648639eb0a1c2431bb29bd581596f7a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
x-amz-version-id: NPDo2IDoRNrdg5ykrEzF.MCR92hmdVOh
cdn-edgestorageid: 863
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 09/30/2023 08:13:11
cdn-pullzone: 863157
content-length: 3689
last-modified: Fri, 15 Sep 2023 06:41:08 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/png
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: ef121471d3b7791f7c5ebe2bc7bbe691
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: bv0pS80aKwFZ6TJS2YoD9Vh1zo_aUPiIdWj_KSvKvWJ3a8vw80CjWQ==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame F227 2 KB
980 B 56ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300

Requested by

Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/9bd7988c4202585bed4a77aa1a1e481b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d20f3d941ac9828ed48f9424e249fba0939dc62e99875ae214e85de9886b62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-tag.creatopy.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Nov 2023 05:01:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Nov 2023 05:34:04 GMT

GET
H2 200 3f2f8c9cb8bef6d0db531ff60950fc0f.jpg
live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/ Frame F227 31 KB
31 KB 21ms
21ms Image
image/jpeg 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/3f2f8c9cb8bef6d0db531ff60950fc0f.jpg
Requested by: Host: live-tag.creatopy.net
URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: aa6dfe6b09cd74375522d6a168c16e068efa41efeec7e6a9e8b01c189e94c929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
x-amz-version-id: O5RCMmthjQHthtLj8idexLfCubfF.Dka
cdn-edgestorageid: 874
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 09/30/2023 08:13:11
cdn-pullzone: 863157
content-length: 31588
last-modified: Fri, 15 Sep 2023 06:41:08 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 5260235a96277ef0c04eb6939283b1fe
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: UQJPBcU730tEdWwEUDlcb5M4eK-qydubafzUecPzAPhHrmG4ItPmWA==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 2C73 300 B
377 B 33ms
33ms Script
text/html 132.226.214.62
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fsasagefind.com%2F&pcode=thetradedeskv275874568748&ord=1700890444063&jv=298645560&callback=BrandSafetyNadoscallback_54276213
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 18c15f9dac44156a75fc0b469c2b2e6d7fa1149b64e7fa14e49757f62a02dd41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
server: istio-envoy
etag: "baad8cd94b4f0b2d6999d65300c4c38a865974f2"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 10
timing-allow-origin: *
content-length: 300

GET
H2 200 /
insight.adsrvr.org/enduser/pie/ Frame 2C73 807 B
882 B 107ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/pie/?pie=20&vet=0&rtb=dD0xJmlpZD1iYWVjOTA1OS0xYjY3LTRkZmItODZhOS00ZDEzZTFiNDMzODQmY3JpZD1vczlnMW9qcCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNzk5MDc0YiZwdWlkPSZwaWQ9Z3RmaHY1dyZhZz1hYzRsdW51JmFkdj0wNjl6c3BnJmJwPTAuMTQ0MzE3MjI5MzMwNzI0NTIzNzkmY2Y9NTYxODY2NSZmcT0wJnRkX3M9c2FzYWdlZmluZC5jb20mcmNhdHM9Jm1zdGU9Jm1mbGQ9MyZtc3NpPSZtZnNpPSZ1aG93PTE1MCZhZ3NhPSZyZ3o9NTYxMzAmc3ZidHRkPTEmZHQ9UEMmb3NmPVdpbmRvd3Mmb3M9V2luZG93czEwJmJyPUNocm9tZSZybGFuZ3M9a28mbWxhbmc9JnN2cGlkPXB1Yi00OTM2NDcwMjYyOTYzMDExJmRpZD0mcmN4dD1PdGhlciZsYXQ9NTAuMzUwMDAwJmxvbj03LjcyMDAwMCZ0bXBjPTAuMTgwMDAwMDAwMDAwMDA2ODImZGFpZD0mdnA9MCZvc2k9Jm9zdj0mYng9NzAmYmZmaT00MSZjPUNnZEhaWEp0WVc1NUVnOVNhR1ZwYm14aGJtUXRVR1poYkhvYUFDSUhRbUZrSUVWdGN6Z0JVQUdBQVFDSUFRR1FBUUd3QVFDNkFRUUlBUmdFMkFLMEVPQUNyQUw0QWdHQUF3R0lBd0dRQXdDWUF3QS4mZHVyPUNqQUtER05vWVhKblpTMWhiR3d0TVNJZ0NQX19fX19fX19fX193RVNFM1IwWkY5a1lYUmhYMlY0WTJ4MWMybHZibk1LU0FvaFkyaGhjbWRsTFdGc2JFMXZZWFJXYVdWM1lXSnBiR2wwZVZSeVlXTnJhVzVuSWlNSXBmX19fX19fX19fX0FSSU9iVzloZEMxeVpYQnZjblJwYm1jcUJnaWdqUVlZREEuLiZjcnJlbHI9JmZwYT0zMDkmcGNtPTMmZ3JkYz1DQUVZQVNBQktBRkFBVWdDJnZjPTMmc2FpZD11QW9lcFhjMWttQ3RGWWdjQ1BGNm9RJTNEJTNEJmF1Y3Q9MSZpbT0xJm1jPWY5MmM3MWIwLTc0NzUtNDdmZi04NmZmLTQ3MGIzY2ZjZTRlZCZhYnI9YTZiN2I5NTYtYzU1Ni00M2RjLTk5NDAtMTE4MGM1N2NkNDFiJnRhaWw9MSZzdj1nb29nbGUmdGFpbD0x
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 25 Nov 2023 05:34:04 GMT
server: Kestrel

