www.xqndy.com Open in urlscan Pro
159.69.57.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xqndy.com/site/pontofrio.com.br.html
Submission: On June 15 via manual (June 15th 2022, 6:24:01 pm UTC) from BR — Scanned from DE

Summary HTTP 106 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 16 domains to perform 106 HTTP transactions. The main IP is 159.69.57.55, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.xqndy.com.
TLS certificate: Issued by R3 on April 5th 2022. Valid for: 3 months.

This is the only time www.xqndy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	159.69.57.55 159.69.57.55	24940 (HETZNER-AS) (HETZNER-AS)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	95.217.24.20 95.217.24.20	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:231... 2600:9000:2315:2c00:0:e2b1:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:215... 2600:9000:2156:e000:12:30a1:de00:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:224... 2600:9000:224a:7800:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	171.8.167.89 171.8.167.89	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
106	21

23 159.69.57.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.57.69.159.clients.your-server.de

www.xqndy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.xqndy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.xqndy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.xqndy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s4.xqndy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s5.xqndy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s6.xqndy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.24.20 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.20.24.217.95.clients.your-server.de

mini.s-shot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:2c00:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

jspassport.ssl.qhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e000:12:30a1:de00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ssl.qhres2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:7800:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 171.8.167.89 (Zhengzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: 8.171.broad.ha.dynamic.163data.com.cn

s.360.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	criteo.net static.criteo.net — Cisco Umbrella Rank: 605 pix.eu.criteo.net — Cisco Umbrella Rank: 6662 csm.eu.criteo.net — Cisco Umbrella Rank: 6838	84 KB
23	xqndy.com www.xqndy.com s1.xqndy.com s2.xqndy.com s3.xqndy.com s4.xqndy.com s5.xqndy.com s6.xqndy.com	59 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	282 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10701 ads.eu.criteo.com — Cisco Umbrella Rank: 6834 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8843	115 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	31 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 9	2 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7748	12 KB
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1278	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	85 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7295	914 B
1	360.cn s.360.cn — Cisco Umbrella Rank: 18433	233 B
1	qhres2.com s.ssl.qhres2.com — Cisco Umbrella Rank: 86383	927 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 861	643 B
1	qhimg.com jspassport.ssl.qhimg.com — Cisco Umbrella Rank: 85457	469 B
1	s-shot.ru mini.s-shot.ru	27 KB
0	alexa.com Failed traffic.alexa.com Failed
106	16

	Domain	Requested by
18	pix.eu.criteo.net	ads.eu.criteo.com
14	static.criteo.net	ads.eu.criteo.com
12	www.xqndy.com	www.xqndy.com
11	pagead2.googlesyndication.com	www.xqndy.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.xqndy.com
4	csm.eu.criteo.net	ads.eu.criteo.com
3	s2.xqndy.com	www.xqndy.com
2	s6.xqndy.com	www.xqndy.com
2	s5.xqndy.com	www.xqndy.com
2	s3.xqndy.com	www.xqndy.com
2	hm.baidu.com	www.xqndy.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net www.xqndy.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	s4.xqndy.com	www.xqndy.com
1	s1.xqndy.com	www.xqndy.com
1	s.360.cn	www.xqndy.com
1	s.ssl.qhres2.com	jspassport.ssl.qhimg.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	jspassport.ssl.qhimg.com	www.xqndy.com
1	mini.s-shot.ru	www.xqndy.com
0	traffic.alexa.com Failed	www.xqndy.com
106	28

This site contains links to these domains. Also see Links.

Domain
www.whoisua.com

Subject Issuer	Validity	Valid
xqndy.com R3	`2022-04-05` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
mini.site-shot.com R3	`2022-05-15` - `2022-08-13`	3 months	crt.sh
*.ssl.qhimg.com WoTrus DV Server CA [Run by the Issuer]	`2022-04-18` - `2023-04-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.ssl.qhres2.com WoTrus DV Server CA [Run by the Issuer]	`2022-03-14` - `2023-03-14`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
*.s.360.cn WoTrus DV Server CA [Run by the Issuer]	`2022-01-05` - `2023-01-05`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2021-11-15` - `2022-08-02`	9 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.xqndy.com/site/pontofrio.com.br.html
Frame ID: 22014138E1131008CBDC9DBDAEAB5AB5
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220613/r20190131/zrt_lookup.html
Frame ID: 96AB486054B5A2928378EFF36B2BD116
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3117042864592570&output=html&adk=1812271804&adf=3025194257&lmt=1655317433&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655317433356&bpp=15&bdt=352&idt=173&shv=r20220613&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3950127467713&frm=20&pv=2&ga_vid=394249544.1655317434&ga_sid=1655317434&ga_hid=1791682454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608&oid=2&pvsid=2952587754359699&tmod=1603320936&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=190
Frame ID: 3408C6C52E65EE19CBA99E1D0EC8F0F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3117042864592570&output=html&h=280&slotname=4563913468&adk=2335523647&adf=3296512626&pi=t.ma~as.4563913468&w=970&fwrn=4&fwrnh=100&lmt=1655317433&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655317433386&bpp=2&bdt=382&idt=163&shv=r20220613&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3950127467713&frm=20&pv=1&ga_vid=394249544.1655317434&ga_sid=1655317434&ga_hid=1791682454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608&oid=2&pvsid=2952587754359699&tmod=1603320936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BW8fNljwG1&p=https%3A//www.xqndy.com&dtd=166
Frame ID: D4718FC764062A5629119346F71895FC
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqojuQAKE74K7YHdAAj20gqbfdwxcrcVKC09SQ&u=%7CuUsLlUhM6TxeFWewPFiYp84VB26y2qMLD%2F0uHFl8hpA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869_Lan39UxNO6WPuMKbuduj9BmjL_RIde9lOOOmH84HQ7EaVMLRGGgtPKfatYHeOug4ckrLM7DGvwegNRPBGtqKHNdNm715H9jJWKJ8ZoBHd45qxMLlgCrNkbzMGTHU6bG2xaIP-_Kn78dwHje5VsTuY8Mq8VEugqDMbEZh9idHS0_MMt2JqxC6X-t6AVZyQLBxAifhUDxKzQINYK2Q6jhHiylcio2IQcmLZWIM3kJgJEdRHG2Zcp_lmg2zs0BznvjlmOKoDP0GdmOxAXlbwCTkmLukd2C_ke5FIlYN0J7A-je9v00kNulZqhwyWFnwxaNPm2fcs6kg7BdE5-GRbJtMiVlYCWMSSMH-WXRmtoN0L44OOOMKp5B_NjMOQxN9ZOYZimPTDyOXR2Pz47a7K3EC2YvDlo0QxUw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEEfXuSOqYr6nKN2DtgfS7aOoCsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAsWWooZudrE-qAMBqgT7AU_QnOxdYLoqfQd-gbulc7EWkRNvidwIDqGs_lmAYHDh09ccDixfaZEfMPKx6s765bGsS7EIktNlctKqMaiyZKv-OXrNtSXFMcKoJ_HpC3H0TSrPhXQj-IK1pzBjBtQOcY5gTE5lKnQs4lbkzm7xbvV08SEhwO2R-sO3AS3egoL4NViku6q08JKOHbFsiyGK6PQeqXao8yLX1B_pXOCrv35dl9qvRbdh8pTkyuZFvoayPEREu1GdO5IzEsJjRtOKjNZQU6mOdk2rRcVObjsOUizY6CMPNNyd5X4hwrNf3fqwdwERcLz26zzZsxy9E50N44Rdlsc-o_zJOg9IgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12ZBkVozAeDAU1_UWARtIaSKMu5A%26client%3Dca-pub-3117042864592570%26adurl%3D
Frame ID: E83FFBF637747CD359470CE39F5CBEED
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220613/r20110914/zrt_lookup.html?fsb=1
Frame ID: C48E18F5E9872160EF1D7825124FA089
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqojuQAKGLwK7eyCAA73V1COsD9HV9rU5IR0vQ&u=%7CuUsLlUhM6TycfRJaB2wmzkDDegXP1FsKbQYtV4wcM4s%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869_Lan39UxNO3n3P1NXdXgsWMvcpOsMmZ-GixLqSWTFWF2WJ3pywBACfmz3yt-Nkx3iaMT94C48sa3pmQ3YbQWaWo8OeE5MytKSxVURco3Fcv-aZGnzhyKNRUZnDxt6zJbIzxzlH4upC_X0d_J6J1uDHtBWdzJGprFw2VcVKZ_YhpUZ0b-lxhKP_KrE7K5OQc9My-lwj72yQbh3MzcvrBXetShfhCi-YcDSjdI8gBEC6KHARHsUhxTlqpomD4TM1BjkqpdwKZ2klGdta_UEeDajcQfs9OBw0kQ3V-v8RUfupJfoT5bmhnisKNAyxo4zrh1KW4zkuBm41xktEkHFRNYqppI0lxiqPdIj7XMNrhr-9okd25NGYPQtoe2HDLKY1qFVhW7b3MRhngH8j2nowwr8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5IkquSOqYryxKILZtwfX7rvoDsme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAjrKcNinfbE-qAMBqgT8AU_QiRfN19lei6EhRGkqeD-UOpqsSqpvv7-yJJjMaag143ah3ojADoRQitfJRZoggRkkQEQQtlmD8O_8Z9oXW-BFF8bPeQQAubkUnMDOegMhrh4PChqWROcRXk56HAnAaQJ1wMbZoDpoNHuwim65GMXLXupdOsttx3NembsBnRTsugF4kixB7cDv2tTVxMctDL4tRY_LP4f5qpoobxoTaTCrI0pwf5yDioz_-emn7OE1i5Cpc2mpZ1uRtEIi5XTujhBomzFIm97KVKJyN-DF4dqGyFi_7UyCkuTn3vWOmhRgxV-PiskcCbuzSV5izAJoOfterY5KxQjUUKRvfYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1y0RsSmzgw-0Rt2-BNA_nhRaxN7w%26client%3Dca-pub-3117042864592570%26adurl%3D
Frame ID: 7A4F5AEA5ABA2D25C9A39208345B01A3
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A549B3A416B8391E9F5A0E6D0953EB18
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D42949CB5385252D605546DC31024635
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pontofrio.com: a maior loja de Eletrônicos e Eletrodomésticos do Brasil pontofrio.com.br官网-网站综合查询-域名价值评估-SEO分析-站长工具

