urlscan.io logo urlscan.io
SecurityTrails logo

login-ed.com Open in urlscan Pro
2606:4700:20::681a:ff4  Public Scan

Go To Rescan Add Verdict Report
URL: https://login-ed.com/comerica-hsa-account
Submission: On July 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 6 countries across 31 domains to perform 158 HTTP transactions. The main IP is 2606:4700:20::681a:ff4, located in United States and belongs to CLOUDFLARENET, US. The main domain is login-ed.com. The Cisco Umbrella rank of the primary domain is 550982.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 27th 2022. Valid for: a year.
This is the only time login-ed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
5 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:1::2 44788 (ASN-CRITE...)
3 2a02:2638::b 44788 (ASN-CRITE...)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
21 2a02:2638:1::3 44788 (ASN-CRITE...)
3 2600:9000:21f... 16509 (AMAZON-02)
3 178.250.0.160 44788 (ASN-CRITE...)
21 178.250.0.139 44788 (ASN-CRITE...)
6 178.250.0.162 44788 (ASN-CRITE...)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 18.195.144.156 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
1 198.47.127.19 3257 (GTT-BACKB...)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 104.18.18.126 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 172.217.18.102 15169 (GOOGLE)
3 3 104.111.239.217 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 46.236.35.87 12703 (PULSANT-AS)
1 13.225.78.56 16509 (AMAZON-02)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 52.50.31.24 16509 (AMAZON-02)
158 35
13    2606:4700:20::681a:ff4 (United States)

ASN13335 (CLOUDFLARENET, US)
login-ed.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
12    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
5    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
cm.g.doubleclick.net
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
11    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
3    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
21    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2600:9000:21f3:7a00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
3    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
21    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
6    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.195.144.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-144-156.eu-central-1.compute.amazonaws.com
d.agkn.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
ad.doubleclick.net
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
2    46.236.35.87 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net
track.webgains.com
1    13.225.78.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-56.fra2.r.cloudfront.net
analytics.webgains.io
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    52.50.31.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-31-24.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
48 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
pix.eu.criteo.net — Cisco Umbrella Rank: 6881
csm.eu.criteo.net — Cisco Umbrella Rank: 7033
104 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
299 KB
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
ad.doubleclick.net — Cisco Umbrella Rank: 189
55 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2826
ad4m.at — Cisco Umbrella Rank: 2219
assets.ad4m.at — Cisco Umbrella Rank: 38009
446 KB
13 login-ed.com
login-ed.com — Cisco Umbrella Rank: 550982
292 KB
9 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10664
ads.eu.criteo.com — Cisco Umbrella Rank: 7052
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8758
167 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
170 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
1 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18555
api.webgains.io — Cisco Umbrella Rank: 53778
52 KB
3 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1303
2 KB
3 gstatic.com
fonts.gstatic.com
62 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 38795
87 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14048
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
2 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 101581
static-de.ad4mat.net — Cisco Umbrella Rank: 150263
4 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
914 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
86 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 53303
695 B
1 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 17689
696 B
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 77700
518 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
461 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 629
166 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1589
350 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 635
98 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 557
761 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1107
463 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
644 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2733
345 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
70 KB
158 31
Domain Requested by
21 pix.eu.criteo.net ads.eu.criteo.com
21 static.criteo.net ads.eu.criteo.com
13 login-ed.com login-ed.com
11 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
login-ed.com
11 pagead2.googlesyndication.com login-ed.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 assets.ad4m.at as.ad4m.at
6 csm.eu.criteo.net ads.eu.criteo.com
4 ad4m.at as.ad4m.at
ad4m.at
4 cm.g.doubleclick.net googleads.g.doubleclick.net
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 www.googletagservices.com googleads.g.doubleclick.net
3 cat.fr.eu.criteo.com ads.eu.criteo.com
3 secure-gl.imrworldwide.com ads.eu.criteo.com
3 ads.eu.criteo.com googleads.g.doubleclick.net
3 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
login-ed.com
3 fonts.gstatic.com fonts.googleapis.com
2 api.webgains.io analytics.webgains.io
2 track.webgains.com as.ad4m.at
2 www.awin1.com 2 redirects
2 ad.doubleclick.net 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 connect.facebook.net login-ed.com
connect.facebook.net
2 fonts.googleapis.com login-ed.com
1 www.facebook.com connect.facebook.net
1 analytics.webgains.io track.webgains.com
1 www.conrad.de as.ad4m.at
1 www.zenaps.com 1 redirects
1 banner.congstar.de as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 pixel.rubiconproject.com 1 redirects
1 image6.pubmatic.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 id.rlcdn.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net login-ed.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com login-ed.com
158 43
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-27 -
2023-05-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-09 -
2022-07-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-22 -
2022-08-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-06-18 -
2022-09-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-18 -
2022-08-13		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-13 -
2023-06-08		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh

This page contains 19 frames:

Primary Page: https://login-ed.com/comerica-hsa-account
Frame ID: F6DD7E4C0C330E7EBF36AF6AA0CFD778
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Frame ID: 61BF9A2DADD7B9D0BD3FEFA83787B93B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&adk=1812271804&adf=3025194257&lmt=1656680989&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988988&bpp=3&bdt=359&idt=250&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4256398597249&frm=20&pv=2&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270
Frame ID: 108D69E4250DA33A846109562391D993
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Frame ID: 847EEBA3F23391F9B4B626CB79F07133
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
Frame ID: E679E64437A0BD97D7C1A54A616034B2
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Frame ID: 85693428AB4AE6985884AE4669DB1170
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Frame ID: 0E16E4A2E5ECC964E3C4607F064CD65A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=50&adk=2324557374&adf=1662351331&pi=t.aa~a.1411169061~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x50&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=953&idt=1&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280%2C350x280&nras=3&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=2000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=3Fde2k0nhE&p=https%3A//login-ed.com&dtd=33
Frame ID: AAAB8C644380DBA322DC63F8E601ECE4
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Frame ID: 94A45824218DE6C4DA9E1DACF29987D4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9FE79BA87328DA8BF499938FA1B5F203
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Frame ID: 26BE64D29699F365FDA95B5CF77DA4B6
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CO3LsHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNQBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUKmeGr-houRFT_XNLFSfACUGW7YaCOImaI3xErg6TpjcbUqsiwSCABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY5ODMzNDE3MTEwNzkyOTcYAA&sigh=JybAYnLGmNg&uach_m=[UACH]&cid=CAQSOwCNIrLMQOHyEtm84tbXafjL_l46MGGxHV9mzaovNMc5iHcNSUIKumJzv7zIiGsZ9EW-rhds8xJY98NGGAE
Frame ID: 9D730A0791BD72D677401EB745AC58B4
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1grzt2fq076c2z9hmxkdv3wtgjsetvz9gc1rrmx7x9q5hjxrnkhq00qys01vcbw8zbas20get6hjds2yc5chdtv12f32hvxns2v4xaafa4x91t9vvmwscnptmhpfy5r2ye0x3s255jkyrxh4chgx1fmafbbadbr6edk2dnwend2r50rhanrfxf1xgrpwkq58zjk2rvfv89sevsy9kyge1653tz7zpztspm2nvtm0pm753mw8r21kpy2grd8sm9qbmveca8zddqr42pxrcpqz034gt0jztmvdm5xes64y18tspxayxykfyvyywn7mcf75tfemsvedq7qkavzy9hb174znqvt8h4gvdfxrh62swnx849tvh7s1hzqkrwap13w2kb1vkkkr36mx7r33dpm0xab371ys213ktm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%26client%3Dca-pub-6983341711079297%26adurl%3D
Frame ID: 732CF1578353B3B38834CAE2FDC945DC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A45DB5AFB7FE7CFE19B93647F7AA0287
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7C73A59AC2809B1F0B6B678481A92325
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Frame ID: E368D15D29C677B96E55AB77E1DB8AD3
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d2e60f797cc8%26domain%3Dlogin-ed.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flogin-ed.com%252Ff1fa82bb4ea117c%26relation%3Dparent.parent&color_scheme=light&container_width=696&height=100&href=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&locale=en_GB&mobile=true&numposts=5&sdk=joey&version=v2.11&width=
Frame ID: 53477CAEFE0D316F479303D54A31B8EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D36982ED6FCB609F0506A765B2B182CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 734E2C0D88F4EC6A73368247D6EF6E0E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Comerica Hsa Account Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

97 %
HTTPS

59 %
IPv6

31
Domains

43
Subdomains

35
IPs

6
Countries

1904 kB
Transfer

4225 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEGR5V5R4N6IxJ5rGEhwKYHU&google_cver=1&google_push=ARnp8GB-RPp011eykbV9vIDg8Bf7f0roo5AUxrLSQj8onXMYKmlvkmwDIoElW22SR08guGudlbhLubVBW5C4vjVni-Aq23N52dioiw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GB-RPp011eykbV9vIDg8Bf7f0roo5AUxrLSQj8onXMYKmlvkmwDIoElW22SR08guGudlbhLubVBW5C4vjVni-Aq23N52dioiw&google_hm=Q0FFU0VHUjVWNVI0TjZJeEo1ckdFaHdLWUhV
Request Chain 104
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN1JPHScJJOJmtCowd4M0U4&google_cver=1&google_push=ARnp8GA2h6H7rkkQXEqEWKmjxwhIZ2tk4r8MCg6tosAImPgRjvneB1dS-Jg5ohS7Ge0npPAWKiAkW3kJBLR3Rn7d7mu5H_EimAUp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUySDM1ODQtMVUtMjlYRQ==&google_push=ARnp8GA2h6H7rkkQXEqEWKmjxwhIZ2tk4r8MCg6tosAImPgRjvneB1dS-Jg5ohS7Ge0npPAWKiAkW3kJBLR3Rn7d7mu5H_EimAUp
Request Chain 105
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED19z4MCpXmZPoWdJczk_YU&google_cver=1&google_push=ARnp8GDD8Bi7zU8Ww6y-6HVpUGHggtEU9_3bT3SIWaD_rNM-v76s3qtakGT6VgA1_N9HJsiTWaes9HvuA7PG0oL3mFqUw-qWBOk HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED19z4MCpXmZPoWdJczk_YU&google_push=ARnp8GDD8Bi7zU8Ww6y-6HVpUGHggtEU9_3bT3SIWaD_rNM-v76s3qtakGT6VgA1_N9HJsiTWaes9HvuA7PG0oL3mFqUw-qWBOk&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED19z4MCpXmZPoWdJczk_YU&google_hm=Yr7yHpsiQYF4yYjDD0K2TQAADMoAAAIB&google_nid=index&google_push=ARnp8GDD8Bi7zU8Ww6y-6HVpUGHggtEU9_3bT3SIWaD_rNM-v76s3qtakGT6VgA1_N9HJsiTWaes9HvuA7PG0oL3mFqUw-qWBOk
Request Chain 140
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLC0_M_h1_gCFdPwuwgd4LkGfw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656680991_1796d6e1-f93f-11ec-aa12-2231088bd649
Request Chain 145
  • https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=412871&pv=1&pref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=177badc0-f93f-11ec-a709-2234153bf6e9&v=11354&r=412871&q=377133&s=2470167&viewref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1656680991_177badc0-f93f-11ec-a709-2234153bf6e9&insert=AW&&gdpr=0&gdpr_consent=