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F227 15 KB
16 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://live-tag.creatopy.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:27:48 GMT
x-content-type-options: nosniff
age: 104776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 00:27:48 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/moat/ Frame 2C73 0
56 B 60ms
34ms Image
text/plain 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/moat/?e=60&o=dD0xJmlpZD1iYWVjOTA1OS0xYjY3LTRkZmItODZhOS00ZDEzZTFiNDMzODQmY3JpZD1vczlnMW9qcCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNzk5MDc0YiZwdWlkPSZwaWQ9Z3RmaHY1dyZhZz1hYzRsdW51JmFkdj0wNjl6c3BnJmJwPTAuMTQ0MzE3MjI5MzMwNzI0NTIzNzkmY2Y9NTYxODY2NSZmcT0wJnRkX3M9c2FzYWdlZmluZC5jb20mcmNhdHM9Jm1zdGU9Jm1mbGQ9MyZtc3NpPSZtZnNpPSZ1aG93PTE1MCZhZ3NhPSZyZ3o9NTYxMzAmc3ZidHRkPTEmZHQ9UEMmb3NmPVdpbmRvd3Mmb3M9V2luZG93czEwJmJyPUNocm9tZSZybGFuZ3M9a28mbWxhbmc9JnN2cGlkPXB1Yi00OTM2NDcwMjYyOTYzMDExJmRpZD0mcmN4dD1PdGhlciZsYXQ9NTAuMzUwMDAwJmxvbj03LjcyMDAwMCZ0bXBjPTAuMTgwMDAwMDAwMDAwMDA2ODImZGFpZD0mdnA9MCZvc2k9Jm9zdj0mYng9NzAmYmZmaT00MSZjPUNnZEhaWEp0WVc1NUVnOVNhR1ZwYm14aGJtUXRVR1poYkhvYUFDSUhRbUZrSUVWdGN6Z0JVQUdBQVFDSUFRR1FBUUd3QVFDNkFRUUlBUmdFMkFLMEVPQUNyQUw0QWdHQUF3R0lBd0dRQXdDWUF3QS4mZHVyPUNqQUtER05vWVhKblpTMWhiR3d0TVNJZ0NQX19fX19fX19fX193RVNFM1IwWkY5a1lYUmhYMlY0WTJ4MWMybHZibk1LU0FvaFkyaGhjbWRsTFdGc2JFMXZZWFJXYVdWM1lXSnBiR2wwZVZSeVlXTnJhVzVuSWlNSXBmX19fX19fX19fX0FSSU9iVzloZEMxeVpYQnZjblJwYm1jcUJnaWdqUVlZREEuLiZjcnJlbHI9JmZwYT0zMDkmcGNtPTMmZ3JkYz1DQUVZQVNBQktBRkFBVWdDJnZjPTMmc2FpZD11QW9lcFhjMWttQ3RGWWdjQ1BGNm9RJTNEJTNEJmF1Y3Q9MSZpbT0xJm1jPWY5MmM3MWIwLTc0NzUtNDdmZi04NmZmLTQ3MGIzY2ZjZTRlZCZhYnI9YTZiN2I5NTYtYzU1Ni00M2RjLTk5NDAtMTE4MGM1N2NkNDFiJnRhaWw9MSZzdj1nb29nbGUmdGFpbD0x
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=600&slotname=5020405467&adk=1298321340&adf=2908928753&pi=t.ma~as.5020405467&w=300&lmt=1694892792&format=300x600&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443517&bpp=1&bdt=264&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-95&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=1024&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
server: Kestrel