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

99 %
HTTPS

60 %
IPv6

16
Domains

28
Subdomains

21
IPs

6
Countries

701 kB
Transfer

1815 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.whoisua.com/
Title: SEO分析

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pontofrio.com.br.html Show response
www.xqndy.com/site/ 19 KB
5 KB 2572ms
2547ms Document
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

aed373d532a986d84dd34b3374744bc739eb023357f3d2666fc4c082856f176e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 15 Jun 2022 18:23:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.css
www.xqndy.com/skin/images/ 3 KB
1 KB 13ms
12ms Stylesheet
text/css 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xqndy.com/skin/images/style.css

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

a670321c1bbb98e69013e5a41521a3da5a64d37f0b42fc020481849d28760541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 08:54:50 GMT
server: nginx
etag: W/"5f3ce8da-a25"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET
H2 200 dialog.css
www.xqndy.com/images/ 1 KB
1016 B 14ms
13ms Stylesheet
text/css 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xqndy.com/images/dialog.css

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

07bcf7e6d0e4e35c6df3fda2913a6043f214bb0dadf4df3363c977d78f3bb881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
last-modified: Sat, 08 Aug 2020 14:35:58 GMT
server: nginx
etag: W/"5f2eb84e-5bb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET
H2 200 jquery.min.js Show response
www.xqndy.com/js/ 82 KB
32 KB 26ms
26ms Script
application/javascript 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xqndy.com/js/jquery.min.js

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

229278f6a9c1c27fc55bec50f06548fe64c2629f59f462d50cac28e65bb93a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
last-modified: Sat, 08 Aug 2020 14:36:22 GMT
server: nginx
etag: W/"5f2eb866-1498a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET
H2 200 jquery.site.js Show response
www.xqndy.com/js/ 32 KB
6 KB 12ms
12ms Script
application/javascript 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xqndy.com/js/jquery.site.js

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

0003113a1f74ac0417e93ab195139be79e07e3083d3cd751e33481708bfd7aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
last-modified: Sat, 08 Aug 2020 14:36:23 GMT
server: nginx
etag: W/"5f2eb867-8052"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET
H2 200 node.js Show response
www.xqndy.com/js/ 551 B
765 B 11ms
11ms Script
application/javascript 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xqndy.com/js/node.js

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

15b45cb30438a7ee60b76c65e7de2ac627644f1bcfe6270ae9882b327ee6bf68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Sun, 09 Jan 2022 12:38:34 GMT
server: nginx
etag: "61dad74a-227"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 551
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET
H2 200 dialog.js Show response
www.xqndy.com/js/ 9 KB
3 KB 11ms
11ms Script
application/javascript 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xqndy.com/js/dialog.js

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

5c2fd267a1828a0933d9f21739db5a5615a509450ca5cc7f31e1c4236520e1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
last-modified: Sat, 08 Aug 2020 14:36:21 GMT
server: nginx
etag: W/"5f2eb865-2320"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 178ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3117042864592570

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c083537ba7c647f03557cd3c03e75c32326ce6ba1f0ace4214ab08e51a67ceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56417
x-xss-protection: 0
server: cafe
etag: 14986325849713930123
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 18:23:53 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/ 341 KB
120 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3117042864592570&plah=www.xqndy.com&bust=31068038

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3117042864592570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc827ed1506394a6f2370f04853bd6b0948d4310bceb3f54e91530491dcd988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122984
x-xss-protection: 0
server: cafe
etag: 4042587446043546217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 18:23:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220613/r20190131/ Frame 96AB 10 KB
5 KB 137ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220613/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3117042864592570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xqndy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 00:46:29 GMT
etag: 8616628553774171045
expires: Wed, 29 Jun 2022 00:46:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 logo.png
www.xqndy.com/skin/images/ 2 KB
2 KB 11ms
11ms Image
image/png 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xqndy.com/skin/images/logo.png

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

a54ef4dd64efaa8085dab01c5bc4f493ecf4e89e4d7b65269f60a1b5316ce066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 03 Feb 2021 05:23:24 GMT
server: nginx
etag: "601a334c-7fc"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2044
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET
H2 200 sRank_1.gif
www.xqndy.com/images/sr1/ 335 B
540 B 12ms
11ms Image
image/gif 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xqndy.com/images/sr1/sRank_1.gif

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

1c72b01501ce51839dfab0427845ab379be7b0a9f9ec397ca266da1c5c8c21dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Sat, 08 Aug 2020 14:35:45 GMT
server: nginx
etag: "5f2eb841-14f"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 335
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET graph
traffic.alexa.com/ 0
0