158 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request comerica-hsa-account
login-ed.com/ 		123 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash
445e2c55c9dc4c67b2e9b1657c1dab6ca860b675a2a1559b6bd2c412b1e577bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
723f60d12d7b912b-FRA
content-encoding
br
content-type
text/html
date
Fri, 01 Jul 2022 13:09:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGC0ICSZdRSqSbuqltSCpeSkXxw6eZWdFWtTgSE5%2FnPRXZz04tEKstnpcuaaNV9eMsYo2RkdgKeQoJ3Qa2GMGWaVogSZ4h%2BUknYsBsRpS2GAJRnZfptFpSUYGgla3ceNTzQ23%2BNMi2a7Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/5.5.9-1ubuntu4.29
js
www.googletagmanager.com/gtag/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EMLZPT8YRV
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00f38002a5df8e1507231c7b46ed916083b9c30841e88976f4c7031fe975a95d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71229
x-xss-protection
0
expires
Fri, 01 Jul 2022 13:09:48 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6983341711079297
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
948b27f8c51967ef2963111e0bc606bddae09bfc80ed395b7dff6174ba6b759f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Origin
https://login-ed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56485
x-xss-protection
0
server
cafe
etag
5695372261824575745
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 13:09:48 GMT
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23c517fd056578dbfcfb467356569042b52eecada6250cb83ab2e4f420aced89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 13:09:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Jul 2022 13:09:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Jul 2022 13:09:48 GMT
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 12:37:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Jul 2022 13:09:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Jul 2022 13:09:48 GMT
bootstrap.min.css
login-ed.com/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-ed.com/css/bootstrap.min.css
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Jan 2020 08:19:53 GMT
server
cloudflare
age
5377
etag
W/"2606e-59d571f1e2920-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuptIPnIHWyW2pyeBp3TpTMS6xkoz4M9JMefut%2Bw40y%2BL0y8kv4LMb7pzevruSdD%2F4XpY6cE0NTLTmM9D7yHyxZvHRkdTKLuaWunHx0V5TeKorGMvpBtGy9mm2wioCdVTsjLe%2Byq9R2Flg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
723f60d31854912b-FRA
style.css
login-ed.com/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-ed.com/css/style.css?v=1.8
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5057ef6939faa95ce1cf139cf79392e4169346dd3213317bd0900a3510e9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5377
cf-polished
status=cannot_optimize
last-modified
Fri, 26 Jun 2020 11:46:28 GMT
server
cloudflare
etag
W/"528c-5a8fb42719a59-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ovk3l09%2B%2FuWS9wVSntmxxb1QNGp58jbKBJ30Ip4jEqIIqG6UGpBMXWnQ9qqVtNw7Er3lWuuLuUSP028NPq%2B3nlOSctHA2GNhepUQV6pIdnmNfgK56JqgkbSNXCQmEqfInMlDVCpDRfHJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
723f60d31859912b-FRA
cf-bgj
minify
font-awesome.min.css
login-ed.com/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-ed.com/css/font-awesome.min.css
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Jan 2020 08:19:53 GMT
server
cloudflare
age
5377
etag
W/"7918-59d571f1e2920-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjbnbJAy%2BNcrq2sCr5sf448Vm5BUwuz97yIIAxP9vgLvggRH9RySETGBTUX7ftG2plmNYAsiNp0PvOHnsXeKk9tQo24acnthy%2FSNFJrbGRgoP%2Bv6LEUdaxJIYHMoP%2FvYQbGKpOhDFKohkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
723f60d3185a912b-FRA
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
75bdef5236d806f7464934d34db0e2e6212e98cb0edecd436a6b44aaec33ecff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
whE/hUk94kk9vMJXxAWGBw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
7xJ7HyAw6K3mrtq6pDNPGuWZYCDBPLyPr0oeI40MpO32lEFYTC7nIXAWeLPuyO1lyoqceOu0GWtG6iREHnePtg==
x-fb-trip-id
917726464
x-fb-content-md5
183500c523283c7e6c060fec4d921b44
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Jul 2022 13:09:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d2c9ce03c45d56b61d1f1ebabf014018"
timing-allow-origin
*
expires
Fri, 01 Jul 2022 13:28:30 GMT
login-ed2.png
login-ed.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-ed.com/login-ed2.png
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bed5d5dc4afef31fc2e28bad8314b42747884eb015573ce8bcbd5a0cf49efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5377
cf-polished
origFmt=png, origSize=11025
content-disposition
inline; filename="login-ed2.webp"
content-length
5344
last-modified
Thu, 01 Apr 2021 13:45:36 GMT
server
cloudflare
etag
"2b11-5bee9723ec107"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izK8VcUA0C%2FCBV59LHih5XGh79LIN8KcnbfcxGiSWxM5WsoQYDxO9F1uN3h%2FApSAXzZ0o86Y%2Byul2zKGHv%2F9PRONV659xPypQSaKjWxKNqTx9BA8ClBFjeqyFOgfuT5jy%2BgyKh3euvn3Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
723f60d33891912b-FRA
cf-bgj
imgq:100,h2pri
default.jpg
login-ed.com/img/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-ed.com/img/default.jpg
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6ac975d3bcf71bcd13ae1f515a204a2110409a08e6d3b003629447ca155660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5377
cf-polished
origSize=29890, status=webp_bigger
content-length
16740
last-modified
Thu, 30 Jan 2020 08:19:53 GMT
server
cloudflare
etag
"74c2-59d571f1db3f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fSxbOyj1bq5Dlf1cSA4IrcShHVlAGEnxiZowJAoVRqtgptfTgIlglEbimHhS7dX0XBR2DWbu9D3usVk4mKSSWoVpu1ZvkVYoim3eZNIB07wJ4vIF%2Ff3zyDmy8MpMSEjNb6B1eG3jL8I5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
723f60d33892912b-FRA
cf-bgj
imgq:100,h2pri
us.png
login-ed.com/flags/ 		498 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-ed.com/flags/us.png
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce3cae932470e22834c79e41d581388d1bc33824a0838cf20fd1e7163714b0b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5377
cf-polished
origFmt=png, origSize=609
content-disposition
inline; filename="us.webp"
content-length
498
last-modified
Sun, 09 Feb 2020 09:46:01 GMT
server
cloudflare
etag
"261-59e217d910701"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hS55xwFjjlt9XvIUSYanxhoGYGd%2BG4f6uDp0rzoeBEfqfk569QcMsbT2dg9KtjzDgTIiHJt3LQnKcm0%2FfEfHhxyaKieNw810zxGbaLQWIlBfcGesRvtlSN6NwEYwv9YsKnIHnetnWn5B7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
723f60d33894912b-FRA
cf-bgj
imgq:100,h2pri
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63be66d657e805d9d3e4960a46b4c13c3ddebaff7a01ba87a40efd8636fe6187