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 44ms
43ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2fbe6d97dbe91f91aeb6c5880bcd4811487ee008efa549748f807722acc8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12436
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5AFC25AAE4774E1E83E41EFD1B9970C3&RedC=c.clarity.ms&MXFR=2DC1FB0A1C3760A736A1E8DE18376E66
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AFC25AAE4774E1E83E41EFD1B9970C3&MUID=2149114A30526D902BEC029E31806C3E

42 B
442 B

29ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AFC25AAE4774E1E83E41EFD1B9970C3&MUID=2149114A30526D902BEC029E31806C3E
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:04 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1D8306AF68E4AEAB5131768B457FCDD Ref B: FRAEDGE1213 Ref C: 2023-11-25T05:34:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5AFC25AAE4774E1E83E41EFD1B9970C3&MUID=2149114A30526D902BEC029E31806C3E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 05:34:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45AB 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sasagefind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 53464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 14:43:00 GMT
expires: Sat, 23 Nov 2024 14:43:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2B9D 829 B
1 KB 62ms
24ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5720753cb2981232f53bb8daee4c7f84055dd244bbe8aec003123d44e16aace1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bw5gGcIWwH2bMfAXgue14Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sasagefind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bw5gGcIWwH2bMfAXgue14Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 05:34:04 GMT
expires: Sat, 25 Nov 2023 05:34:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
294 B 98ms
97ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sasagefind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sasagefind.com
Date: Sat, 25 Nov 2023 05:34:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 45AB 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 14:37:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2B9D 0
0 47ms
47ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2422037083187158&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A6C 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSQUkTqcj8NnKma_3cx4mJpM-ZZReZ30rcj8NH8E72MoLW5rgamsms5PCwC1SLGGZeKisCFduydjtOJD4eMitw5UK7JbKZFbF6ztWRUyEeD5coBr9UrQ&sig=Cg0ArKJSzEcOaOet588DEAE&id=lidar2&mcvt=1004&p=0,0,280,1128&mtos=577,1004,1004,1004,1004&tos=577,427,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3316842740&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700890443645&rpt=231&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E977 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 05:34:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 45AB 0
10 B 12ms
12ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ENSiqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 8EFA 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 05:34:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 72D0 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLiy62LJooTEKu-oMCZgBotFkvtsTfjnkkWkiQoOXUJJQF3lzLuumNR0neOglXWw7RrWMfVAA_mdtM6gWApX9L5oPYpHYOBIhqTaYKmJAe3ysLpEGB&sig=Cg0ArKJSzMDZPKfi3GzzEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3443123301&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700890443639&rpt=316&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D4FA 