GET
H2 200 more.gif
www.xqndy.com/skin/images/ 282 B
487 B 12ms
11ms Image
image/gif 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xqndy.com/skin/images/more.gif

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

86f87efb71cccda44534e8148513ca5375007c5d6cd13b4b66acf8691a85268e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Sat, 08 Aug 2020 14:38:28 GMT
server: nginx
etag: "5f2eb8e4-11a"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 282
expires: Fri, 15 Jul 2022 18:23:53 GMT

GET
H/1.1 200
OK /
mini.s-shot.ru/320x320/JPEG/320/Z100/ 26 KB
27 KB 211ms
70ms Image
image/jpeg 95.217.24.20
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mini.s-shot.ru/320x320/JPEG/320/Z100/?pontofrio.com.br
Requested by: Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.24.20 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.20.24.217.95.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 23bfdf6c844627ca452f130ff3b5e816002aabe03b41fe45f88025b1dee63f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:23:53 GMT
Last-Modified: Wed, 15 Jun 2022 12:00:22 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "62a9c9d6-69db"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, s-maxage=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27099

GET
H2 200 11.0.1.js Show response
jspassport.ssl.qhimg.com/ 106 B
469 B 715ms
24ms Script
application/x-javascript 2600:9000:2315:2c00:0:e2b1:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Requested by: Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2c00:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955

Request headers

Referer: https://www.xqndy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 15 Jun 2022 18:14:10 GMT
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc03.lato;REVALIDATED from w-sc01.lato
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
age: 587
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=600
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Aq83Y7uG91hA2h70TBEYn49xygnudJZ3mRKftiG-nkkaiLTLiKYJkQ==
expires: Wed, 15 Jun 2022 18:24:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
643 B 115ms
40ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.xqndy.com&callback=_gfp_s_&client=ca-pub-3117042864592570

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3117042864592570&plah=www.xqndy.com&bust=31068038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e7a34f3886cdda1982a170070de113119d0b3903771c4e9b8f1cbd72805e11bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 166ms
47ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.xqndy.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
48ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.xqndy.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3408 36 KB
13 KB 261ms
182ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3117042864592570&output=html&adk=1812271804&adf=3025194257&lmt=1655317433&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655317433356&bpp=15&bdt=352&idt=173&shv=r20220613&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3950127467713&frm=20&pv=2&ga_vid=394249544.1655317434&ga_sid=1655317434&ga_hid=1791682454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608&oid=2&pvsid=2952587754359699&tmod=1603320936&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cdc800c5276e1636107f0e7e51a6dc7f6920b17f7cd40675e99258e6739da74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xqndy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12969
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 18:23:53 GMT
expires: Wed, 15 Jun 2022 18:23:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D471 22 KB
9 KB 277ms
203ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3117042864592570&output=html&h=280&slotname=4563913468&adk=2335523647&adf=3296512626&pi=t.ma~as.4563913468&w=970&fwrn=4&fwrnh=100&lmt=1655317433&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655317433386&bpp=2&bdt=382&idt=163&shv=r20220613&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3950127467713&frm=20&pv=1&ga_vid=394249544.1655317434&ga_sid=1655317434&ga_hid=1791682454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608&oid=2&pvsid=2952587754359699&tmod=1603320936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BW8fNljwG1&p=https%3A//www.xqndy.com&dtd=166

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9b6d531c9951450390ca5e0b64ce769eb84f9816aaf48c7c11fcad6f22c685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xqndy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9526
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 18:23:53 GMT
expires: Wed, 15 Jun 2022 18:23:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/ 149 KB
53 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/reactive_library_fy2019.js?bust=31068038

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e28a95d80be8cfea173dc8050a8398697ab68486ee36fec55caeba3f9287b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54401
x-xss-protection: 0
server: cafe
etag: 6308044404308089519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 18:23:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-3117042864592570&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame D471 3 KB
1 KB 140ms
42ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3117042864592570&output=html&h=280&slotname=4563913468&adk=2335523647&adf=3296512626&pi=t.ma~as.4563913468&w=970&fwrn=4&fwrnh=100&lmt=1655317433&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655317433386&bpp=2&bdt=382&idt=163&shv=r20220613&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3950127467713&frm=20&pv=1&ga_vid=394249544.1655317434&ga_sid=1655317434&ga_hid=1791682454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608&oid=2&pvsid=2952587754359699&tmod=1603320936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BW8fNljwG1&p=https%3A//www.xqndy.com&dtd=166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:15:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D471 137 KB
43 KB 166ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 18:23:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame D471 17 KB
8 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:22:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D471 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9OvvuSOqYr6nKN2DtgfS7aOoCsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAsWWooZudrE-qAMBqgT4AU_QnOxdYLoqfQd-gbulc7EWkRNvidwIDqGs_lmAYHDh09ccDixfaZEfMPKx6s765bGsS7EIktNlctKqMaiyZKv-OXrNtSXFMcKoJ_HpC3H0TSrPhXQj-IK1pzBjBtQOcY5gTE5lKnQs4lbkzm7xbvV08SEhwO2R-sO3AS3egoL4NViku6q08JKOHbFsiyGK6PQeqXao8yLX1B_pXOCrv35dl9qvRbdh8pTkyuZFvoayPEREu1GdO5IzEsJjRtOKjNZQU6mOdk2rRcVObjsOUizY6GENFU4aauIyfS9LfiqN0fkYZLZA4RLBMah1Ljv_XJpxjkKUJ-92gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMTE3MDQyODY0NTkyNTcwGAA&sigh=830039rKW8c&uach_m=[UACH]&cid=CAQSGwCNIrLMeZYAqpzUM1vYlYRIWFFG2kEV1qRLKRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3117042864592570&output=html&h=280&slotname=4563913468&adk=2335523647&adf=3296512626&pi=t.ma~as.4563913468&w=970&fwrn=4&fwrnh=100&lmt=1655317433&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655317433386&bpp=2&bdt=382&idt=163&shv=r20220613&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3950127467713&frm=20&pv=1&ga_vid=394249544.1655317434&ga_sid=1655317434&ga_hid=1791682454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608&oid=2&pvsid=2952587754359699&tmod=1603320936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BW8fNljwG1&p=https%3A//www.xqndy.com&dtd=166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 15 Jun 2022 18:23:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Jun 2022 18:23:53 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame D471 0
0 154ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RMoHmAKdg2ICAgAAAGA7uVh6CtEjELkjqmIRDqlXRlj7kdWjcAASAAA&wp=YqojuQAKE74K7YHdAAj20gqbfdwxcrcVKC09SQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:51 GMT
server: Kestrel
server-processing-duration-in-ticks: 191391
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E83F 175 KB
55 KB 325ms
105ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YqojuQAKE74K7YHdAAj20gqbfdwxcrcVKC09SQ&u=%7CuUsLlUhM6TxeFWewPFiYp84VB26y2qMLD%2F0uHFl8hpA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869_Lan39UxNO6WPuMKbuduj9BmjL_RIde9lOOOmH84HQ7EaVMLRGGgtPKfatYHeOug4ckrLM7DGvwegNRPBGtqKHNdNm715H9jJWKJ8ZoBHd45qxMLlgCrNkbzMGTHU6bG2xaIP-_Kn78dwHje5VsTuY8Mq8VEugqDMbEZh9idHS0_MMt2JqxC6X-t6AVZyQLBxAifhUDxKzQINYK2Q6jhHiylcio2IQcmLZWIM3kJgJEdRHG2Zcp_lmg2zs0BznvjlmOKoDP0GdmOxAXlbwCTkmLukd2C_ke5FIlYN0J7A-je9v00kNulZqhwyWFnwxaNPm2fcs6kg7BdE5-GRbJtMiVlYCWMSSMH-WXRmtoN0L44OOOMKp5B_NjMOQxN9ZOYZimPTDyOXR2Pz47a7K3EC2YvDlo0QxUw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEEfXuSOqYr6nKN2DtgfS7aOoCsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAsWWooZudrE-qAMBqgT7AU_QnOxdYLoqfQd-gbulc7EWkRNvidwIDqGs_lmAYHDh09ccDixfaZEfMPKx6s765bGsS7EIktNlctKqMaiyZKv-OXrNtSXFMcKoJ_HpC3H0TSrPhXQj-IK1pzBjBtQOcY5gTE5lKnQs4lbkzm7xbvV08SEhwO2R-sO3AS3egoL4NViku6q08JKOHbFsiyGK6PQeqXao8yLX1B_pXOCrv35dl9qvRbdh8pTkyuZFvoayPEREu1GdO5IzEsJjRtOKjNZQU6mOdk2rRcVObjsOUizY6CMPNNyd5X4hwrNf3fqwdwERcLz26zzZsxy9E50N44Rdlsc-o_zJOg9IgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12ZBkVozAeDAU1_UWARtIaSKMu5A%26client%3Dca-pub-3117042864592570%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4672b2dc1c15575781348fc3792704f5aa6abcb203200cda3c017a982cf14982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 18:23:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oF_WvINMI7onBGRn9uQEaGURZueHu9j0g2fG6QakM_25sNG9UBLfeucKpn-YYSdfZP5BXpvhnf3DCykVekbQC6eiJeHK8GAFs4UvJNsIP5wMYtsRYquvGiFaIuXH8anc49KUTEC2DH1bVlZ-CYC0rHoKWdIHqRB3h66ySEn0_46Bp24t6368bR7tdNWhKSe111E5mgUdccwV89SHf0pCHDQYBF6W2WfEfWruYetX8wJCHajr-ZWuZMN4P6nvJKwLib-CeQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 85081530
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-3117042864592570&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 120ms
46ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.xqndy.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 124ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.xqndy.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220613/r20110914/ Frame C48E 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220613/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xqndy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 00:34:40 GMT
etag: 8616628553774171045
expires: Wed, 29 Jun 2022 00:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C48E 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvFB9uSOqYryxKILZtwfX7rvoDsme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAjrKcNinfbE-qAMBqgT5AU_QiRfN19lei6EhRGkqeD-UOpqsSqpvv7-yJJjMaag143ah3ojADoRQitfJRZoggRkkQEQQtlmD8O_8Z9oXW-BFF8bPeQQAubkUnMDOegMhrh4PChqWROcRXk56HAnAaQJ1wMbZoDpoNHuwim65GMXLXupdOsttx3NembsBnRTsugF4kixB7cDv2tTVxMctDL4tRY_LP4f5qpoobxoTaTCrI0pwf5yDioz_-emn7OE1i5Cpc2mpZ1uRtEIi5XTujhBomzFIm97KVKJyN-DF4dqGyFj9720QFWt7zUoSjrew-Pl3g90Wv7GdUdzWBD_Oy0RAgZbPb4zH74AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMTE3MDQyODY0NTkyNTcwGAA&sigh=omx0baMVWII&uach_m=[UACH]&cid=CAQSGwCNIrLMaCY1SVp_f5a-rZzNApu-Wi0ymqdE1xgB