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
nopreview.jpg
login-ed.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-ed.com/nopreview.jpg
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fcfa1c54f29e567ed2804149c66e860f5b007c2a2fa042247edbe5db5b7b7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4577
cf-polished
origSize=5798, status=webp_bigger
content-length
5639
last-modified
Thu, 30 Jan 2020 08:19:53 GMT
server
cloudflare
etag
"16a6-59d571f24d2db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiKaiTxMRbZzjr%2BDZf2w6pNOIxOg7Pge1FVfglrXdPJ%2F4I3KYOTd1WbGk5C01p76GZlCsBY%2BQJTLOMmwQ4PLfrEn%2Bmp2xj0W33SiQN44dKQwGz6yMJVO7%2F4LQxnUHH%2BBiBvM540Q%2B5dWJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
723f60d3389b912b-FRA
cf-bgj
imgq:100,h2pri
login-ed-verification-stamp.png
login-ed.com/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-ed.com/login-ed-verification-stamp.png
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cf92027922a0bd26bb91e02ec37f0257d09ba9454a3262bfeb1251f4b714eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5377
cf-polished
origFmt=png, origSize=77197
content-disposition
inline; filename="login-ed-verification-stamp.webp"
content-length
40520
last-modified
Sun, 09 Feb 2020 09:04:40 GMT
server
cloudflare
etag
"12d8d-59e20e9b5ab16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSpQ47WmfBKct3BgEKq686tFBAPFKqJfOdBis0doszeLr3sWDfMt16bi8Tv6YU9ERG6MaxnKj4dbOY84JFdvDSwYSEX9KtmzTL3oS%2FAFFbWP2L6PawZEnmGDIFBTmMgzMtSuvmh4iPaKVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
723f60d358af912b-FRA
cf-bgj
imgq:100,h2pri
jquery.min.js
login-ed.com/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-ed.com/js/jquery.min.js
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Jan 2020 08:19:53 GMT
server
cloudflare
age
5344
etag
W/"15851-59d571f1d58cb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZiYE6BE%2F76yfrjCO2rB6Q%2BTnj43A0vU0a6kKppB3LCBmnRL0kwmSgmpMFakOVObhQBuzVRCBxTRG5jU0cwUVr2BM22qnRozX%2BrlAOooqNWCR0JXnWewbHaGPN0m%2BSGd%2B%2FaKd4zPknVi3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
723f60d358ab912b-FRA
bootstrap.bundle.min.js
login-ed.com/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-ed.com/js/bootstrap.bundle.min.js
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/comerica-hsa-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Jan 2020 08:19:53 GMT
server
cloudflare
age
5344
etag
W/"1332b-59d571f1d65d0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2l%2B%2F4LSywNjqO6Pz6rAxn0cxVFGwtJWKt9sXi1NKuaAYnFXHMMJayMT%2BSiRg1vSGmZNsxSHvzfCiou3A0Lkm8jFNw2JH8yaYCLjO4bWmHpJrsjw660VWmQj%2BcULOeoXLS%2B8kCFdjaFIztQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
723f60d358ae912b-FRA
date.png
login-ed.com/ 		144 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-ed.com/date.png
Requested by
Host: login-ed.com
URL: https://login-ed.com/css/style.css?v=1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1fa6c0b8c6bbade50e08b760f92c94eb3178d62ef58b0ff05a682be2d3c9a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/css/style.css?v=1.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5377
cf-polished
origFmt=png, origSize=474
content-disposition
inline; filename="date.webp"
content-length
144
last-modified
Sun, 09 Feb 2020 09:53:16 GMT
server
cloudflare
etag
"1da-59e21977bcd9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOczOniYrXgL4FhG6S4W3CxBFyWGtZMdMfs%2FCWg3kN1Of1slr5mkdirvgMy1JgGWUXts4JbHwT8cKEGmsoWIpINUhn5Oa1JuSudQb2GwPWbieeyCkG5EYJZNiIKdl1fJjWM6nphkTTqyxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
723f60d40a08912b-FRA
cf-bgj
imgq:100,h2pri
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v27/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-ed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:08:30 GMT
x-content-type-options
nosniff
age
244878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31248
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:08:30 GMT
fontawesome-webfont.woff2
login-ed.com/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://login-ed.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: login-ed.com
URL: https://login-ed.com/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://login-ed.com/css/font-awesome.min.css
Origin
https://login-ed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Jan 2020 08:19:53 GMT
server
cloudflare
age
1632
etag
"fbd0-59d571f1e5d36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYDr6Z7TeIrEeSpgvDMbY2mn%2B9kC38YtAj6a5Jp0JlRAczLOfXB6KSNdSPrphyInu50qoDOq7Rxyua08LPCd4EyzOEAXevQNK%2BVumy1u8uq89b%2Fdaj9lkKizUqcC0CpzmWRaJYdH66egcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
723f60d40a10912b-FRA
content-length
64464
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-ed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
275046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:45:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login-ed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
324113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 19:07:55 GMT
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9aeb95cd86a1aaa08c9ef72e1e2d4d8def632a0932c866a2e01ad81a290c9542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9f212bbee3ef6838d34f5a285121c40cd6b8bf4d10f441ac96847e50c8ce4cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
715eef30719f5624e269c3a2b242e641739ba5853b71abb021e32e7370e394a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cfb7dd2a102ad5aad654357edda75bdf91a480a0f21fb4e980173fe45bf1fbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3557cfdce97f4028142a5b743fe75af3ee2ab3bb56bec97670105e4e0f25b7ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
sdk.js
connect.facebook.net/en_GB/ 		295 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=2eb683a1d7069ec28004052be70fd595
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
664a649d5439c10bb3c0f649ea6073331e1eb762fc317342b25ad186ea6230f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://login-ed.com/
Origin
https://login-ed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tNE7hXX4JrqbNch2Vyb5iA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86053
x-fb-rlafr
0
x-fb-debug
ZILVtnrbc0kVbTrJWOxLn1sOD6zQ7qX+x7rHn5davZI96HEj6IEQYDVNzNq93yzGmorFVI5w8ms5JWKgRebCTw==
x-fb-content-md5
1f1c2c29255097e12d60fc2e3df735f5
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Jul 2022 13:09:48 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2a48364bfb51b8f000cb53300dbbc3be"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jul 2023 11:29:58 GMT
collect
region1.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EMLZPT8YRV&gtm=2oe6t0&_p=375701359&_z=ccd.v9B&cid=1151177621.1656680989&ul=en-us&sr=1600x1200&_s=1&sid=1656680988&sct=1&seg=0&dl=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&dt=Comerica%20Hsa%20Account%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EMLZPT8YRV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login-ed.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6983341711079297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50c929fc07a54950c96cf5bacb6684486917177c24c797b7fd136526648a775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122509
x-xss-protection
0
server
cafe
etag
8299068367064060936
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 13:09:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/ Frame 61BF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6983341711079297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
77447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 15:39:02 GMT
etag
10429905676100781186
expires
Thu, 14 Jul 2022 15:39:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		216 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=login-ed.com&callback=_gfp_s_&client=ca-pub-6983341711079297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b6c57946b674124611aeeecfe87787bb3622438b4f4d9966e7a6c02881c93a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=login-ed.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=login-ed.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 108D 		44 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&adk=1812271804&adf=3025194257&lmt=1656680989&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988988&bpp=3&bdt=359&idt=250&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4256398597249&frm=20&pv=2&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53000b2c1dced96b93f97ec59e15641d74d5dbf0d9618cdf3ceb0889446a1565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
13694
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:49 GMT
expires
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 847E 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f41046afb57095a408c2d314bd8187389c9389376760429c8b6a24ca6a767b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9511
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:49 GMT
expires
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E679 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dabcb9bb2f7296124893379362fa48473ad67874eebf5c17e67f64cfb18b6c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9501
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:49 GMT
expires
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 847E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 12:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 12:47:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 847E 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 12:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 12:11:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 847E 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Jul 2022 13:09:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 847E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cy80zHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBM4BT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVK6k-h_9w7PdF0sp1pTf3Ei8g9FjYE-mqCyUhAasjnDiEQLMnIYOABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjk4MzM0MTcxMTA3OTI5NxgA&sigh=srg53TM54sA&uach_m=[UACH]&cid=CAQSGwCNIrLMmHGL_J68j5Vv4Q4nNPVpQH7YWpgu-RgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jul 2022 13:09:49 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 847E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RNoFmAKdg2ICAgAAABNorXtrSA7fEBzyvmJ6C1lNrzXd9_Yg6gASAAA&wp=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
server
Kestrel
server-processing-duration-in-ticks
335807
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8569 		200 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
429ddc8d42a00647e0857dfb9ea803b19560943a64e08c2b92a059cd7343062e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qHnNBAQSWl4oFgFtLoKrTL_od49chXZYGgfqsem-JIaH5K8SC3G0Oa05HZ6CTJfIVMLIC6znDpjBavH52QxXODRoGHNlmUr1Tr3Gje_UE2fOm2wBNuY0neVF2TBh7vLhhOX8-bjapqF1lIfIqDd2nZBuTK_eO5nYygCDVHnpHH2Y5iuUkCRpWiqfj0fuy41S-o-G3tM_kS0gh-dzaeiI_wU-kJernNhKxLKjYwMF-JngS-O24UUdqQUUZlJCz4MLR2LAKw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
101246323
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7a10f3308484bf4a7e5cd8933dd8481f06e29a0d5fd7766724e96f85656b691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54412
x-xss-protection
0
server
cafe
etag
4853903156716057056
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 13:09:49 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=login-ed.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=login-ed.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0E16 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c323f71a4bebab6c3a59387abd5683af37586fb2d08d58f4078b923e62e859d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12268
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AAAB 		436 B
233 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=50&adk=2324557374&adf=1662351331&pi=t.aa~a.1411169061~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x50&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=953&idt=1&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280%2C350x280&nras=3&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=2000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=3Fde2k0nhE&p=https%3A//login-ed.com&dtd=33