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 25 Nov 2023 05:34:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3EF3 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuZjipq4JfrZq8lzo6rmsplPc1-SsSUvsG_0VIElTk7zCd6L_QRNQ7Km-IwSE0KgAHNmO5yVSPU4wiFCQxWtVScvwNvdwgK1YFcvO-TMsaA7XPxNJD&sig=Cg0ArKJSzDsQpnk5-kBdEAE&id=lidar2&mcvt=1000&p=0,0,600,205&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3087759461&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700890443643&rpt=407&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D8D6 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9KruHMX-DGG0u5Hm7nW7M0fjmcDKwovfSVg7ZM1wHnsmiMa7NOHxyX_MtQUn4WOvXtsGAcXyJ-Hg5V1Uey_8CqSy2J2J2KRmaZK5cz0qOtOKd-P5B&sig=Cg0ArKJSzOjoeTA6Eq18EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&vu=1&app=0&itpl=20&adk=1298321340&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700890443959&rpt=155&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2422037083187158&bg=!6-il6KfNAAZxrfrxUa07ADQBe5WfOAk7Sun8Bt9_JytGtBzk06dNMfm-f0ISMl5XriLrCI_UZb4wHVPMayl1AhO2Pa_DAgAAAEBSAAAAAmgBBwoAS-hckfbPItln948JRQ1MucUE1LgKPMipUBWisGgnOAyRs7aRZHa91ksE4Wsy55mOo18rWDBS_G73sG839xPepIi71IWANTAa9Q9AuJkCtFau-CbVn7AADuCc1yZJOOxVzgEehFzRiwnl0bK7tMM6jPUClLOKLWp1GGig_kssZ8vMxf9iBFyL4Si9SLdpzMvZ5gf4hR20etMX0BlnG8BgXmTnWVofdGqK1lXEzpzufUSvlw4OfEYibSM98Jbe32iISoi3GIgaS3dRTS0QL4FMha1AZuyjWi_hznuCh4mX-n1BJ2_bV5T9IO2h--_jtarggOC3kmem-QDCY4dFmNrVnJ-38IsKuiB5gkJgE7xjaoPWRAKWdMNd_eMWtDWi8h8pmJHsv5nkyyfdyApPuxEV_yeSCKFsUIKXrpJdj3Ghsu2TqEGxZGyClM-mOk3Jq-Bf8OwIlFlFcbwep8l9rnURf8ISIADemLPRyQTU9CRPQ7bnKWWTsKKdVKflZAWI7dVuqXYmSUlIU6fX2UofWVxyeM9rEkxUCj-40zc_N6PFIKu3QgUImVboAG8c5-cDZ01RdxWPfPCR3kYdCggNs4qrSrZNRDpdaTU_D6-V9gXnk_RZe2YKPFGqNY9ikBIqTgSeFDJI4TBAu4LC8FnJqNP9PIN6-Bvhu8qZjM-J50pC15TtzzIfhSniVSQ5MreAM02isxnnhtvLFc_qiGiS3vaVTC562bbpaN-KODC83BnFzsFKJW3hyVwV70u1Nj26pcoaoCK7XjSWx02wiVXoBsKhe4dzJzY-NskgBWVj6cF5atngns4kA--fmC6rf8OnAkj95aIJ7FlGmALbf4R2TYC2wTKiyI09BaZ3mX9yaR2u56VkRPMCsE20mj6y3VL5IX48SYsFA3gW-PovaGfpGr9_41DrQKXrbXtQCTJPAyNPIYvvQN6y8-i2PP2jmqknASAiRw54BB6QoRmxn7hZUuIuT6RYnPLIYRkGavtGtt6Xr9bcGP1cKzTGRzf0gkVL-kEMxLo0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 get Show response
choices.trustarc.com/ Frame D8D6 20 KB
6 KB 39ms
8ms Script
text/javascript 52.222.214.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/get?name=pmw2.js
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=5ylvmne_ac4lunu_os9g1ojp&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-37.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0affa837a4669f475d1195dba5f0e3f054035f22e4c560992b71d0f298cedb89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 14:18:26 GMT
content-encoding: gzip
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 1610139
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 6 Nov 2023 03:03:44 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 8lB3PYeMcPw9Mx1Dc2OYYpqZLfZmxiH51_eavdxWlCjwygYSS0cQeA==
expires: Wed, 06 Dec 2023 14:18:26 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame D8D6 43 B
1020 B 137ms
106ms Image
image/gif 52.222.214.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?&aid=tradedesk01&pid=tradedesk01&cid=5ylvmne_ac4lunu_os9g1ojp&w=160&h=600&c=f34c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-37.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: gibssd9O-FIUCUNHWHMmlW5zlM9o7KUpi0MSbOANfZOsbh8swpFZiA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 8EFA 98 KB
98 KB 14ms
14ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 100128
expires: Thu, 14 Nov 2024 13:03:18 GMT