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220613/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 15 Jun 2022 18:23:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame C48E 0
0 15ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RO0HfJ2DYgICAAAAt1Fev4oVHA4QuSOqYkLW_yLAFfCELyGiABIAAA&wp=YqojuQAKGLwK7eyCAA73V1COsD9HV9rU5IR0vQ

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 156353
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7A4F 210 KB
59 KB 207ms
127ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YqojuQAKGLwK7eyCAA73V1COsD9HV9rU5IR0vQ&u=%7CuUsLlUhM6TycfRJaB2wmzkDDegXP1FsKbQYtV4wcM4s%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869_Lan39UxNO3n3P1NXdXgsWMvcpOsMmZ-GixLqSWTFWF2WJ3pywBACfmz3yt-Nkx3iaMT94C48sa3pmQ3YbQWaWo8OeE5MytKSxVURco3Fcv-aZGnzhyKNRUZnDxt6zJbIzxzlH4upC_X0d_J6J1uDHtBWdzJGprFw2VcVKZ_YhpUZ0b-lxhKP_KrE7K5OQc9My-lwj72yQbh3MzcvrBXetShfhCi-YcDSjdI8gBEC6KHARHsUhxTlqpomD4TM1BjkqpdwKZ2klGdta_UEeDajcQfs9OBw0kQ3V-v8RUfupJfoT5bmhnisKNAyxo4zrh1KW4zkuBm41xktEkHFRNYqppI0lxiqPdIj7XMNrhr-9okd25NGYPQtoe2HDLKY1qFVhW7b3MRhngH8j2nowwr8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5IkquSOqYryxKILZtwfX7rvoDsme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAjrKcNinfbE-qAMBqgT8AU_QiRfN19lei6EhRGkqeD-UOpqsSqpvv7-yJJjMaag143ah3ojADoRQitfJRZoggRkkQEQQtlmD8O_8Z9oXW-BFF8bPeQQAubkUnMDOegMhrh4PChqWROcRXk56HAnAaQJ1wMbZoDpoNHuwim65GMXLXupdOsttx3NembsBnRTsugF4kixB7cDv2tTVxMctDL4tRY_LP4f5qpoobxoTaTCrI0pwf5yDioz_-emn7OE1i5Cpc2mpZ1uRtEIi5XTujhBomzFIm97KVKJyN-DF4dqGyFi_7UyCkuTn3vWOmhRgxV-PiskcCbuzSV5izAJoOfterY5KxQjUUKRvfYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1y0RsSmzgw-0Rt2-BNA_nhRaxN7w%26client%3Dca-pub-3117042864592570%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5df803022eaed70a9769685d1f60c261c786981b356b16c062d77bebd5041c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 18:23:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ANheUINMI7onBGRn5hx8nUgou6OdOyHQu0bbbX-QHlgM_AgiKaQbJwoMAn1_K9iRU4RQxtRTcbqh-QsqHZYmn88-2BGbs_F3BHfqy8blgsX-jR77TT4N1wK-KmvrJ0EZErPKBoeSD1sUtO2c9iM58KHneMft-GdB4INFFX2WmYkqYShWw5khnMyn_g7vIC0iCo2B0KF05RWRj16FTQlJMJA7LmOPURJW0ffD9t5vR6WaTJKGD-mtRXfiVbKdHS5z1stesg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 109947426
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame C48E 3 KB
1 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:22:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame C48E 17 KB
7 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:22:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C48E 137 KB
42 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 18:23:54 GMT

GET
DATA 200
OK truncated
/ Frame D471 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a80bd8afe9fff36e67eab3284be57dd196d8ae54f4588a9cafd7ecfb8db32526