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d98bd7d9cc0bd26e0585b25450861ff79ef3f44a02ef16a05a5ac1e5fadbb0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E679 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 12:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 12:47:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E679 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 12:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 12:11:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E679 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Jul 2022 13:09:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E679 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYDIaHfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoEzgFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAOLObkLuBWtGdU0jVGLstxBsKs-5ZeiYcLXuSOCIWo-w-H1c-dEzYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02OTgzMzQxNzExMDc5Mjk3GAA&sigh=zjMV89H_if0&uach_m=[UACH]&cid=CAQSGwCNIrLMpPXuUIkjVdfs-R5ium6VWQUoHrlVxBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame E679 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RN4CmAKdg2ICAgAAANneH8bdL4hyEB3yvmL4cXsqHIBw9NNgrwASAAA&wp=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
server
Kestrel
server-processing-duration-in-ticks
246432
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 94A4 		178 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=5448699771&adk=2271198596&adf=2689116385&pi=t.ma~as.5448699771&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988993&bpp=1&bdt=364&idt=286&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Sqy5w028tj&p=https%3A//login-ed.com&dtd=290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ec8e8cabb4b63ba52be70aaaa7112f23b43718b300c916192aff4b258253899d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WhRZcAQSWl4oFgFtms7ctmJedRc4gA1ktcosoACV0e7L_qd2BjpNTgVrMBvFuw5Ja_lNSRKVihd0NQYjJN3buUHaZoMzbde5ReP9sT3rskAamcQ3fFN4YN9Iw4z6r6WmLYLMWZrWBqsvyhgDHxMpSIFO5A74guc540vzsW4niOwWwQAKMUZyiog8VUf4fOMXH-XP2X75g2tE4iTb6V3_PaLyLSvgDL-cbcCSIdxbRq_4wcLyS0pSXwtngLWwRc4GNzBKog"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
91610483
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/ Frame 9FE7 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
77189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Jun 2022 15:43:20 GMT
etag
10429905676100781186
expires
Thu, 14 Jul 2022 15:43:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 847E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
324dbf8130c8d19b88ee4d19670a09470ec4b513c0cc629227e74c5b7753eb15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 9FE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGui0HfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBM8BT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbC1IQAAaqqzwvTeePBY2RBq9hOYOo1IOP4BEYNWTvCgzaEIpx8uIzgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY5ODMzNDE3MTEwNzkyOTcYAA&sigh=ipV0gGGaC_E&uach_m=[UACH]&cid=CAQSGwCNIrLMmNqpboio70SP4oEU6Pz6S08FWjr3ZhgB
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 9FE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RO0HfJ2DYgICAAAAeOT6GpLECgUQHPK-YlWdp59wV6uFbt3QABIAAA&wp=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
server
Kestrel
server-processing-duration-in-ticks
305033
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 26BE 		186 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
173287b3ac89a7c0cc8d64dd3cb57b26e72e7fffbf94faec5d3f6beaa6159285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:49 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=58DmbAQSWl4oFgFtF1SYx8mnJa5SgasIjOKTiV43r_Ueso6VDdiPVm8UIVAkpBW7BL7DZfPM0e1ifKl_0ofCEI0TnfCuJd3X8Vpz9zMY1T7pydCxsknLENQbnX0rI6oHGXXhmcgKaZbP9hyJinFV1fwrpJswaKoJr3B-O_xivjj14MCrqAqnP_Onos8PJYSCz3DSfl7KW04oIS_QDzCpyRjiOPn-0_wnq4n6zmSyPakjmY9pjm6EMv6usT_GfPX7OShq7rEFi17QHBRO"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
137974318
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 9FE7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 12:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 12:47:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FE7 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Jul 2022 13:09:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 9FE7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 13:04:24 GMT
truncated
/ Frame E679 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de1d30970c0689cb235e5014a1b65fae043ef5d50bef4d2fbb5309766b68dc2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 9D73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CO3LsHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNQBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUKmeGr-houRFT_XNLFSfACUGW7YaCOImaI3xErg6TpjcbUqsiwSCABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY5ODMzNDE3MTEwNzkyOTcYAA&sigh=JybAYnLGmNg&uach_m=[UACH]&cid=CAQSOwCNIrLMQOHyEtm84tbXafjL_l46MGGxHV9mzaovNMc5iHcNSUIKumJzv7zIiGsZ9EW-rhds8xJY98NGGAE
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 01 Jul 2022 13:09:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 9D73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1ja68hy6v4dhdk0snpacs0p79fy1912evt5r7h65ga6d1cqrfwmymmqmm6nt7ptfcyw95rm3cw4ghpjj3rprhkdytzng4grcanrwd524qdhh586gbyfzs9b33ysnay1pjrvewt9r267nf0mp0d7he5785vxhgkjxzkehzy2edextdfe88gqd8621hx5bhjqv3020ajsrv7sp6fnxyfkekn6sne51kazaxhe3xk8ewkh3ar7hvg8j0kccch92ketaez061r40z26yf3b4k9y0b4mknhxx7r2y36h1f3j7mj8xkn92k96jpdhahhfxd03n8374rcrckqwrxjzz018caymgsc2hg5za03btxen9pxccysvddcrwv9d8f13eknsxaze26x41bts6d0xz0spg188&b=Yr7yHQAJ4U8H_Y7aAAGP_n93y3DmRxDob-t1gg
Requested by
Host: login-ed.com
URL: https://login-ed.com/comerica-hsa-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Jul 2022 13:09:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 732C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1grzt2fq076c2z9hmxkdv3wtgjsetvz9gc1rrmx7x9q5hjxrnkhq00qys01vcbw8zbas20get6hjds2yc5chdtv12f32hvxns2v4xaafa4x91t9vvmwscnptmhpfy5r2ye0x3s255jkyrxh4chgx1fmafbbadbr6edk2dnwend2r50rhanrfxf1xgrpwkq58zjk2rvfv89sevsy9kyge1653tz7zpztspm2nvtm0pm753mw8r21kpy2grd8sm9qbmveca8zddqr42pxrcpqz034gt0jztmvdm5xes64y18tspxayxykfyvyywn7mcf75tfemsvedq7qkavzy9hb174znqvt8h4gvdfxrh62swnx849tvh7s1hzqkrwap13w2kb1vkkkr36mx7r33dpm0xab371ys213ktm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%26client%3Dca-pub-6983341711079297%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41c5f931d0cc3f94ebf177d170c0b1792030d284ff8ecf4a16872f8599b5b5c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
723f60db3ed29223-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 9D73 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 12:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 12:47:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A45D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 05:53:44 GMT
etag
48472445140208031
expires
Sat, 02 Jul 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D73 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Jul 2022 13:09:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 9D73 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Jul 2022 13:04:24 GMT
l
www.google.com/ads/measurement/ Frame 9D73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvTcr01SuDnBD8bQf9XTt7A2W_EaYhAayjVnPrbCKDtkKGQPonpILGQ2F1F9tzTmvEoKJbgn5vY8LDsKa31edCmu6Sbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
privacy_small.svg
static.criteo.net/flash/icon/ Frame 94A4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:49 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 94A4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:49 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 94A4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 26 Jun 2023 13:09:49 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 94A4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 26 Jun 2023 13:09:49 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 94A4 		0
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1656680989
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:50 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
mJcKUUWx4-8GXC_BDE3A18sca3231ic9K7gEsvhqNenrfXTfSJgh8w==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 94A4 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=54-I5KIgar3PdS5R9BM-mVDRxQU9JBK-G1c2gHXHJgYSQABTRQmUuA6K5XvfLtuRemO0eRelfAlknI805q9epvWw0zcCGDnRWN-l_2YosbU-yQI7ZlB_ZoQk14EJyHmXMbji270LaSSF3tbV-3d9_BjMb79TEfnKDTZjopWXSylbhIcVmg_I1Q72q5DZVrlM1cULYESFUPpJiGe7ra4rwUzKHlxuYKbT9OLPqGnRJsl7_9EXNSKRVsQXGNHnabFtiV68qw-Hzq5RxZrQZ0KJQ41CwL3CX7RaqMZLUsq4CBTeWuNFa-a3UCPAx8LBd6YjyIbfPYNMCElDNBfroS8lFRomFiy3JGTrnnwVIZ94Y9ivSSzpPG-Lk6IkMITamH4QqwAyJTuJpehXKx6CWJfFMnQLbABNxEiNKVvRiCl-hDRhAKYBNq-5FKbBFiAEZIYgqs5LgPIxIE_ueEPGrAOBrIfqpLI
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:49 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2725180
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 94A4 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:49 GMT
img
pix.eu.criteo.net/img/ Frame 94A4 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=696&s=o9Cx9FQCYw_Rwzo84yJFEa4N
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30371261
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
19171
expires
Sun, 18 Jun 2023 01:37:31 GMT
img
pix.eu.criteo.net/img/ Frame 94A4 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
server
Finatra
vary
Origin
content-type
image/gif
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
43
expires
-1
img
pix.eu.criteo.net/img/ Frame 94A4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=400&s=GdGTAr7UZCrAyx1v0-prh3mc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1807509
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1540
expires
Fri, 22 Jul 2022 11:14:59 GMT
img
pix.eu.criteo.net/img/ Frame 94A4 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=400&s=Y5UrGVI-PKzb_L9pX4wn0Fm8&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1661668
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1382
expires
Wed, 20 Jul 2022 18:44:19 GMT
img
pix.eu.criteo.net/img/ Frame 94A4 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoANDREAS-STIHL-AG-Co-KG-109625DE-2206021139.gif%3Feb%3D1&v=3&w=400&s=kG21DCZv5YW3CQLe9Za8UjUu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a89875fd6e2615e901875ea237ad1705270e6beb461986d5bd1d6ae4de60619a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1412
expires
Mon, 26 Jun 2023 13:09:50 GMT
img
pix.eu.criteo.net/img/ Frame 94A4 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoAUTO1-Group-122756DE.gif%3Feb%3D1&v=3&w=400&s=wSixxbTu0tVpgsfxHSay5C8B&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
28f12a5e97bafa06cf723dfa71a93daac27f33e6ef2929332d7320a9b2685007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1489801
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3420
expires
Mon, 18 Jul 2022 18:59:51 GMT
img
pix.eu.criteo.net/img/ Frame 94A4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoMercedes-Benz-Tech-Innovation-187061DE-2204010840.gif%3Feb%3D1&v=3&w=400&s=69KYvErI0zIChWfiYFBCtfZo&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ff25eb91fba3cc29f49813fb430d9ef4cf500ced505a9eb300cdd05c015b8b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2508498
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1664
expires
Sat, 30 Jul 2022 13:58:08 GMT
all
csm.eu.criteo.net/ Frame 94A4 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=WhRZcAQSWl4oFgFtms7ctmJedRc4gA1ktcosoACV0e7L_qd2BjpNTgVrMBvFuw5Ja_lNSRKVihd0NQYjJN3buUHaZoMzbde5ReP9sT3rskAamcQ3fFN4YN9Iw4z6r6WmLYLMWZrWBqsvyhgDHxMpSIFO5A74guc540vzsW4niOwWwQAKMUZyiog8VUf4fOMXH-XP2X75g2tE4iTb6V3_PaLyLSvgDL-cbcCSIdxbRq_4wcLyS0pSXwtngLWwRc4GNzBKog&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Jul 2022 13:09:49 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 94A4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 94A4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8569 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8569 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8569 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 26 Jun 2023 13:09:50 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8569 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 26 Jun 2023 13:09:50 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8569 		0
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1656680989
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:50 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
YHvIrsQDC4vV86AE5V5JLLG_YNE7CBNCnVPVQmLbVZF56q4aChe-vg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 8569 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZukWkKIgar3PdS5R9BM-mVDRxQXgMHQSITU8RkAzrxrNMAvLofBLfOm2eDdeigMJ3bYH7Q0rifsN_3sb1b67XpjBDh6gaK-YAsFlpRAxe1cVJiBlYO8Rq6ogW8xyVvB5CO2htFSMvYN2WDPqsqzcRT_uR9bWI4pakZNMrCuE0LqukWb6nYxrf8Pr5s83r77HS39V7zuH77TuwqrCvygIauo-DSph54ObiZKKQYjazyYSX7APkKdKs0gI7Q7UQfkivx6iaeTKAX-gbSGjbrfsKYqI3XLtiwsTGgkYUTiRluT8eo_MwMvaMMZ7pjPzfofWUZaQjzINgA1T1jMk2sSdq09iMHl7HfzvlFkVAXW22WkMa_iHFvViLLpY-DOvR7oU3Vu9HzhFjEceZUe4-xYYxTN_nMU1-yG3dSdQGGdEO0kytIHyYaTNZYHKgd7A2oM8liLKEQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:49 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2729805