GET
H2 200 get
choices.trustarc.com/ Frame E9FF 287 B
671 B 8ms
8ms Image
image/png 52.222.214.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-37.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Sun, 19 Nov 2023 13:19:27 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
server: nginx
x-amz-cf-pop: FRA56-P3
age: 490478
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: U6XYgFOu3R4Z5uUZY33hIy6paD6g4d6sV7oKK3UazDAsCukhfAuWWg==
expires: Tue, 19 Dec 2023 13:19:27 GMT

GET
H2 200 /
insight.adsrvr.org/enduser/pie/ Frame 2C73 807 B
881 B 33ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/enduser/pie/?pie=20&vet=1&rtb=dD0xJmlpZD1iYWVjOTA1OS0xYjY3LTRkZmItODZhOS00ZDEzZTFiNDMzODQmY3JpZD1vczlnMW9qcCZ3cD0lJVdJTk5JTkdfUFJJQ0UlJSZhaWQ9MSZ3cGM9VVNEJnNmZT0xNzk5MDc0YiZwdWlkPSZwaWQ9Z3RmaHY1dyZhZz1hYzRsdW51JmFkdj0wNjl6c3BnJmJwPTAuMTQ0MzE3MjI5MzMwNzI0NTIzNzkmY2Y9NTYxODY2NSZmcT0wJnRkX3M9c2FzYWdlZmluZC5jb20mcmNhdHM9Jm1zdGU9Jm1mbGQ9MyZtc3NpPSZtZnNpPSZ1aG93PTE1MCZhZ3NhPSZyZ3o9NTYxMzAmc3ZidHRkPTEmZHQ9UEMmb3NmPVdpbmRvd3Mmb3M9V2luZG93czEwJmJyPUNocm9tZSZybGFuZ3M9a28mbWxhbmc9JnN2cGlkPXB1Yi00OTM2NDcwMjYyOTYzMDExJmRpZD0mcmN4dD1PdGhlciZsYXQ9NTAuMzUwMDAwJmxvbj03LjcyMDAwMCZ0bXBjPTAuMTgwMDAwMDAwMDAwMDA2ODImZGFpZD0mdnA9MCZvc2k9Jm9zdj0mYng9NzAmYmZmaT00MSZjPUNnZEhaWEp0WVc1NUVnOVNhR1ZwYm14aGJtUXRVR1poYkhvYUFDSUhRbUZrSUVWdGN6Z0JVQUdBQVFDSUFRR1FBUUd3QVFDNkFRUUlBUmdFMkFLMEVPQUNyQUw0QWdHQUF3R0lBd0dRQXdDWUF3QS4mZHVyPUNqQUtER05vWVhKblpTMWhiR3d0TVNJZ0NQX19fX19fX19fX193RVNFM1IwWkY5a1lYUmhYMlY0WTJ4MWMybHZibk1LU0FvaFkyaGhjbWRsTFdGc2JFMXZZWFJXYVdWM1lXSnBiR2wwZVZSeVlXTnJhVzVuSWlNSXBmX19fX19fX19fX0FSSU9iVzloZEMxeVpYQnZjblJwYm1jcUJnaWdqUVlZREEuLiZjcnJlbHI9JmZwYT0zMDkmcGNtPTMmZ3JkYz1DQUVZQVNBQktBRkFBVWdDJnZjPTMmc2FpZD11QW9lcFhjMWttQ3RGWWdjQ1BGNm9RJTNEJTNEJmF1Y3Q9MSZpbT0xJm1jPWY5MmM3MWIwLTc0NzUtNDdmZi04NmZmLTQ3MGIzY2ZjZTRlZCZhYnI9YTZiN2I5NTYtYzU1Ni00M2RjLTk5NDAtMTE4MGM1N2NkNDFiJnRhaWw9MSZzdj1nb29nbGUmdGFpbD0x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 25 Nov 2023 05:34:05 GMT
server: Kestrel