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C48E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00335db085225067b8c8967acd225e42c483fd97f68b24d6d3136842125191ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ab77b6ea7f3fbf79.js Show response
s.ssl.qhres2.com/ssl/ 478 B
927 B 686ms
8ms Script
application/javascript 2600:9000:2156:e000:12:30a1:de00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
Requested by: Host: jspassport.ssl.qhimg.com
URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:12:30a1:de00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer: https://www.xqndy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 03 May 2022 05:17:19 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc01.lato;MISS from w-sc02.lato
age: 3762395
x-qstatic-hit: 1
x-cache: Hit from cloudfront
content-length: 478
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"5ea522c52117c396"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 5a-2vTFQVoR4OuJd6Q4oU2VkOtpuputD_1z2gVdzwj12-LH2YmjgYA==
expires: Fri, 30 Apr 2032 05:17:19 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E83F 2 KB
1 KB 64ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqojuQAKE74K7YHdAAj20gqbfdwxcrcVKC09SQ&u=%7CuUsLlUhM6TxeFWewPFiYp84VB26y2qMLD%2F0uHFl8hpA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869_Lan39UxNO6WPuMKbuduj9BmjL_RIde9lOOOmH84HQ7EaVMLRGGgtPKfatYHeOug4ckrLM7DGvwegNRPBGtqKHNdNm715H9jJWKJ8ZoBHd45qxMLlgCrNkbzMGTHU6bG2xaIP-_Kn78dwHje5VsTuY8Mq8VEugqDMbEZh9idHS0_MMt2JqxC6X-t6AVZyQLBxAifhUDxKzQINYK2Q6jhHiylcio2IQcmLZWIM3kJgJEdRHG2Zcp_lmg2zs0BznvjlmOKoDP0GdmOxAXlbwCTkmLukd2C_ke5FIlYN0J7A-je9v00kNulZqhwyWFnwxaNPm2fcs6kg7BdE5-GRbJtMiVlYCWMSSMH-WXRmtoN0L44OOOMKp5B_NjMOQxN9ZOYZimPTDyOXR2Pz47a7K3EC2YvDlo0QxUw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEEfXuSOqYr6nKN2DtgfS7aOoCsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAsWWooZudrE-qAMBqgT7AU_QnOxdYLoqfQd-gbulc7EWkRNvidwIDqGs_lmAYHDh09ccDixfaZEfMPKx6s765bGsS7EIktNlctKqMaiyZKv-OXrNtSXFMcKoJ_HpC3H0TSrPhXQj-IK1pzBjBtQOcY5gTE5lKnQs4lbkzm7xbvV08SEhwO2R-sO3AS3egoL4NViku6q08JKOHbFsiyGK6PQeqXao8yLX1B_pXOCrv35dl9qvRbdh8pTkyuZFvoayPEREu1GdO5IzEsJjRtOKjNZQU6mOdk2rRcVObjsOUizY6CMPNNyd5X4hwrNf3fqwdwERcLz26zzZsxy9E50N44Rdlsc-o_zJOg9IgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12ZBkVozAeDAU1_UWARtIaSKMu5A%26client%3Dca-pub-3117042864592570%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E83F 2 KB
1 KB 64ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E83F 308 B
637 B 56ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E83F 293 B
621 B 56ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame E83F 0
709 B 197ms
130ms Image
text/plain 2600:9000:224a:7800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1655317433
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqojuQAKE74K7YHdAAj20gqbfdwxcrcVKC09SQ&u=%7CuUsLlUhM6TxeFWewPFiYp84VB26y2qMLD%2F0uHFl8hpA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869_Lan39UxNO6WPuMKbuduj9BmjL_RIde9lOOOmH84HQ7EaVMLRGGgtPKfatYHeOug4ckrLM7DGvwegNRPBGtqKHNdNm715H9jJWKJ8ZoBHd45qxMLlgCrNkbzMGTHU6bG2xaIP-_Kn78dwHje5VsTuY8Mq8VEugqDMbEZh9idHS0_MMt2JqxC6X-t6AVZyQLBxAifhUDxKzQINYK2Q6jhHiylcio2IQcmLZWIM3kJgJEdRHG2Zcp_lmg2zs0BznvjlmOKoDP0GdmOxAXlbwCTkmLukd2C_ke5FIlYN0J7A-je9v00kNulZqhwyWFnwxaNPm2fcs6kg7BdE5-GRbJtMiVlYCWMSSMH-WXRmtoN0L44OOOMKp5B_NjMOQxN9ZOYZimPTDyOXR2Pz47a7K3EC2YvDlo0QxUw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEEfXuSOqYr6nKN2DtgfS7aOoCsme0rFczeGS93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAsWWooZudrE-qAMBqgT7AU_QnOxdYLoqfQd-gbulc7EWkRNvidwIDqGs_lmAYHDh09ccDixfaZEfMPKx6s765bGsS7EIktNlctKqMaiyZKv-OXrNtSXFMcKoJ_HpC3H0TSrPhXQj-IK1pzBjBtQOcY5gTE5lKnQs4lbkzm7xbvV08SEhwO2R-sO3AS3egoL4NViku6q08JKOHbFsiyGK6PQeqXao8yLX1B_pXOCrv35dl9qvRbdh8pTkyuZFvoayPEREu1GdO5IzEsJjRtOKjNZQU6mOdk2rRcVObjsOUizY6CMPNNyd5X4hwrNf3fqwdwERcLz26zzZsxy9E50N44Rdlsc-o_zJOg9IgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_12ZBkVozAeDAU1_UWARtIaSKMu5A%26client%3Dca-pub-3117042864592570%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 0
pragma: no-cache
server: nginx
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-edge-origin-fbl: 0.105
x-amz-cf-id: Okf_a8Z995eXICOv23E0NQSamiSpJcG1D-zkRa1vCGlIwILTU65Cyw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame E83F 43 B
348 B 60ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=3vrB5aIgar3PdS5R9BM-mVDRxQXyYeDaEP0bnmRRkJ_DhXxTl7oqJNiHbOEinVAoRekK4yJ6llRnC8qpWZ6X60my9hjiiku_Ogx91akl-RDl--kshLT8SkKzlr_HOJQrrqyLXqgtd7b-BEJDyQoRFGIuFYsmZOXHlBZguptYA2tdM_dErn5Ssj6ALWqJCUDw8hJ9sQEA22tYnL6WdGCCzaEIuJjI9YLmOeGIciazAOuWedaXU1q2UjSDEn4SNxQMvSwD0IqDslNP8qziCdXhRs1fxphCgTohce45SVK17RdVlCezYDSiTOj8gYC9wcUKzBKHFQlVQl6rtH8I71Fhw1KXUI8l4fRUeETtqy4j2BE--uoELWCXW4pjASmemHzL38frZCGlY8iD2jd3X0zZ5PKv7IPuDDhALt29xFJeu8kgIaTIc4fhn3zBe-GsSuS8-6kfJA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:53 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1924994
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E83F 12 KB
6 KB 29ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 5 KB
5 KB 305ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=WVunQn1urfIF5n-zpdjitqDp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29330420
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5106
expires: Sun, 21 May 2023 05:44:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 2 KB
3 KB 305ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FI%2FlogoIntertek-Holding-Deutschland-GmbH-66445DE.gif%3Feb%3D1&v=3&w=400&s=EyAptVuEQJvCPfprWwzBlnmu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05808c39b0affa660efe7bd3d2fc943ce7843ffa1a0109977f411c3d66b8948c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1187599
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2334
expires: Wed, 29 Jun 2022 12:17:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 7 KB
8 KB 319ms
30ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoCarl-Rumpel-GmbH-204917DE-2203241135.gif%3Feb%3D1&v=3&w=400&s=CWkK9ydGilScJUQi6jNG3qVS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4a977f0cb5fd0f9222f6e9c83719c1c74cf7cf8d75e89420d8dad3fba5617312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7552
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 2 KB
2 KB 318ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoAmazon-Workforce-Staffing-245849DE-2005201401.gif%3Feb%3D1&v=3&w=400&s=S8H46qf3EvuvyZds2gfujwsz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2079297
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1902
expires: Sat, 09 Jul 2022 19:58:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 1 KB
1 KB 319ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=400&s=t5TW_8UYa2eFuuuPo_Q7nmQe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2234065
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1100
expires: Mon, 11 Jul 2022 14:58:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 3 KB
3 KB 319ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoConcentrix-Germany-169413DE.gif%3Feb%3D1&v=3&w=400&s=MLCPOuNtUjk_FrjlqcdavKOt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=263971
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3064
expires: Sat, 18 Jun 2022 19:43:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 886 B
1 KB 24ms
24ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBCMC-Media-Agentur-GmbH-55218DE.gif%3Feb%3D1&v=3&w=400&s=5aPzmu6HAD7e1GnZi8Gs5P9J&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