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 26BE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 26BE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 26BE 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 26 Jun 2023 13:09:50 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 26BE 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 26 Jun 2023 13:09:50 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 26BE 		0
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1656680989
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:50 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
L5w7n-OZ4f3hoCkohUreEj4r3btNMdAMN2LFdQfk3JneYYGOQXSGhg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 26BE 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DdWxNPEQXosB4o_DSZQa_qdMyZ5CbOSSr_3mMfpW50TZ7oWmUknV1pK6U8ZWg0E3TEsV8AB-khd4VIannC2LwECpd0VHhZVXFRZJ7bxZ4H6Ill-DzvqeZ2qd0jPE5Goj_iPUSOQyTS1SXTekW-_sINkHnhwTMaCj2VxPiM7fEvP0SLhFIitaHR8VcA1239Tnp6gXkyX72PB2H66DI9eMyHZNjujYjNklS3-pQRw26Y5AESnjPDNKniGIlcoYG21vb3U9w3EGiwqlwa9Mj4U9o_w349z-Yev8LOV28zNu1eoRjbfiU6HznYkcg7nK1es5uEBkJIy4nzXjbykLX5FEagP1EFkqi-HNqp6uUPrZeN-ps3oGkLxKl9tvbytX3Swshk4t5kOYsuU-cyKzYBKLQ91lk3V01hvj8lfteFskhSRm01d4DE68XE2kCEd4ziZlAJXyHw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:49 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2853726
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
dpixel
cms.quantserve.com/ Frame A45D 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEEpyduGtpCkXUG1ofrbwPk&google_cver=1&google_push=ARnp8GBAgQSrg8oj99kIlEh11yu9EgJxX5atLLN6KDtJtSZaDTQbrpS1zF6-QE-XTkXV2A9_Ot5KfuKD5UavUx8wMWIi5YrLKTgPZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A45D
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEGR5V5R4N6IxJ5rGEhwKYHU&google_cver=1&google_push=ARnp8GB-RPp011eykbV9vIDg8Bf7f0roo5AUxrLSQj8onXMYKmlvkmwDIoElW22SR08guGudlbhLubVBW5C4vjVni-Aq23N52dioiw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GB-RPp011eykbV9vIDg8Bf7f0roo5AUxrLSQj8onXMYKmlvkmwDIoElW22SR08guGudlbhLubVBW5C4vjVni-Aq23N52dioiw&google_hm=Q0FFU0VHUjVWNVI0TjZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GB-RPp011eykbV9vIDg8Bf7f0roo5AUxrLSQj8onXMYKmlvkmwDIoElW22SR08guGudlbhLubVBW5C4vjVni-Aq23N52dioiw&google_hm=Q0FFU0VHUjVWNVI0TjZJeEo1ckdFaHdLWUhV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Jul 2022 13:09:49 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GB-RPp011eykbV9vIDg8Bf7f0roo5AUxrLSQj8onXMYKmlvkmwDIoElW22SR08guGudlbhLubVBW5C4vjVni-Aq23N52dioiw&google_hm=Q0FFU0VHUjVWNVI0TjZJeEo1ckdFaHdLWUhV
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame A45D 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GDNwgGCPdWj_OCSMLXGblU58teIh1wZgws_ibxAyj2DecG4AE9TvPHlvqFuwSxZxNjMLE3Y6qo1Dmpwy4gd_lncjs_7bzn8Wg&google_gid=CAESEFWV8BPkwFNEC6itQjfsD0k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame A45D 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEM6zG7BtYvGJkRKxuIcQTeU&google_cver=1&google_push=ARnp8GAluIvAbETisIt8PxCr-nfusj_4SoRX1qBFjfHEB43ohOyEchTwOIZkwHL7lQrFLVl-HHnDfkd2o1BwWPhcO4zmaZx_COztZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:49 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
qpc9fa7d5l7krvsvjaid9bos2410sns2
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A45D 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIv_nVdlTnU3T3QT7pBGUJU&google_cver=1&google_push=ARnp8GA0um9AhYfMOPL2sxH4GlvJyyTiUbaCPXuloZIfpR8bh06jgLJCIu7XjB6tH6wxQYctdcV2nvwyExkpUUSTFhIBDwXEjSab3w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A45D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN1JPHScJJOJmtCowd4M0U4&google_cver=1&google_push=ARnp8GA2h6H7rkkQXEqEWKmjxwhIZ2tk4r8MCg6tosAImPgRjvneB1dS-Jg5ohS7Ge0npPAWKiA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUySDM1ODQtMVUtMjlYRQ==&google_push=ARnp8GA2h6H7rkkQXEqEWKmjxwhIZ2tk4r8MCg6tosAImPgRjvneB1dS-Jg5ohS7Ge0npPAWKiAkW3kJBLR3Rn7d7mu5H_EimAUp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUySDM1ODQtMVUtMjlYRQ==&google_push=ARnp8GA2h6H7rkkQXEqEWKmjxwhIZ2tk4r8MCg6tosAImPgRjvneB1dS-Jg5ohS7Ge0npPAWKiAkW3kJBLR3Rn7d7mu5H_EimAUp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDUySDM1ODQtMVUtMjlYRQ==&google_push=ARnp8GA2h6H7rkkQXEqEWKmjxwhIZ2tk4r8MCg6tosAImPgRjvneB1dS-Jg5ohS7Ge0npPAWKiAkW3kJBLR3Rn7d7mu5H_EimAUp
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame A45D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED19z4MCpXmZPoWdJczk_YU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED19z4MCpXmZPoWdJczk_YU&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED19z4MCpXmZPoWdJczk_YU&google_hm=Yr7yHpsiQYF4yYjDD0K2TQAADMoAAAIB&google_nid=index&google_push=ARnp8GDD8Bi7zU8Ww6y-6HVpUGHggtEU9_3bT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED19z4MCpXmZPoWdJczk_YU&google_hm=Yr7yHpsiQYF4yYjDD0K2TQAADMoAAAIB&google_nid=index&google_push=ARnp8GDD8Bi7zU8Ww6y-6HVpUGHggtEU9_3bT3SIWaD_rNM-v76s3qtakGT6VgA1_N9HJsiTWaes9HvuA7PG0oL3mFqUw-qWBOk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch2eCSCBwApY0bosgN1gTiblJCl1kBXb%2B9ldkoCTrNlNd30nR%2FcjuNq4qZjPeNT0I41SUX%2FEl%2B4QTnSqPkTgrQvEfTU9dF7de%2Bky1yIXc4jIob6236%2BTlB258sfbN2psL6ap1c%2FDj02jQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED19z4MCpXmZPoWdJczk_YU&google_hm=Yr7yHpsiQYF4yYjDD0K2TQAADMoAAAIB&google_nid=index&google_push=ARnp8GDD8Bi7zU8Ww6y-6HVpUGHggtEU9_3bT3SIWaD_rNM-v76s3qtakGT6VgA1_N9HJsiTWaes9HvuA7PG0oL3mFqUw-qWBOk
cache-control
no-cache
cf-ray
723f60de2993916a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame A45D 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMCKOhpRX3AeKyhbDLaWkyczMvHYWAzS9MWIbh-_GpK7sSZ-h8b32BvfeYTj_gLPnAQNGv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&adk=1414751727&adf=739478986&pi=t.aa~a.961368416~rp.4&w=350&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&to=qs&pwprc=2130585636&psa=0&format=350x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680989581&bpp=1&bdt=952&idt=-M&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7755599a4afb09a7-2255fc94c3cd0052%3AT%3D1656680989%3ART%3D1656680989%3AS%3DALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q&prev_fmts=0x0%2C730x280%2C350x280&nras=2&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=U8ANLCRRA6&p=https%3A//login-ed.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 732C 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1grzt2fq076c2z9hmxkdv3wtgjsetvz9gc1rrmx7x9q5hjxrnkhq00qys01vcbw8zbas20get6hjds2yc5chdtv12f32hvxns2v4xaafa4x91t9vvmwscnptmhpfy5r2ye0x3s255jkyrxh4chgx1fmafbbadbr6edk2dnwend2r50rhanrfxf1xgrpwkq58zjk2rvfv89sevsy9kyge1653tz7zpztspm2nvtm0pm753mw8r21kpy2grd8sm9qbmveca8zddqr42pxrcpqz034gt0jztmvdm5xes64y18tspxayxykfyvyywn7mcf75tfemsvedq7qkavzy9hb174znqvt8h4gvdfxrh62swnx849tvh7s1hzqkrwap13w2kb1vkkkr36mx7r33dpm0xab371ys213ktm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1grzt2fq076c2z9hmxkdv3wtgjsetvz9gc1rrmx7x9q5hjxrnkhq00qys01vcbw8zbas20get6hjds2yc5chdtv12f32hvxns2v4xaafa4x91t9vvmwscnptmhpfy5r2ye0x3s255jkyrxh4chgx1fmafbbadbr6edk2dnwend2r50rhanrfxf1xgrpwkq58zjk2rvfv89sevsy9kyge1653tz7zpztspm2nvtm0pm753mw8r21kpy2grd8sm9qbmveca8zddqr42pxrcpqz034gt0jztmvdm5xes64y18tspxayxykfyvyywn7mcf75tfemsvedq7qkavzy9hb174znqvt8h4gvdfxrh62swnx849tvh7s1hzqkrwap13w2kb1vkkkr36mx7r33dpm0xab371ys213ktm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%26client%3Dca-pub-6983341711079297%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
612727
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
723f60dc8a9e9a15-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 732C 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1grzt2fq076c2z9hmxkdv3wtgjsetvz9gc1rrmx7x9q5hjxrnkhq00qys01vcbw8zbas20get6hjds2yc5chdtv12f32hvxns2v4xaafa4x91t9vvmwscnptmhpfy5r2ye0x3s255jkyrxh4chgx1fmafbbadbr6edk2dnwend2r50rhanrfxf1xgrpwkq58zjk2rvfv89sevsy9kyge1653tz7zpztspm2nvtm0pm753mw8r21kpy2grd8sm9qbmveca8zddqr42pxrcpqz034gt0jztmvdm5xes64y18tspxayxykfyvyywn7mcf75tfemsvedq7qkavzy9hb174znqvt8h4gvdfxrh62swnx849tvh7s1hzqkrwap13w2kb1vkkkr36mx7r33dpm0xab371ys213ktm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=8tWKlw==, md5=6aWQ1AqH0xLbzdUzNXv+Gg==
date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3177
x-guploader-uploadid
ADPycduV9OVPTOEY_VwxXxfyIrqxVgn3dqiFMz7kUXsBmUezo_0C-AxkWu9YhtySJxu6twXVjjtNeygPt3KJ2LxvZhIy5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jun 2022 12:16:17 GMT
server
cloudflare
etag
W/"e9a590d40a87d312dbcdd533357bfe1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuoQ1aAZYGc6aFgEimG8hgT61hVVNeCI7K3RkNIlRAzFROCmXSRTR4PCNIXgfbR5gqI3Rb2RvDNYakrE0QDJe20snEMFniK7fKPrxH%2BH7RUrzHlBoMRSZT%2Bgf5TWHrvP%2BRjYifk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1654863377140818
content-type
application/javascript; charset=utf-8
expires
Fri, 01 Jul 2022 12:16:53 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11896
cf-ray
723f60dc3fe99223-FRA
cf-bgj
minify
animejs.js
static.criteo.net/animejs/ Frame 8569 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
img
pix.eu.criteo.net/img/ Frame 8569 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=nkm37OBN4xyh5x9UPHeLVYZl
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29188109
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Sun, 04 Jun 2023 08:58:20 GMT
img
pix.eu.criteo.net/img/ Frame 8569 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=800&s=FY_Xq1rXG9nv3yEjzamNMYZX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
server
Finatra
vary
Origin
content-type
image/gif
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
43
expires
-1
img
pix.eu.criteo.net/img/ Frame 8569 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=800&s=vpGm_seSEYg5jupcMbmNinfn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1807509
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1540
expires
Fri, 22 Jul 2022 11:14:59 GMT
img
pix.eu.criteo.net/img/ Frame 8569 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=800&s=5ZBJ5qniP8NhN_Q2K8FX3HYz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:47 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1661670
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1382
expires
Wed, 20 Jul 2022 18:44:19 GMT
img
pix.eu.criteo.net/img/ Frame 8569 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoANDREAS-STIHL-AG-Co-KG-109625DE-2206021139.gif%3Feb%3D1&v=3&w=800&s=v60fze7rGZt27hXoS_YOMLWd&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a89875fd6e2615e901875ea237ad1705270e6beb461986d5bd1d6ae4de60619a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1412
expires
Mon, 26 Jun 2023 13:09:50 GMT
img
pix.eu.criteo.net/img/ Frame 8569 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoAUTO1-Group-122756DE.gif%3Feb%3D1&v=3&w=800&s=biSWAUzEAsLLaaZs-sd0Xlz-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
28f12a5e97bafa06cf723dfa71a93daac27f33e6ef2929332d7320a9b2685007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:48 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1489802
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3420
expires
Mon, 18 Jul 2022 18:59:51 GMT
img
pix.eu.criteo.net/img/ Frame 8569 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoLufthansa-Technik-Logistik-Services-GmbH-55189DE.gif%3Feb%3D1&v=3&w=800&s=tavga2kcXo3h0DAZhNKhyt3W&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7be63a69b522d1e24c1dd321dc597fd5a552b0ba3bc5246ae6f926df7a20cb50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=194855
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2206
expires
Sun, 03 Jul 2022 19:17:25 GMT
all
csm.eu.criteo.net/ Frame 8569 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=qHnNBAQSWl4oFgFtLoKrTL_od49chXZYGgfqsem-JIaH5K8SC3G0Oa05HZ6CTJfIVMLIC6znDpjBavH52QxXODRoGHNlmUr1Tr3Gje_UE2fOm2wBNuY0neVF2TBh7vLhhOX8-bjapqF1lIfIqDd2nZBuTK_eO5nYygCDVHnpHH2Y5iuUkCRpWiqfj0fuy41S-o-G3tM_kS0gh-dzaeiI_wU-kJernNhKxLKjYwMF-JngS-O24UUdqQUUZlJCz4MLR2LAKw&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Jul 2022 13:09:50 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8569 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8569 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
animejs.js
static.criteo.net/animejs/ Frame 26BE 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
img
pix.eu.criteo.net/img/ Frame 26BE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=800&s=vpGm_seSEYg5jupcMbmNinfn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1807509
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1540
expires
Fri, 22 Jul 2022 11:14:59 GMT
img
pix.eu.criteo.net/img/ Frame 26BE 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoANDREAS-STIHL-AG-Co-KG-109625DE-2206021139.gif%3Feb%3D1&v=3&w=800&s=v60fze7rGZt27hXoS_YOMLWd&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a89875fd6e2615e901875ea237ad1705270e6beb461986d5bd1d6ae4de60619a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1412
expires
Mon, 26 Jun 2023 13:09:50 GMT
img
pix.eu.criteo.net/img/ Frame 26BE 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=800&s=5ZBJ5qniP8NhN_Q2K8FX3HYz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1661668