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
294 B 98ms
97ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sasagefind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sasagefind.com
Date: Sat, 25 Nov 2023 05:34:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 3f2f8c9cb8bef6d0db531ff60950fc0f.jpg
live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/ Frame F227 31 KB
31 KB 22ms
22ms Image
image/jpeg 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/3f2f8c9cb8bef6d0db531ff60950fc0f.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: aa6dfe6b09cd74375522d6a168c16e068efa41efeec7e6a9e8b01c189e94c929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:07 GMT
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
x-amz-version-id: O5RCMmthjQHthtLj8idexLfCubfF.Dka
cdn-edgestorageid: 874
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cdn-cachedat: 09/30/2023 08:13:11
cdn-pullzone: 863157
content-length: 31588
last-modified: Fri, 15 Sep 2023 06:41:08 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: ffcc38fd7ef7a864ef28a54972c2eafa
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: UQJPBcU730tEdWwEUDlcb5M4eK-qydubafzUecPzAPhHrmG4ItPmWA==
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8abf1cb8422b1c99422377928d4daa53.jpg
live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/ Frame F227 42 KB
42 KB 26ms
26ms Image
image/jpeg 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/media/8abf1cb8422b1c99422377928d4daa53.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: accfd0e2476323168e5e561ffb2fc1c79140a26d5f6bf965ef5d53f8c7897fac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://live-tag.creatopy.net/designs/n536le3/embed/thetradedesk/index.html?hash=n536le3&width=160&height=600&t=1700890444059&userId=825181&network=THETRADEDESK&type=html5&clickTag=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dbaec9059-1b67-4dfb-86a9-4d13e1b43384%26ag%3Dac4lunu%26sfe%3D1799074b%26sig%3Dh76ksksM8IOsuDktjEje3Uhk1vhuAfmH3tO8b3c9aRU.%26crid%3Dos9g1ojp%26cf%3D5618665%26fq%3D0%26t%3D1%26td_s%3Dsasagefind.com%26rcats%3D%26mste%3D%26mfld%3D3%26mssi%3D%26mfsi%3D%26sv%3Dgoogle%26uhow%3D150%26agsa%3D%26wp%3DZWGHSwAKWR0KmvASAAMLdH-Ytpmneuom3Jou8g%26rgz%3D56130%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4936470262963011%26rlangs%3Dko%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D0.18000000000000682%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgdHZXJtYW55Eg9SaGVpbmxhbmQtUGZhbHoaACIHQmFkIEVtczgBUAGAAQCIAQGQAQGwAQC6AQQIARgE2AK0EOACrAL4AgGAAwGIAwGQAwCYAwA.%26dur%3DCjAKDGNoYXJnZS1hbGwtMSIgCP___________wESE3R0ZF9kYXRhX2V4Y2x1c2lvbnMKSAohY2hhcmdlLWFsbE1vYXRWaWV3YWJpbGl0eVRyYWNraW5nIiMIpf__________ARIObW9hdC1yZXBvcnRpbmcqBgigjQYYDA..%26durs%3DAuzKvO%26crrelr%3D%26npt%3D%26fpa%3D309%26pcm%3D3%26said%3DuAoepXc1kmCtFYgcCPF6oQ%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26tail%3D1%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLYNAS4dhZZ2yKZLg6wT0loyoB92V5bdc9v6PjlfAjbcBEAEgAGCVgoCAtAeCARdjYS1wdWItNDkzNjQ3MDI2Mjk2MzAxMcgBCagDAcgDAqoEwQFP0DQqnNPpmm3DMDuSfdUl4tFab3Ust_tFsRH8a4d_NGWQHv2MtEtP0L_9tkBssnkomHXaBiWMGlic3w0wPbu4YAQz93wniDdbbN8ZTpJNcKKR9erEPVuECbR3b6uxA3gyBs67QyWzw5Or6inU36_LUHJmH_hQpm_dBOXKItLeT2rnKmGEx-xbMLWANI5udD6VaMWq6gwgicKAzxeKfLBwyZlJuKcNwih9ArOmLCV7oFB2NhLamYfjr0fKM3bbb4KggAbf-MyvnfWi4m6gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GRDg5Co1BVOR103QK2XJJgMcwFA%2526client%253Dca-pub-4936470262963011%2526adurl%253D&oref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4936470262963011%26output%3Dhtml%26h%3D600%26slotname%3D5020405467%26adk%3D1298321340%26adf%3D2908928753%26pi%3Dt.ma~as.5020405467%26w%3D300%26lmt%3D1694892792%26format%3D300x600%26url%3Dhttps%253A%252F%252Fsasagefind.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700890443517%26bpp%3D1%26bdt%3D264%26idt%3D123%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D7304720097754%26frm%3D20%26pv%3D1%26ga_vid%3D1727665163.1700890444%26ga_sid%3D1700890444%26ga_hid%3D358066886%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-95%26ady%3D120%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078297%252C44807763%252C44808149%252C44808284%252C44809056%252C44809071%26oid%3D2%26pvsid%3D2422037083187158%26tmod%3D1951962955%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D1024%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D124
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:34:07 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-version-id: saKiV1lNhQg7gTsPez_aEQ6vjMvSrkpV