891ae673331445e00149d031d499370d254465c5d1e67de1a5f624df4ddcbb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=421774
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 886
expires: Mon, 20 Jun 2022 15:33:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 2 KB
2 KB 23ms
23ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoHotel-Europaeischer-Hof-Heidelberg-257329DE-2101291623.gif%3Feb%3D1&v=3&w=400&s=nbpNLKQTGSgTbZ8dBTJhhVlf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e700cc07133f33152adac4db7b52bb06fcafba45e73025322570a7dfa2489dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2425
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2214
expires: Wed, 15 Jun 2022 19:04:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E83F 5 KB
6 KB 23ms
23ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoElli-Group-225850DE.gif%3Feb%3D1&v=3&w=400&s=T3QN-zeDFn9JO1qvLv8GQDS1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4575659a641ce75323836fb8958a8218386a5bc1e4ac1acc02f8e652ba183a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1390904
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5538
expires: Fri, 01 Jul 2022 20:45:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E83F 0
128 B 391ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=oF_WvINMI7onBGRn9uQEaGURZueHu9j0g2fG6QakM_25sNG9UBLfeucKpn-YYSdfZP5BXpvhnf3DCykVekbQC6eiJeHK8GAFs4UvJNsIP5wMYtsRYquvGiFaIuXH8anc49KUTEC2DH1bVlZ-CYC0rHoKWdIHqRB3h66ySEn0_46Bp24t6368bR7tdNWhKSe111E5mgUdccwV89SHf0pCHDQYBF6W2WfEfWruYetX8wJCHajr-ZWuZMN4P6nvJKwLib-CeQ&sds=2&rev=81696&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Jun 2022 18:23:54 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E83F 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E83F 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7A4F 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqojuQAKGLwK7eyCAA73V1COsD9HV9rU5IR0vQ&u=%7CuUsLlUhM6TycfRJaB2wmzkDDegXP1FsKbQYtV4wcM4s%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869_Lan39UxNO3n3P1NXdXgsWMvcpOsMmZ-GixLqSWTFWF2WJ3pywBACfmz3yt-Nkx3iaMT94C48sa3pmQ3YbQWaWo8OeE5MytKSxVURco3Fcv-aZGnzhyKNRUZnDxt6zJbIzxzlH4upC_X0d_J6J1uDHtBWdzJGprFw2VcVKZ_YhpUZ0b-lxhKP_KrE7K5OQc9My-lwj72yQbh3MzcvrBXetShfhCi-YcDSjdI8gBEC6KHARHsUhxTlqpomD4TM1BjkqpdwKZ2klGdta_UEeDajcQfs9OBw0kQ3V-v8RUfupJfoT5bmhnisKNAyxo4zrh1KW4zkuBm41xktEkHFRNYqppI0lxiqPdIj7XMNrhr-9okd25NGYPQtoe2HDLKY1qFVhW7b3MRhngH8j2nowwr8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5IkquSOqYryxKILZtwfX7rvoDsme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAjrKcNinfbE-qAMBqgT8AU_QiRfN19lei6EhRGkqeD-UOpqsSqpvv7-yJJjMaag143ah3ojADoRQitfJRZoggRkkQEQQtlmD8O_8Z9oXW-BFF8bPeQQAubkUnMDOegMhrh4PChqWROcRXk56HAnAaQJ1wMbZoDpoNHuwim65GMXLXupdOsttx3NembsBnRTsugF4kixB7cDv2tTVxMctDL4tRY_LP4f5qpoobxoTaTCrI0pwf5yDioz_-emn7OE1i5Cpc2mpZ1uRtEIi5XTujhBomzFIm97KVKJyN-DF4dqGyFi_7UyCkuTn3vWOmhRgxV-PiskcCbuzSV5izAJoOfterY5KxQjUUKRvfYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1y0RsSmzgw-0Rt2-BNA_nhRaxN7w%26client%3Dca-pub-3117042864592570%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7A4F 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7A4F 308 B
636 B 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7A4F 293 B
621 B 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 7A4F 0
709 B 131ms
130ms Image
text/plain 2600:9000:224a:7800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1655317433
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqojuQAKGLwK7eyCAA73V1COsD9HV9rU5IR0vQ&u=%7CuUsLlUhM6TycfRJaB2wmzkDDegXP1FsKbQYtV4wcM4s%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869_Lan39UxNO3n3P1NXdXgsWMvcpOsMmZ-GixLqSWTFWF2WJ3pywBACfmz3yt-Nkx3iaMT94C48sa3pmQ3YbQWaWo8OeE5MytKSxVURco3Fcv-aZGnzhyKNRUZnDxt6zJbIzxzlH4upC_X0d_J6J1uDHtBWdzJGprFw2VcVKZ_YhpUZ0b-lxhKP_KrE7K5OQc9My-lwj72yQbh3MzcvrBXetShfhCi-YcDSjdI8gBEC6KHARHsUhxTlqpomD4TM1BjkqpdwKZ2klGdta_UEeDajcQfs9OBw0kQ3V-v8RUfupJfoT5bmhnisKNAyxo4zrh1KW4zkuBm41xktEkHFRNYqppI0lxiqPdIj7XMNrhr-9okd25NGYPQtoe2HDLKY1qFVhW7b3MRhngH8j2nowwr8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5IkquSOqYryxKILZtwfX7rvoDsme0rFclaKX93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzExNzA0Mjg2NDU5MjU3MKAB1bbS6gPIAQmpAjrKcNinfbE-qAMBqgT8AU_QiRfN19lei6EhRGkqeD-UOpqsSqpvv7-yJJjMaag143ah3ojADoRQitfJRZoggRkkQEQQtlmD8O_8Z9oXW-BFF8bPeQQAubkUnMDOegMhrh4PChqWROcRXk56HAnAaQJ1wMbZoDpoNHuwim65GMXLXupdOsttx3NembsBnRTsugF4kixB7cDv2tTVxMctDL4tRY_LP4f5qpoobxoTaTCrI0pwf5yDioz_-emn7OE1i5Cpc2mpZ1uRtEIi5XTujhBomzFIm97KVKJyN-DF4dqGyFi_7UyCkuTn3vWOmhRgxV-PiskcCbuzSV5izAJoOfterY5KxQjUUKRvfYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1y0RsSmzgw-0Rt2-BNA_nhRaxN7w%26client%3Dca-pub-3117042864592570%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 0
pragma: no-cache
server: nginx
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-edge-origin-fbl: 0.107
x-amz-cf-id: 1AdBuEsBfocdJxMSdWDSGALaJSCI0sh5rY8WwDwy7lEOq9jFDayAKQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 7A4F 43 B
347 B 18ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=U5U25fEQXosB4o_DSZQa_qdMyZ7jpEIv5nnIDn1P1mu_o4QFAWOJd_L9spiysJDqUSk0XXXvMDwvy8iYfQIQrEt8XbJBogYwJZ2Sc-n7HLHd3xVS8EzH0B9RH7LNxcoCWQFrPfaStpVzGtAn4Prmt-VEWQUGMQLAlqo2sFE7zil4XAgZnV0a0bK15nWMrbLcffS32LmHvFi6fO65vNbBxcpt22m5pNXB7yEhrX0SB91o9k3BjXuPB_wHMnvrGdXVdvbcxJmubVZel0hIxJSJuanXYlMN95jsyGG899xNUethCQzShjF_57jOgaa4e3B9Q75-i9wsVkXnmGn9px4dVD3Ry-JFrmQOGbHuo5L6W40iTBVXrtIcexJE8lHs9qx4hMfMOCNUipLdXBoE1SGHtgOegZ3xi2HxpWZhv8vW0ILV5-xWlC6-ZNGEdnyC7o0FF-8-Ig