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1382
expires
Wed, 20 Jul 2022 18:44:19 GMT
img
pix.eu.criteo.net/img/ Frame 26BE 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=800&s=FY_Xq1rXG9nv3yEjzamNMYZX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
server
Finatra
vary
Origin
content-type
image/gif
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
43
expires
-1
img
pix.eu.criteo.net/img/ Frame 26BE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoAUTO1-Group-122756DE.gif%3Feb%3D1&v=3&w=800&s=biSWAUzEAsLLaaZs-sd0Xlz-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
28f12a5e97bafa06cf723dfa71a93daac27f33e6ef2929332d7320a9b2685007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1489800
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3420
expires
Mon, 18 Jul 2022 18:59:51 GMT
img
pix.eu.criteo.net/img/ Frame 26BE 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=YDZD8YNsk-thdpVjdHXSz5nU
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:49 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29188109
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Sun, 04 Jun 2023 08:58:20 GMT
img
pix.eu.criteo.net/img/ Frame 26BE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoM-M-Software-GmbH-24210DE.gif%3Feb%3D1&v=3&w=800&s=Ma1yHPzHsk6dACfz3WU3Mvlu&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2f27f0a2ebcd6e8cb2b682750bcf5d073b033dbcecbca0b8431176609d889da2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=3046
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3214
expires
Fri, 01 Jul 2022 14:00:37 GMT
all
csm.eu.criteo.net/ Frame 26BE 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=58DmbAQSWl4oFgFtF1SYx8mnJa5SgasIjOKTiV43r_Ueso6VDdiPVm8UIVAkpBW7BL7DZfPM0e1ifKl_0ofCEI0TnfCuJd3X8Vpz9zMY1T7pydCxsknLENQbnX0rI6oHGXXhmcgKaZbP9hyJinFV1fwrpJswaKoJr3B-O_xivjj14MCrqAqnP_Onos8PJYSCz3DSfl7KW04oIS_QDzCpyRjiOPn-0_wnq4n6zmSyPakjmY9pjm6EMv6usT_GfPX7OShq7rEFi17QHBRO&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Jul 2022 13:09:49 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 26BE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 26BE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:50 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Jun 2023 13:09:50 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 732C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Fri, 01 Jul 2022 13:09:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13585272
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gC7%2BAONIPE41gTqJxDs9a3byZu9D6y6%2BVbCIANSkmbWCNL91QcN%2FwHy3XTCkrGn8HorZ3r7d%2F1FZq42rDRTbNZ4Czb5kkjowOt5c1so96B6%2FbSc1ut1VdwDr1exyzIC%2FtqKt8NORss0AtUZIW7RV34rq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
723f60debc076958-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
frame.html
ad4m.at/ Frame 7C73 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
417031
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
723f60de5db29a15-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 01 Jul 2022 13:09:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 01 Jul 2022 14:09:50 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc6IeugfR428bHZBret6UIBy%2BKpmWGNtwe%2FBHHxzgfgRBZnw%2Fdtim7e8c0jEfQOkbKfkxYmrWoBXMbrHfjxvC3KmqRArSblQRt4ZfK5yluJ7wX%2Fw3T6%2Bn1pbuAfcKT02ykZIius%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdtpjC_BIP2JYJZvmIEVoowNNyTqNe6BE0JRdKJ1uhQ6k3Yfe6DPCN0GjBPS_zYil04QuBTjwG5dQACzvgbqPw78EHDYzg
rs
ad4m.at/ Frame 732C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77d1f221709f0c060d0f235a0d1f104fe1d842f5a052960a8155001d6c92cd0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
723f60df6cdd9165-FRA
date
Fri, 01 Jul 2022 13:09:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1werG6DgZVYWn3dSARLG7CD6zzvPLY8a7lVkV%2B8eK6S7D%2B95kGuse0DpKYkPt3lORrvQJwiEVX3lTI6FesxM5knqcKhbB32QWU9hbbfmVQ1GGNb89zVy9C%2Bgc8gsKvEA2yuFOg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-w6qz
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
723f60df0c619165-FRA
content-length
24
content-type
text/plain
date
Fri, 01 Jul 2022 13:09:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FT8E9u3zJbl1MK1nY%2BdTnljsVLbpHBBkG3rvM0Z9Aw%2FW6xLii3vfaLDDWKDJzxyBciNY3RF9m%2FE7nvIOfwa1bBmJZtbiiDhyDOJ1h1F6xCaUEUT7KsWi1Gv9CEc2obP%2Bm38oOE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-w6qz
rar
as.ad4m.at/ad/ Frame E368 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19ee84f35f4d29387c19da08165608252a10d06e6333707ed02964c17e3e2875
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1grzt2fq076c2z9hmxkdv3wtgjsetvz9gc1rrmx7x9q5hjxrnkhq00qys01vcbw8zbas20get6hjds2yc5chdtv12f32hvxns2v4xaafa4x91t9vvmwscnptmhpfy5r2ye0x3s255jkyrxh4chgx1fmafbbadbr6edk2dnwend2r50rhanrfxf1xgrpwkq58zjk2rvfv89sevsy9kyge1653tz7zpztspm2nvtm0pm753mw8r21kpy2grd8sm9qbmveca8zddqr42pxrcpqz034gt0jztmvdm5xes64y18tspxayxykfyvyywn7mcf75tfemsvedq7qkavzy9hb174znqvt8h4gvdfxrh62swnx849tvh7s1hzqkrwap13w2kb1vkkkr36mx7r33dpm0xab371ys213ktm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%26client%3Dca-pub-6983341711079297%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
723f60dfdfe49a15-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
all
csm.eu.criteo.net/ Frame 94A4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=WhRZcAQSWl4oFgFtms7ctmJedRc4gA1ktcosoACV0e7L_qd2BjpNTgVrMBvFuw5Ja_lNSRKVihd0NQYjJN3buUHaZoMzbde5ReP9sT3rskAamcQ3fFN4YN9Iw4z6r6WmLYLMWZrWBqsvyhgDHxMpSIFO5A74guc540vzsW4niOwWwQAKMUZyiog8VUf4fOMXH-XP2X75g2tE4iTb6V3_PaLyLSvgDL-cbcCSIdxbRq_4wcLyS0pSXwtngLWwRc4GNzBKog&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAFy4sIu8lIAA_k9h62csV7S2Ynu28I-g&u=%7CrXECne8vcZHCbE5ULZJs0H95DM4Icp1PHl5XkvafU8A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGtcfZ37Vv3gJuuQOoOmUNppe5FXi83hxPNPFbZD3SwAQPUbsCPZetjmSVyY__L37om-MvO6tOgfm9Uo5zEDhWmK7--PHnBjRXBE4N5TKiZBMaLJ28o9jVbJLclibYs6_pqZiz-VoSc5VuzbH4NeBZU9vYPshnllMk3Jtl8wfYHB6lBO9hcMSn6jo8CrS7yv2KJyt7uwnOc_LWnU2usSETqVo5fAYPPsEqLGGNyCQVN7k6MP9pbd8MyA-0legVjgURwOC8URxYg63X_B-RfiZyBBqXXzFIY-99knTWQOWl01VblKRYmP3ZUP7C3O538a8OrT68gvFG-s6X0hoL_lOD9p7fdzryTlgAnhscL2cCSSelYaHqxLEh4VV5OcQsFPi-YVmMMP_c38qwxBeTXdPZwA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtR0HfK-YouXF8iS7_UP9sm_mAnJntKxXPXalvdwwI23ARABIABglYKAgLQHggEXY2EtcHViLTY5ODMzNDE3MTEwNzkyOTegAdW20uoDyAEJqQIZU_Ivho6xPqgDAaoE0QFP0JOdk7jXmuI-IyXkxPu4aCrBUBiQKg-O4e15BE7G04Hp12nCLo0hCNHBRl5Y-uTLye1eLoAwkRPQiV5n95dWUFsvJZvHYTtphbU6Pu8aWFd6XK83E73kZW2-sYrcQNW3_qVwkylBT3jt1KaHM3NFinCq7qz4sEI4SXQEnXHxsMJR2IZPk99O1TtRtzOHzxB0HmwQTwDvIoUtily6WYbehvHYvXZFsAPJO5iZP5oxCmqomfJbj3q5ub80U52MeUBjcR4k09Ug7_lw2WNXcpUpHYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_24sZjMaRrxMIbKWmdguFSbZq0Zkw%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Jul 2022 13:09:50 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame E368 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
612728
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
723f60e36e2a9a15-FRA
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame E368 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Fri, 01 Jul 2022 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
891859
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdvyrD76zM0ofRFxVwKqUCCK33vKt7ZgIwFZDsISQ_WjWlbRuEcUaND1uk-1KHbyAvdLjQM5A_MFZ3F3c4vDGUH1jQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRlQdrsQRpq9m4%2BL%2FaEGGmxCJu0nb4jwsZJxeGw7XaWiwea%2Fjdn%2ByhiuryE4z6bflRkTQAJ42aQKBi3e1vhq%2BzPGAeHhKnz2FMX%2FOTStBHmHREpuuZQvJoMujZ4lV4ZYxtEi26gVRziP7Bm9"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Sat, 02 Jul 2022 13:09:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
723f60e3798e9223-FRA
cf-bgj
imgq:85,h2pri
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame E368 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date
Fri, 01 Jul 2022 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885177
cf-polished
qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid
ADPycduW8OTw_d7UjB9lcnkHF7H2XWH3QtkHqkMQkhEKh2Se4FhaXbsWVbl8mTa3l42JHvqzfvcW0Jr1rwS9U9_1QaNYAphFTIGh
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30226
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCdPpTRdgz7LVtNrZcEiz3j80smCKnUdv%2BWkUB5axER9gPtwLsl0gIWa%2BzEIhsiC3f4ZSB1Gqn%2FjrWUFiMrKV6WKrRvPWCNyScxaJO1J%2B0JZ81jk29VoxhfeWmvDvYDfgV%2Fqo72aG3%2FRUNiG"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586422222365290
content-type
image/webp
expires
Sat, 02 Jul 2022 13:09:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
81547
accept-ranges
bytes
cf-ray
723f60e3798f9223-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame E368
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLC0_M_h1_gCFdPwuwgd4LkGfw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656680991_1796d6e1-f93f-11ec-aa12-2231088bd649
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656680991_1796d6e1-f93f-11ec-aa12-2231088bd649
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Jul 2022 13:09:51 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Fri, 01 Jul 2022 13:09:51 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656680991_1796d6e1-f93f-11ec-aa12-2231088bd649
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame E368 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Fri, 01 Jul 2022 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
891862
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdurfPe0vuQBUFo4qh5lUBC-JQKYB4G4pzBmKtHIGO53tYWHYEZFCw8P9dNiM6KbzdDLjQNEq6xQyDBXl2n82CguBw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NrXAs%2BZrTEHRGkVe9iZCvkAZ8b9nSr1f9%2BvWartVhl28TCWv5EVX9B6R3KU2MBUO7hq00gFbQ5VvWqU0wFFF63%2BERya%2FoJW0fca7ytizHrtq9W3wxYImNGW%2B3DL08aO%2Fu8Rlh6EeXL%2BwuWR"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sat, 02 Jul 2022 13:09:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
723f60e379949223-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame E368 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Fri, 01 Jul 2022 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185481
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdtZLUxD1St7sXk-EYespXLKb1_2k2_uAb02nvpX2rsuktJyd27hfzyYqfRDDXoeb15PzHJj0pqtmerHh9g5c2a9TSnMgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HqeRr%2FZh5sVqMvZAbjQDQR1heYXG4pmq2%2FKssECgQhZNlGDCNc2EizovfqEOKxRa6YB6g4ZIQ9ajMXDBLoH7YmCu6RwyZm1F3s0HcHojhscgx0UuS05qdXcrA3Qq9f2d3iLRwfxrnRcWrWT"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sat, 02 Jul 2022 13:09:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
723f60e379929223-FRA
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame E368 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date
Fri, 01 Jul 2022 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
893020
cf-polished
origFmt=png, origSize=39979
x-guploader-uploadid
ADPycdvhnCa-beI-41kVX-8AnMbEJV8-ORTCHZcvjpw04HLvKcCM_pvVCpUV4bhMsiPkaih1h-fpIcafwXIccXtKU9Ws-_FuMUoZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnZM%2BjfFEsbeQyAGXeqqh4I32EuvzOrq77cOXJ4vcKElyg0162JA4Df%2FedvVBMMNBl8%2BNceKOxs3%2FN5e5McUcen2zk%2BTOH8pOqgbHpRR8X9uEiu8afrDX7Tu6FHTuVi5oD%2BaeI7HMsENtDIo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698475785088
content-type
image/webp
expires
Sat, 02 Jul 2022 13:09:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
39979
accept-ranges
bytes
cf-ray
723f60e379909223-FRA
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame E368 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=KioGiw==, md5=gsfeD0L/Vf3QrMB3MWZAMQ==
date
Fri, 01 Jul 2022 13:09:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
894050
cf-polished
origFmt=png, origSize=342797
x-guploader-uploadid
ADPycdvleTXwclrlIPDxaQfXUqqSiAJ-AtdNdlqnECmsYRu8kAt9AZk2pYjbI0BKHk0ccn2u2iiBW9CR1VNUyJB7P8N7hw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIY5RgOTon0kxzXME7d04G2K9Tk2N5VxIIWzvsrQXbMB%2Fou%2BpBb2kEUd6Gt3h72ErTWS3GSTDhZxS8i%2F35Hrp9ZiB6s3nABIymDfMbjpSr%2BUSTupfgdQGW43pBrL90eNyWB9tVooz1f86iGe"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655301594016278
content-type
image/webp
expires
Sat, 02 Jul 2022 13:09:51 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
342797
accept-ranges
bytes
cf-ray
723f60e379959223-FRA
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame E368
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=412871&pv=1&pref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=177badc0-f93f-11ec-a709-2234153bf6e9&v=11354&r=412871&q=377133&s=2470167&viewref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&pv=1&gdpr=0&...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1656680991_177badc0-f93f-11ec-a709-2234153bf6e9&insert=AW&&gdpr=0&gdpr_consent=
0
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1656680991_177badc0-f93f-11ec-a709-2234153bf6e9&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:51 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
654251001
cf-ray
723f60e65f9a6907-FRA
expires
-1