cdn-edgestorageid: 1053
age: 37632
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cdn-cachedat: 10/31/2023 19:02:07
cdn-pullzone: 863157
content-length: 42706
last-modified: Fri, 15 Sep 2023 06:41:08 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 842b29c0-504c-4328-8e4a-eff14e80c5d1
cache-control: public, max-age=2592000
cdn-requestid: 80544c78cd3a623b295c88e2bc574362
accept-ranges: bytes
cdn-requestcountrycode: DE
x-amz-cf-id: UN2utxyz80ODPSYl13Mf5N7MuK1CpUIdZ_3kavps9_8_uIvs4q0ABw==
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YNZE6H6P6F&gtm=45je3b81v9135002277&_p=1700890443493&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1727665163.1700890444&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700890443&sct=1&seg=0&dl=https%3A%2F%2Fsasagefind.com%2F&dt=%EC%82%AC%EC%82%AC%EA%B2%8C%20%EA%B2%80%EC%83%89%EA%B8%B0&en=scroll&epn.percent_scrolled=90&_et=2&tfd=6522
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YNZE6H6P6F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sasagefind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Nov 2023 05:34:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sasagefind.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sasagefind.com/	1970-01-21 02:04:10	Name: wcs_bt Value: 12a22493a79ad40:1700890443
.sasagefind.com/	1970-01-21 02:04:10	Name: _ga Value: GA1.1.1727665163.1700890444
.sasagefind.com/	1970-01-21 02:04:10	Name: _ga_YNZE6H6P6F Value: GS1.1.1700890443.1.0.1700890443.0.0.0
www.clarity.ms/	1970-01-21 01:13:46	Name: CLID Value: 814b94069b81425faae73fe7664acaf7.20231125.20241124
.sasagefind.com/	1970-01-21 01:13:46	Name: _clck Value: 1ijb49e%7C2%7Cfh0%7C0%7C1424
.sasagefind.com/	1970-01-21 01:49:46	Name: __gads Value: ID=b4c848c67cdb5915:T=1700890443:RT=1700890443:S=ALNI_MaquEV1GjBKMAJ7eqb4-fsa3WvDtQ
.sasagefind.com/	1970-01-21 01:49:46	Name: __gpi Value: UID=00000cdb399629bc:T=1700890443:RT=1700890443:S=ALNI_MZndlAcP1skV--UaOW6QCicvGUEMw
.doubleclick.net/	1970-01-21 01:49:46	Name: IDE Value: AHWqTUkWtGHk3vszbIMvguaoq_8Q702_E-i8LVpQ_QBlS-STwAMxkWvCMluXqP-lu8c
.doubleclick.net/	1970-01-20 16:28:11	Name: test_cookie Value: CheckForPermission
.adsrvr.org/	1970-01-21 01:15:12	Name: TDID Value: 8e340ab9-56bc-45d1-a044-6e1f6ab9da31
.adsrvr.org/	1970-01-21 01:15:12	Name: TDCPM Value: CAEYBTgBQgQiAggB
.sasagefind.com/	1970-01-20 16:29:36	Name: _clsk Value: ot7gc3%7C1700890444174%7C1%7C1%7Ct.clarity.ms%2Fcollect
.wcs.naver.com/	1970-01-21 02:04:10	Name: NWB Value: 22ca7caa456aa7e62eb18d2635941fe2.1700890444325
.bing.com/	1970-01-21 01:49:46	Name: MUID Value: 2149114A30526D902BEC029E31806C3E
.c.bing.com/	1970-01-20 16:38:15	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:49:46	Name: SRM_B Value: 2149114A30526D902BEC029E31806C3E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:49:46	Name: MUID Value: 2149114A30526D902BEC029E31806C3E
.c.clarity.ms/	1970-01-20 16:38:15	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:28:11	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4936470262963011&output=html&h=280&slotname=2751396977&adk=3316842740&adf=1615842680&pi=t.ma~as.2751396977&w=1128&fwrn=4&fwrnh=100&lmt=1694892792&rafmt=1&format=1128x280&url=https%3A%2F%2Fsasagefind.com%2F&ea=0&fwr=0&fwrattr=true&rh=280&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700890443518&bpp=1&bdt=265&idt=126&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600%2C205x600&nras=1&correlator=7304720097754&frm=20&pv=1&ga_vid=1727665163.1700890444&ga_sid=1700890444&ga_hid=358066886&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078297%2C44807763%2C44808149%2C44808284%2C44809056%2C44809071&oid=2&pvsid=2422037083187158&tmod=1951962955&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=127 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	(Line 3) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
api.sasagefind.com
c.bing.com
c.clarity.ms
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
choices.trustarc.com
choices.truste.com
csi.gstatic.com
csm.eu.criteo.net
de2-bid.adsrvr.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
insight.adsrvr.org
live-tag.creatopy.net
mb.moatads.com
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
sasagefind.com
securepubads.g.doubleclick.net
spoqa.github.io
static.criteo.net
t.clarity.ms
tpc.googlesyndication.com
wcs.naver.com
wcs.naver.net
www.clarity.ms
www.google.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
110.93.147.30