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:54 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3029079
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7A4F 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 5 KB
5 KB 239ms
31ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=P1mM87GxKeNVtHqDGH1gb7rz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29330420
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5106
expires: Sun, 21 May 2023 05:44:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 2 KB
3 KB 243ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FI%2FlogoIntertek-Holding-Deutschland-GmbH-66445DE.gif%3Feb%3D1&v=3&w=800&s=Ut7Bmb7LahfbOKvfz6JNV2U_&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05808c39b0affa660efe7bd3d2fc943ce7843ffa1a0109977f411c3d66b8948c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1187599
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2334
expires: Wed, 29 Jun 2022 12:17:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 886 B
1 KB 243ms
35ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBCMC-Media-Agentur-GmbH-55218DE.gif%3Feb%3D1&v=3&w=800&s=xVn0EFYAQ3ya6DWUxSricqnS&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

891ae673331445e00149d031d499370d254465c5d1e67de1a5f624df4ddcbb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=421774
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 886
expires: Mon, 20 Jun 2022 15:33:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 7 KB
8 KB 242ms
35ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoCarl-Rumpel-GmbH-204917DE-2203241135.gif%3Feb%3D1&v=3&w=800&s=M14anaj-njGfBMze6XlEa2s9&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4a977f0cb5fd0f9222f6e9c83719c1c74cf7cf8d75e89420d8dad3fba5617312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7552
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 2 KB
2 KB 239ms
32ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoAmazon-Workforce-Staffing-245849DE-2005201401.gif%3Feb%3D1&v=3&w=800&s=95jxEAub81a-rbPlqs6ZUuDK&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2079297
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1902
expires: Sat, 09 Jul 2022 19:58:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 3 KB
3 KB 243ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoConcentrix-Germany-169413DE.gif%3Feb%3D1&v=3&w=800&s=UN8ephX_VkECacZLWtRXXEwt&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=263971
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3064
expires: Sat, 18 Jun 2022 19:43:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 1 KB
1 KB 15ms
15ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=800&s=kazlmmYaf1I4CAPjpV7VMXGz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2234065
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1100
expires: Mon, 11 Jul 2022 14:58:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 1 KB
1 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE.gif%3Feb%3D1&v=3&w=800&s=P1iwqlztP-6RPDJ2TSVIR8NP&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:53 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1226
expires: Sat, 10 Jun 2023 18:23:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7A4F 0
127 B 310ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ANheUINMI7onBGRn5hx8nUgou6OdOyHQu0bbbX-QHlgM_AgiKaQbJwoMAn1_K9iRU4RQxtRTcbqh-QsqHZYmn88-2BGbs_F3BHfqy8blgsX-jR77TT4N1wK-KmvrJ0EZErPKBoeSD1sUtO2c9iM58KHneMft-GdB4INFFX2WmYkqYShWw5khnMyn_g7vIC0iCo2B0KF05RWRj16FTQlJMJA7LmOPURJW0ffD9t5vR6WaTJKGD-mtRXfiVbKdHS5z1stesg&sds=2&rev=81696&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Jun 2022 18:23:54 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7A4F 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7A4F 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Jun 2023 18:23:54 GMT

GET
H/1.1 200
OK zz.gif
s.360.cn/so/ 0
233 B 1117ms
212ms Image
image/gif 171.8.167.89
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.360.cn/so/zz.gif?url=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&sid=d182b3f28525f2db83acfaaf6e696dba&token=dl1m8t2hb.3rfb2.8m5o2c5.fo2idrbf
Requested by: Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 171.8.167.89 Zhengzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS: 8.171.broad.ha.dynamic.163data.com.cn
Software: nginx/1.7.7 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:23:55 GMT
Last-Modified: Mon, 29 Oct 2018 06:10:45 GMT
Server: nginx/1.7.7
ETag: "5bd6a465-0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1453ms
442ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8e77fe1f0eabaa1c0eb08f18ed0816e5

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

ac5721abe8a58463132dcf7586610bbb2f6eb4143847ca502ee67444e54734de

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 18:23:56 GMT
Content-Encoding: gzip
Server: apache
Etag: 7cb2ff4b468bd9f0af134e46e98644d1
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11294

GET
H2 200 ajax.php Show response
s1.xqndy.com/ajax/ 64 B
361 B 1576ms
1538ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.xqndy.com/ajax/ajax.php?type=26&domain=&g_div=s_baidurank&g_type=html&1655317434000&_=1655317434821

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

2bc9f3649b6b80904e6e657c4bcc20d6d1afe894d41fc227f5bd1225df293527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ajax.php Show response
s2.xqndy.com/ajax/ 36 B
334 B 48ms
20ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s2.xqndy.com/ajax/ajax.php?type=12&domain=&g_div=s_baidusnap&g_type=html&1655317434000&_=1655317434822

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

4e2d7849e2e10d9611b2b1f02b984d6ac75a2c81b9dfaf706814d731f976b927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ajax.php Show response
s3.xqndy.com/ajax/ 33 B
330 B 1117ms
1081ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.xqndy.com/ajax/ajax.php?type=4&domain=&g_div=s_google&g_type=html&1655317434000&_=1655317434823

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

f3e8a709afe317f20ce6eb0c3a685df3e2f33022314c46afa6ebd17c4d4b2eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ajax.php Show response
s4.xqndy.com/ajax/ 37 B
335 B 1537ms
1501ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s4.xqndy.com/ajax/ajax.php?type=23&domain=&g_div=s_googlelink&g_type=html&1655317434000&_=1655317434823

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

df975aa5e60b6ee01b6cbc0e7a81dfba0eec0ec4e19f4b6ba641fa2c8e986ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ajax.php Show response
s5.xqndy.com/ajax/ 30 B
326 B 1202ms
1179ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s5.xqndy.com/ajax/ajax.php?type=31&domain=&g_div=s_360&g_type=html&1655317434000&_=1655317434824

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

b20fa09a335f0fa196a376b44019a1f7147a56c875cef0fed363b13234cb1bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ajax.php Show response
s6.xqndy.com/ajax/ 34 B
332 B 983ms
966ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s6.xqndy.com/ajax/ajax.php?type=32&domain=&g_div=s_360link&g_type=html&1655317434000&_=1655317434824