Redirect headers

Date
Fri, 01 Jul 2022 13:09:51 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1656680991_177badc0-f93f-11ec-a709-2234153bf6e9&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
link.html
track.webgains.com/ Frame E368 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h00249by38xstxp9ndh5ymxm2esd8g3r4r69p58ys85h8jtenacaq3528jmyv1f1efw0ha6y0854e5txdbpj31ye3844bkxhyg7y67n8db5zveppve61crmdnz6m3wjznjq5sv6jm7xpss8zr9ysvky16btt8xt4xawnqjnbfscqa97g5ncxbcpp31cy3w2s5np0sxmwxd604692xn4wy6vrg0xpdd5b5ykynh5f9y86zp588v65ae9cc340nmq10%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%252526client%25253Dca-pub-6983341711079297%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
2ff2295c0061931b343348a51deae28dbf3eb8183fc46aca8c515dc42459ccb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Jul 2022 13:09:51 GMT
Last-Modified
Fri, 01 Jul 2022 13:09:51 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1376
Expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.eu.criteo.net/ Frame 8569 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=qHnNBAQSWl4oFgFtLoKrTL_od49chXZYGgfqsem-JIaH5K8SC3G0Oa05HZ6CTJfIVMLIC6znDpjBavH52QxXODRoGHNlmUr1Tr3Gje_UE2fOm2wBNuY0neVF2TBh7vLhhOX8-bjapqF1lIfIqDd2nZBuTK_eO5nYygCDVHnpHH2Y5iuUkCRpWiqfj0fuy41S-o-G3tM_kS0gh-dzaeiI_wU-kJernNhKxLKjYwMF-JngS-O24UUdqQUUZlJCz4MLR2LAKw&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF52AIu8mRAAh5TD-Rxr78yROwU6o81A&u=%7CrXECne8vcZEpUF9XTJsBCxw%2B1TbK5XQXiLvmcP9I3aI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGG6gw9WgZ0fRJVX1mxo8DL9avwE-WC_9R2szmsPAIvTBHDBlQqJdtjeg2XXdea40IlxA9ajlUo2C0SIoYf5Gqn1wXB47xI6j7UU5ms8L6Hd0BWKrL_cF0hWl0dwuabe4iNzwQI39iEvrT0Ed7v1Nq1VgX3fahvO1RiJmEQmhdaavgi-VqyQCuWD9J72Qq5Wh237rWJWUu4WaqHS_qyN8lTdb0fBvbrVzLpgKEYqS5w2k-FdWNiQn9mtBU4cUVGaXeWtXCgTqmRfDRrudDtAUlsubuASfdF8pyQFli-wern7CsMYPmOThJAfCGhRUHwVAh_hfyUEgua18Uc9d888y2E4kfjqfL5kl5lZ2foO-BJaaujaByhndNwZmOgBknIoe4hNh0Ztlc-nhOZGawwoVwYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwk7oHfK-YuDOF5GT7_UPzPKhoAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNEBT9BNb6T7-b2xrNdfanReF6z5u4BbOktAcBQVXRoQWDYEA3zB3slnYLmsFzCKsTfLtdcHz8Mrn-3Pa3LvagHBs2b1--2VEdK_xez6XtsjhxobROBqQjP3EzPGe7skoDOsePWyAsDfKYtgQjtci4Ex_2BcjuHkXe43xOQW3jHb0EWZdXrUu9wReoj-izQOd1Bu13ANXiTkjy_ozO84cn5VIfBQQqY4UQwVaasfFXj_cOT6Tt7WdQpR6iY0_u7SPfEov-0cp1mcghScxRmjMjx-OUGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0pQfk5nP2Ga8d6soKM1F0rN-dJ_Q%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Jul 2022 13:09:51 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 26BE 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=58DmbAQSWl4oFgFtF1SYx8mnJa5SgasIjOKTiV43r_Ueso6VDdiPVm8UIVAkpBW7BL7DZfPM0e1ifKl_0ofCEI0TnfCuJd3X8Vpz9zMY1T7pydCxsknLENQbnX0rI6oHGXXhmcgKaZbP9hyJinFV1fwrpJswaKoJr3B-O_xivjj14MCrqAqnP_Onos8PJYSCz3DSfl7KW04oIS_QDzCpyRjiOPn-0_wnq4n6zmSyPakjmY9pjm6EMv6usT_GfPX7OShq7rEFi17QHBRO&sds=2&rev=81891&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yr7yHQAF1nQIu-UuAAre8zry8cO67O4B2DZrMw&u=%7CrXECne8vcZGUkBNlDaVkTp3qi6tS43Ngg4GQhnVLBN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC866KtQCCgvIZGApFwVhOjtfOowdqDLrjwKZl8J6ooWUdXKDHJCgWw6QcwcDZmccNDDHTzU_Ne_jiIgJPgsCu1eBXg4IRHYYLCba4nLVctQfn4riMIhpWxjmNfi5T5W6PWfyYtWcB2vmya6BmkNoHgVc1xZGVRpjcCLLTOqw841RRoiobQWaJoZs-M6SXM3fO2bd0kf1Z19ycCqmtUkHqzjEGqZ9C5tf9ircC5Gy28wUJq6AicVDdYYyFk3lPANmY7qP-_cM2-C_Pu1rITw-3CGin9wzXFncmSH3PsqV7RUvYF6Xl5xqMzXoFGdpR-xOcPP6IFKRdpqsd9kUvfYP0O0mKF3aIYF2FCPfmYkwuDmYtIexwLVtjiIFyA1goqzVEv0-LgQYMjx5Y0lmVgBNgr0f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfmMOHfK-YvSsF67K7_UP872rqArJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHVttLqA8gBCakCA-8KDl-FsT6oAwGqBNIBT9CE0fzS4xm8mlx7o2CEE0DT2QC6HH3kwOXOFUKnkxpfDVGbiEAi41z1C0kEKPh3rtK7XketLqA2v8Gw_5hZAQQaM7aLg2ECHk81COYbF9tzwpAPRSq6Zv-q2uYIQ64QAlvuKEYeeOWcoj3SLnWK9ESUbF3vNQlO3rTAjxmvrPPmBquxeXI0yRg9E_pJNp11qLDLRchUG6rgXuceJHm9Zef2EwxnvHJbCxASIZQtJKA88nubpl2soFdoLYke3q2XYqXQCMIdtRL2CA_bdvGMXFxngAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0b1WJfL7UcIr6uRXAyFNcX5oh1KA%26client%3Dca-pub-6983341711079297%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 01 Jul 2022 13:09:50 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
truncated
/ Frame 9D73 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6afb02a0151e16f31ec5cab9d0bacb1cb40549fcffe03861656523528b6cb5b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9FE7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bf0b82510c3eeb4b733e8274ad5a68ff1f274e44987e6b691d258255f0d07d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
pvClk.min.js
analytics.webgains.io/ Frame E368 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h00249by38xstxp9ndh5ymxm2esd8g3r4r69p58ys85h8jtenacaq3528jmyv1f1efw0ha6y0854e5txdbpj31ye3844bkxhyg7y67n8db5zveppve61crmdnz6m3wjznjq5sv6jm7xpss8zr9ysvky16btt8xt4xawnqjnbfscqa97g5ncxbcpp31cy3w2s5np0sxmwxd604692xn4wy6vrg0xpdd5b5ykynh5f9y86zp588v65ae9cc340nmq10%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%252526client%25253Dca-pub-6983341711079297%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 13:31:25 GMT
server
AmazonS3
age
49109
etag
"8e0f444d427a5cc08c98fd04087e9847"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 01 Jul 2022 05:00:21 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
52117
x-amz-cf-id
6y9IfdNHgtiBtCsAKYWLvYNbrkR4q8DeCNWWbfQN4Hj1qr213eGwyA==
link.html
track.webgains.com/ Frame E368 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidgAPRh8frf9Y2fBCbH8t5trKQTmSjtmqdueoneid__adalliance_advancedad_728x90&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451%2C24673%2C188429&b=PxefBfbfM5Qa9HjHbtMtR5KaJS9TPM7Fp%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=bM4CQfZfmzVaYHbHzt8Cpb1tbSJT5WecJ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=300&d=250&e=&g=392c1ec65b682b9e691c189682f45ad2%2F3313891525731451452&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656680990645&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kr8nz9gnjba6tp7qshcfx3c2pmh7s4ymrzgn1b3f85f2fabtq5a78seg08fbt0m5s9awfp3q5ydmh1wwhqfnxwfpx0f2jzqk8pnfhkk4nazt7eqyv63errcmtshj9dqx6kra6ttk40b3txk9mj60pfp7m2s3ht283kfb03mbb00rtzj5xm62v3havqjmt99vrsf6zh1bk233k6vmka0mzv8pt7z0btzmeb5bpwtbetgg7sc8qfz505fvtcw7508b78z97629n51w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8CDEHfK-Ys_CJ9qd9u8P_p-GqAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTgzMzQxNzExMDc5Mjk3oAHCrujdA8gBCakCmq8ObZWNsT6oAwGqBNcBT9D-ftsn_r58a9j1rnEJglZZbqr3vmlDRdXQFVk5yECkW6cIylwJEhiOxwGjxZF4bPzCW1t_WQqN-_P9d77bEdr-0_h0jzC7W1qCpmlLrNA15BrPFpEqKVvX_9hX9EsxxbKzo7FaxxqhVFGJZnC2IBpzEd_qqGbhdJsbq37ChW04X1VLJGtswYgF1bCel7zQ5wwMwjaQCCZmI0LBLrvLNtplTDao9cS2LEtN7lMUaGWnPT-RPlGbejvdz25S-3iC5yuIFpFHo74NPPYHuBsDh3e9gei0VHiABvG6vsHMg5-1_AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Q7tJbaE6JTujB972vU-Mwi2BaTg%2526client%253Dca-pub-6983341711079297%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Jul 2022 13:09:51 GMT
Last-Modified
Fri, 01 Jul 2022 13:09:52 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
comments.php
www.facebook.com/v2.11/plugins/ Frame 5347 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.11/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3d2e60f797cc8%26domain%3Dlogin-ed.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flogin-ed.com%252Ff1fa82bb4ea117c%26relation%3Dparent.parent&color_scheme=light&container_width=696&height=100&href=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&locale=en_GB&mobile=true&numposts=5&sdk=joey&version=v2.11&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=2eb683a1d7069ec28004052be70fd595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Jul 2022 13:09:52 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
ofgmJf9pZe6jyu03ofudqpsrv/TXsIrmrf30Ah5tBKdTzGHQcCkXgpxEi+NiLdK3PoLqsEdA7lnM73bX70gEww==
x-frame-options
DENY
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220628&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
164ba0ad11cf6d80a16d12db6273bbad714669b7a7aef09d5187c6205d5a8963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Jul 2022 13:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10526
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6983341711079297&plah=login-ed.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Jul 2022 13:09:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D369 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 11:55:19 GMT
expires
Sat, 01 Jul 2023 11:55:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 734E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ce26a6294e55ce68e9775cdb5df561e97f85a8668615c8f3c3b90e92a44f92c5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6ID7fE6bCazOSg6n64Eunw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login-ed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-6ID7fE6bCazOSg6n64Eunw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 13:09:52 GMT
expires
Fri, 01 Jul 2022 13:09:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
pagead2.googlesyndication.com/bg/ Frame D369 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 12:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
2245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jul 2023 12:32:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 847E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH0v-wFR2jyyR7DBnwajG-Bf5hu9H3q8_IDVxSeLvmq4vRD8UBznqBdzE95wbIUY-KoOt77-V2HQANnOFmc98jxWsB&sig=Cg0ArKJSzLHoap7DKDT-EAE&id=lidar2&mcvt=1185&p=0,0,280,730&mtos=1185,1185,1185,1185,1185&tos=1185,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3094365979&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656680989276&rpt=2321&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FE7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8eE-HKpwCeFt5vEKlEP88klKBu47hGiAkBIIN4D_upQE2GUv5aWPxBeqM_lKJT74TFT5FStR1PiucYWnRqmLTr2uq&sig=Cg0ArKJSzA-w-X18mprJEAE&id=lidar2&mcvt=1147&p=0,0,124,1005&mtos=1147,1147,1147,1147,1147&tos=1147,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656680989644&rpt=1997&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E679 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_3uUfxf7r0TnSQ_32zm7HXfltodD-QpeASkJSSw_dmXr4wwhefClnGmtS611Vl_-appGROMNwDp_94zd0FGUiE-Q&sig=Cg0ArKJSzFYX9h95kpMREAE&id=lidar2&mcvt=1285&p=0,0,280,350&mtos=1285,1285,1285,1285,1285&tos=1285,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2271198596&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656680989284&rpt=2378&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Jul 2022 13:09:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame E368 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.31.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-31-24.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Jul 2022 13:09:53 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.31.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-31-24.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 01 Jul 2022 13:09:53 GMT
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 734E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220628&jk=1163717104548490&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D369 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?eSfyGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 13:09:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220628&jk=1163717104548490&bg=!iYqlis7NAAaLlKKnq5Q7ACkAdvg8Woz59raVlb26n2r5WI7iPQO51-E2AOFQcWa8MpP07OOwqhQFYwIAAAJgUgAAAAJoAQeZAszgqWVNSANH0c7uLFhojST8fQwr51VDPI4xttzn7ch7q6JFnJ4W8ChKj2XD4cy3Uj0sSoMNBMLBnw6hRRO9g89nsyBrBOZ4R91olnvLmndKqNHg_pD0-HirvXqVdqrJrJGJztrxMvhFDGtPYibU7LQkzvcsV1alJ0VB3ox0w0tbLIpcDo-lTPtu2yrau6Ft965asuY2wkbbY-yuuW5tcSv2ekdkD-9G9jvkT5DGrswxKtdOROrHFknbckGbFnHuYepiV4FfI-qENwbmXxVYNXtjhCLYJnBwmeaJ25vVffTb-Qqr7qn2EOlpdfviNq7bwRuM8L2C5RasRHdUcrV-75ooTemhMx-Hp9LMVt0AT5dRLw8KbPlkJIPr-t_T6HirhZh1-ncyEjq0hfDwW-s2CNfI2VPkKOM7Q7vDoc7R_Itt5w42SjaP9Ah8nAB8_VcxyjtIRsyqZhZj-dpqb1pEMUdQWniEGxj0LBDg__NFYpzJJcY-PoADVs7h9tSWuZps81CLVBCadlcKlKrG2WbVI5SFjn806MSeOdMocIvcYdBvWWSXul-feKVs-JuhaaXxiKgisEYV2pWdFAH9Ng0LNlah80GM3ux6yYOmTmcEC0zG7YA-Bq95OdahFptmIPQDHQ9T2o-OipY7olKrb78uG8cvn-d1y00umkw8XJEfVUbcsi2_2VEoGMmKiVE0lGGYcWkS_VvDmuxHM_ZRGp31_jpka3HD4TWmPPHOU98-mQl7mTx3FhAfPevDX_6XtPzrWVz6bhmFpUvLZiqDeZtrburOvyDZoKZi5YhkENiTaAj3G3EiDE-JGHo5ts8eht3M1VX8XP4Hv4uvD1NY5A8600EgDzZzf8R-nlzmQOce8DkA2KB9ESS3omsaiI5Uz6wk9xi9faBQdtiDyzrKH_EwXJO6fMzuUN_UpeHUsw8PFdT_FI4tOkKqlDrc6k1jrg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login-ed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| FB function| $ function| jQuery object| bootstrap function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