132.226.214.62
143.204.215.43
178.250.1.6
20.114.189.70
2001:4860:4802:34::36
23.212.205.62
23.35.237.151
2400:52e0:1e00::1079:1
2606:4700:3031::ac43:9cf6
2606:4700:3036::6815:594c
2606:4700::6810:5914
2606:50c0:8001::153
2620:1ec:bdf::44
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4010:c0f::5e
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
3.33.153.203
52.222.214.37
52.223.40.198
68.219.88.97
02acbf387bc5f2a54c9889a35e6e77e6aa1a792f04f03cd136c2b2e8e8bda244
075b121fd737fe6f6fc92e66ab10b59979c014410cc8f6ae8c18a83efbff290a
09179fbf28cf2ce0b33ecc09151ffe30c39af2d283a8f1fc0bdd5f606ad189ca
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0affa837a4669f475d1195dba5f0e3f054035f22e4c560992b71d0f298cedb89
0b2fbe6d97dbe91f91aeb6c5880bcd4811487ee008efa549748f807722acc8c9
13ad086c810c2e7b5ed08b21188fa19ed067375210b57a98f93c66df59e1b0f6
18110afce5b7cfcbee844e03e019e2fbf94d95b8e0c8a0b4bece7ab10b00d5cf
18c15f9dac44156a75fc0b469c2b2e6d7fa1149b64e7fa14e49757f62a02dd41
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fb1563bc3a2acd8585b8fdcfdfa69862d6d3851dc822372b72703f06c6489e
373a483d1324667552653341be0c44a8fd798d8931397cd92ca7c729cb5e1160
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
4249bafc6673772edd9f3ed64589496ffbbd084a81dd85d6e170058fad86d117
42b84e40e3ccad5447db1a0bce0a55fa951c40b51e01064d65c2fb6acc2e1a54
45ac4bacbb656ac1f9e8a33f3bbfe9f02ce7ea89b1f00f667dbe13f144f52dcf
4d20f3d941ac9828ed48f9424e249fba0939dc62e99875ae214e85de9886b62d
4d2274df1a4a6d0d786c38e3d15c7a337f0ea9ad65392c0bd9fb55ad3319de22
4d9bb53263dffad44546bfdc02c788d4a8f39d568874247cf26e8c065b1fc2bb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5720753cb2981232f53bb8daee4c7f84055dd244bbe8aec003123d44e16aace1
582becbb62bba81285347855cf7027db831b23e6419c89c427d05e4c3cea0741
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6a9343dee2011fa75f7eb22c4ce6bbae1fa17bee65a02302586febcaddb9a78c
6bebc407de67cbc0a0266e0e70d8c8f0f2d1c5e4aa0714a3178e5409b6877de1
6ff03d9590967ac30d1974872b8b51ed7abe34b5fa963c1f72ca8258e52654a6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7775754a21bd40f138b01472e6442a4016aaa0416464ad123b7c6f37b2d77a6a
78551535760476bb888522b5653a06e9bb7b17063374574a90404466ba4cee58
7bcfce62514c7699cd16a2edffbcd5dbcf29a62a39af907c8e3af2c47cf1f0dd
7e416560c6c65a5ece272975ffd7ef087bd888eae50b1cd2a1a93eae6355be04
7f98c688a6a270ccbc2b1dbf96bd89f40174c4b859edd8aa6d3c885d8346ad12
8060f5291c1432da759584d6fa9a150b37e720318c88d814bbccc3ee6083c7d5
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90e99da37a9cfcf525d4469e6039ad9638a569019278f91060cdd9fe6abc47be
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a67b3821cfc745ddb7d6bab28d621cc7f8a23f663c0bdea72c5c0b58099220bc
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa6dfe6b09cd74375522d6a168c16e068efa41efeec7e6a9e8b01c189e94c929
aca84b0983515a3954813cc4a99657f826057ea5692148ec2fd437f97584de5b
accfd0e2476323168e5e561ffb2fc1c79140a26d5f6bf965ef5d53f8c7897fac
ad3a5d3b41d7042369ade00772eead0763e9839d79568fb91ad612b2734bcfef
b35db23e2943d2a5236e618577f88429e954a2f495cdc8fe4299de61ee465687
b371766bd3577822496fb0355fea757cb445a5f58e53698e84c80da489a0a642
c291a94f6707d39d5f4051a564adc835501659ea5c59c0a068362b00be3960ce
c61741886709440b509140f0fac55450186508cdc7b7a24032dbecdb8705f162
c85faa3fa812cae9fad6eadc662b0e68c84f010b61c5c0ebc769a7b43e0fcd4d
cf8905437079a7e9bbf28e3e1428a585ea2a216ca5e2a0cbab35afdddf9da202
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
e3891c23811f10f5c636c64912c6f434d3cf01b4e602112c4cac6418c2d2b652
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9afa2a61892b03195f43c289e0774de1044649cb2285536309c7817a798c16a
eda5bb9e346e3fdd538f60bb38e436c50d660329b8fefd376eb886e4a576d2fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f54bbb09dcb19ce85b53b7667d3028e41354fc3875da77bd34e253cf462f6710
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7b39ccf2057a9bcededce765471ceeb648639eb0a1c2431bb29bd581596f7a0

sasagefind.com Open in urlscan Pro 2606:4700:3036::6815:594c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

99 %HTTPS

68 %IPv6

22 Domains

34 Subdomains

33 IPs

7 Countries

2035 kBTransfer

4257 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sasagefind.com Open in urlscan Pro
2606:4700:3036::6815:594c Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

99 %
HTTPS

68 %
IPv6

22
Domains

34
Subdomains

33
IPs

7
Countries

2035 kB
Transfer

4257 kB
Size

20
Cookies

123 HTTP transactions
4 data transactions