21 Cookies

Domain/Path Name / Value
.login-ed.com/ Name: _ga_EMLZPT8YRV
Value: GS1.1.1656680988.1.0.1656680988.0
.login-ed.com/ Name: _ga
Value: GA1.1.1151177621.1656680989
.login-ed.com/ Name: __gads
Value: ID=7755599a4afb09a7-2255fc94c3cd0052:T=1656680989:RT=1656680989:S=ALNI_Ma6GlQZgsfUg8EN7BsUThRaJ9Il7Q
.doubleclick.net/ Name: IDE
Value: AHWqTUnG05q_ZFJDfh-QZ6Nao8DhY8V9ejXKorQGHzi6lqEaUxzqjAJUHlsGqffpuCA
.quantserve.com/ Name: d
Value: EH8BCQHBJoEA
.quantserve.com/ Name: mc
Value: 62bef21e-2c18d-c1c36-3dcaf
.casalemedia.com/ Name: CMID
Value: Yr7yHpsiQYF4yYjDD0K2TQAA
.casalemedia.com/ Name: CMPS
Value: 3274
.casalemedia.com/ Name: CMPRO
Value: 3274
.agkn.com/ Name: ab
Value: 0001%3AJQZ4nEi0YPeQFQEnLl356gT3AdxdkzVp
.agkn.com/ Name: u
Value: C|0CEAqUa6eKlGungAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/ Name: CMTS
Value: 3390
.awin1.com/ Name: awpv11354
Value: 412871|1656680991|177badc0-f93f-11ec-a709-2234153bf6e9
.awin1.com/ Name: awpv11938
Value: 412871|1656680991|1796d6e1-f93f-11ec-aa12-2231088bd649
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.zenaps.com/ Name: awpv11354
Value: 412871|1656680991|177badc0-f93f-11ec-a709-2234153bf6e9
.zenaps.com/ Name: AWSESS
Value: 377133:2470167
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1656680991_1796d6e1-f93f-11ec-aa12-2231088bd649%22%2C%22sp%22%3A%22awin%22%7D
www.conrad.de/ Name: HTLP_timestamp
Value: 1656680991
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: KZ35RiMq8VnDVZ5I3bBK1_jnQEyuT1cRzYLuRLp1Nus-1656680991-0-AYtdXLxS70zHOVy8N/Fqsk/3vYX05KTyoLhr/LJga2cBcYZgfZH5z2RxEB5ebnCo67etrGef/GMe0vFt/WnkDPw=

6 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6983341711079297&output=html&h=280&slotname=4308105978&adk=3094365979&adf=4106258812&pi=t.ma~as.4308105978&w=730&fwrn=4&fwrnh=100&lmt=1656680989&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flogin-ed.com%2Fcomerica-hsa-account&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656680988991&bpp=2&bdt=363&idt=277&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4256398597249&frm=20&pv=1&ga_vid=1151177621.1656680989&ga_sid=1656680989&ga_hid=375701359&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068105%2C31065544%2C42531608&oid=2&pvsid=1163717104548490&tmod=235240112&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=FsE90ezWfk&p=https%3A//login-ed.com&dtd=283
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=400&s=NIvm77xmry_g62aq4_FPS5A1&b=400
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GDNwgGCPdWj_OCSMLXGblU58teIh1wZgws_ibxAyj2DecG4AE9TvPHlvqFuwSxZxNjMLE3Y6qo1Dmpwy4gd_lncjs_7bzn8Wg&google_gid=CAESEFWV8BPkwFNEC6itQjfsD0k&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=800&s=FY_Xq1rXG9nv3yEjzamNMYZX&b=400
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F%3Feb%3D1&v=3&w=800&s=FY_Xq1rXG9nv3yEjzamNMYZX&b=400
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cat.fr.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
login-ed.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rtb.nl.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.zenaps.com
104.111.239.217
104.18.18.126
13.225.78.56
142.250.186.130
148.251.139.77
172.217.18.102
178.250.0.139
178.250.0.160
178.250.0.162
18.195.144.156
198.47.127.19
2001:4860:4802:34::36
2600:1901:0:76b9::
2600:9000:21f3:7a00:1e:a43d:b640:93a1
2606:4700:20::681a:ad1
2606:4700:20::681a:ff4
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:7e05
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.186.253.211
35.244.174.68
46.236.35.87
52.50.31.24
69.173.144.138
00f38002a5df8e1507231c7b46ed916083b9c30841e88976f4c7031fe975a95d
03fcfa1c54f29e567ed2804149c66e860f5b007c2a2fa042247edbe5db5b7b7d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
164ba0ad11cf6d80a16d12db6273bbad714669b7a7aef09d5187c6205d5a8963
173287b3ac89a7c0cc8d64dd3cb57b26e72e7fffbf94faec5d3f6beaa6159285
19ee84f35f4d29387c19da08165608252a10d06e6333707ed02964c17e3e2875
23c517fd056578dbfcfb467356569042b52eecada6250cb83ab2e4f420aced89
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28f12a5e97bafa06cf723dfa71a93daac27f33e6ef2929332d7320a9b2685007
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2dabcb9bb2f7296124893379362fa48473ad67874eebf5c17e67f64cfb18b6c8
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f27f0a2ebcd6e8cb2b682750bcf5d073b033dbcecbca0b8431176609d889da2
2f41046afb57095a408c2d314bd8187389c9389376760429c8b6a24ca6a767b4
2ff2295c0061931b343348a51deae28dbf3eb8183fc46aca8c515dc42459ccb8
324dbf8130c8d19b88ee4d19670a09470ec4b513c0cc629227e74c5b7753eb15
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0
3557cfdce97f4028142a5b743fe75af3ee2ab3bb56bec97670105e4e0f25b7ee
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
41cf92027922a0bd26bb91e02ec37f0257d09ba9454a3262bfeb1251f4b714eb
429ddc8d42a00647e0857dfb9ea803b19560943a64e08c2b92a059cd7343062e
445e2c55c9dc4c67b2e9b1657c1dab6ca860b675a2a1559b6bd2c412b1e577bd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5057ef6939faa95ce1cf139cf79392e4169346dd3213317bd0900a3510e9fd
53000b2c1dced96b93f97ec59e15641d74d5dbf0d9618cdf3ceb0889446a1565
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61bed5d5dc4afef31fc2e28bad8314b42747884eb015573ce8bcbd5a0cf49efe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63be66d657e805d9d3e4960a46b4c13c3ddebaff7a01ba87a40efd8636fe6187
65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931
664a649d5439c10bb3c0f649ea6073331e1eb762fc317342b25ad186ea6230f5
6afb02a0151e16f31ec5cab9d0bacb1cb40549fcffe03861656523528b6cb5b8
6bf0b82510c3eeb4b733e8274ad5a68ff1f274e44987e6b691d258255f0d07d4
6cfb7dd2a102ad5aad654357edda75bdf91a480a0f21fb4e980173fe45bf1fbe
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
715eef30719f5624e269c3a2b242e641739ba5853b71abb021e32e7370e394a0
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
75bdef5236d806f7464934d34db0e2e6212e98cb0edecd436a6b44aaec33ecff
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7be63a69b522d1e24c1dd321dc597fd5a552b0ba3bc5246ae6f926df7a20cb50
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
948b27f8c51967ef2963111e0bc606bddae09bfc80ed395b7dff6174ba6b759f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aeb95cd86a1aaa08c9ef72e1e2d4d8def632a0932c866a2e01ad81a290c9542
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9d98bd7d9cc0bd26e0585b25450861ff79ef3f44a02ef16a05a5ac1e5fadbb0e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7a10f3308484bf4a7e5cd8933dd8481f06e29a0d5fd7766724e96f85656b691
a89875fd6e2615e901875ea237ad1705270e6beb461986d5bd1d6ae4de60619a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41c5f931d0cc3f94ebf177d170c0b1792030d284ff8ecf4a16872f8599b5b5c
b6c57946b674124611aeeecfe87787bb3622438b4f4d9966e7a6c02881c93a12
bc6ac975d3bcf71bcd13ae1f515a204a2110409a08e6d3b003629447ca155660
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c1fa6c0b8c6bbade50e08b760f92c94eb3178d62ef58b0ff05a682be2d3c9a73
c323f71a4bebab6c3a59387abd5683af37586fb2d08d58f4078b923e62e859d8
c77d1f221709f0c060d0f235a0d1f104fe1d842f5a052960a8155001d6c92cd0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
ce26a6294e55ce68e9775cdb5df561e97f85a8668615c8f3c3b90e92a44f92c5
ce3cae932470e22834c79e41d581388d1bc33824a0838cf20fd1e7163714b0b9
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
de1d30970c0689cb235e5014a1b65fae043ef5d50bef4d2fbb5309766b68dc2f
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8e8cabb4b63ba52be70aaaa7112f23b43718b300c916192aff4b258253899d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50c929fc07a54950c96cf5bacb6684486917177c24c797b7fd136526648a775
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9f212bbee3ef6838d34f5a285121c40cd6b8bf4d10f441ac96847e50c8ce4cd
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c
ff25eb91fba3cc29f49813fb430d9ef4cf500ced505a9eb300cdd05c015b8b1e