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

fa8ddfe2bc5b4cf36ebe7e56d516722b9f8ed138b347d02dd28f66c2c6778aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:55 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 loading.gif
www.xqndy.com/images/ 2 KB
2 KB 11ms
11ms Image
image/gif 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xqndy.com/images/loading.gif

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

1d454c4bb51bb78f82f9bcbb48b204f9a53db8d214dae02d1f7c7273822abaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:54 GMT
last-modified: Sat, 08 Aug 2020 14:36:02 GMT
server: nginx
etag: "5f2eb852-7f5"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2037
expires: Fri, 15 Jul 2022 18:23:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D471 42 B
64 B 143ms
69ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-HoGueZ-x7YwuM593D912ZzCq_GQstqMN2P4sr70rKf5TFDY_NhR_jmRNuyzg9z2tNIV1Y_raW5d9gQo1xROZWV0&sig=Cg0ArKJSzGJ4ew0v4FCEEAE&id=lidar2&mcvt=1000&p=0,0,280,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2335523647&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655317433553&rpt=523&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E83F 0
127 B 15ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Jun 2022 18:23:54 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 ajax.php Show response
s2.xqndy.com/ajax/ 32 B
282 B 817ms
816ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s2.xqndy.com/ajax/ajax.php?type=33&domain=&g_div=s_sogou&g_type=html&1655317435000&_=1655317435325

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

1b011644d833c7366b2af2894746b9582fe3529d83ca7afe58283c3ee48bf573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C48E 42 B
64 B 69ms
69ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvN2Ot9ps-SRz4_ipHDjh0BX_-ct-PgIRC7QUGdmYgHHZXXeNbhjxvHpMLbPbEtRmNTcSodxuU9TYbPCcAZ8Eyd18E&sig=Cg0ArKJSzFcjtWZKcSatEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=107,790,1000,1087,1218&tos=107,683,210,87,131&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655317433926&rpt=199&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7A4F 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Jun 2022 18:23:55 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 ajax.php Show response
s6.xqndy.com/ajax/ 36 B
286 B 1099ms
1098ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s6.xqndy.com/ajax/ajax.php?type=34&domain=&g_div=s_sogoulink&g_type=html&1655317435000&_=1655317435825

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

d3f7c043b502e9e40c62773d70727db9478784acd0808a32a4887c31bf3b090f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ajax.php Show response
s2.xqndy.com/ajax/ 33 B
283 B 705ms
705ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s2.xqndy.com/ajax/ajax.php?type=35&domain=&g_div=s_youdao&g_type=html&1655317436000&_=1655317436326

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

35b7521039e125c3603b473eb7629b6928635a3204224fdf61092e8badf756f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ajax.php Show response
s3.xqndy.com/ajax/ 37 B
287 B 679ms
679ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.xqndy.com/ajax/ajax.php?type=36&domain=&g_div=s_youdaolink&g_type=html&1655317436000&_=1655317436327

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

f1a006dac953e89fce8978cceeffcdcfabd73a1a0bbc9a081e4b164161041767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ajax.php Show response
s5.xqndy.com/ajax/ 195 B
343 B 21ms
20ms Script
text/html 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

ec063adcd4635271a0f6bf052d6fd1e04112972f0b544bf5f8fa210905dca5d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jun 2022 18:23:56 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 0.gif
www.xqndy.com/images/br1/ 488 B
693 B 12ms
11ms Image
image/gif 159.69.57.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xqndy.com/images/br1/0.gif

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.57.55 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.55.57.69.159.clients.your-server.de

Software

nginx /

Resource Hash

a66ea2f34d9b1b3c047eaf2e57a1cc0aa52dfb955cd5d3e26cbfc857f220a079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/site/pontofrio.com.br.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:56 GMT
last-modified: Sat, 08 Aug 2020 14:35:16 GMT
server: nginx
etag: "5f2eb824-1e8"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 488
expires: Fri, 15 Jul 2022 18:23:56 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 428ms
428ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1322209803&si=8e77fe1f0eabaa1c0eb08f18ed0816e5&v=1.2.94&lv=1&sn=34406&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&tt=%C2%A0Pontofrio.com%3A%20a%20maior%20loja%20de%20Eletr%C3%B4nicos%20e%20Eletrodom%C3%A9sticos%20do%20Brasil%20pontofrio.com.br%E5%AE%98%E7%BD%91-%E7%BD%91%E7%AB%99%E7%BB%BC%E5%90%88%E6%9F%A5%E8%AF%A2-%E5%9F%9F%E5%90%8D%E4%BB%B7%E5%80%BC%E8%AF%84%E4%BC%B0-SEO%E5%88%86%E6%9E%90-%E7%AB%99%E9%95%BF%E5%B7%A5%E5%85%B7

Requested by

Host: www.xqndy.com
URL: https://www.xqndy.com/site/pontofrio.com.br.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Jun 2022 18:23:56 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 51ms
51ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220613&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

229cf16521d974125cbe33c705fb8ce9a6292d7221be043c8b6d045e3576951c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jun 2022 18:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10636
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 18:23:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A549 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xqndy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 17:50:40 GMT
expires: Thu, 15 Jun 2023 17:50:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D429 783 B
1 KB 134ms
46ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbf9ac4e3ea585a2dc0fa34636f2acf0dce866d788c38246f58315d246ac0449

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vKd-n4FLjmq0uXQ7Uy81qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xqndy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-vKd-n4FLjmq0uXQ7Uy81qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 18:23:57 GMT
expires: Wed, 15 Jun 2022 18:23:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Fp7ECwttPu2Qt8V9RhmSdP8PTUkobZWfkzIiSeRIuag.js Show response
pagead2.googlesyndication.com/bg/ Frame A549 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fp7ECwttPu2Qt8V9RhmSdP8PTUkobZWfkzIiSeRIuag.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169ec40b0b6d3eed90b7c57d46199274ff0f4d49286d959f93322249e448b9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 12:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13866
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 12:37:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D429 0
0 101ms
101ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220613&jk=2952587754359699&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A549 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ji7OTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7A4F 2 KB
3 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05808c39b0affa660efe7bd3d2fc943ce7843ffa1a0109977f411c3d66b8948c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 18:23:56 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1187596
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2334
expires: Wed, 29 Jun 2022 12:17:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220613&jk=2952587754359699&bg=!QkGlQQXNAAbASn8N4Eo7ACkAdvg8Wug52bx7sSmXJ_K-HzwPbPdYS0OdMeeI5Uy6Cizk1xzK_20iVwIAAABcUgAAAAJoAQcKABG4SBUcU-yYlnPLsx39zFhjDJkCm2AEmM3IOUhoG0dm5TjpV38BomsYO99NMQKwpuj7HTXEMnDpJiSvHAmEGzCZb9I-jm1kuliWtBbD5vxITGy8jZPpvYcSIP8SpSQ-20_d8SEvW-J3piI-TYvdgdgEy2OW38kfDMurQmjXcYm1pCfWhIdUcN9ult099Z90P4Ftivw7QJuFNL1CyvzVB95jWd431JfHTRPZseDsO9ddtKZ1m9-HHVVK5ehjmQqvQMqR_9TYIt4qiyfDVcX_ubs4Ordjvd5zsiNbOHVwB1HHVi2cFt_HmUMCg0i-LQ-yxvTN04eShyZ397X_FhxgSE3pENRxTJzFUaJ4psnxyG7yN0ee5TgLr_BHJWdC8mOgie8NS2bFDwD-3DdLX01g7OJDugZYVL0YrpOz-ZeKUgkafP_rmO_yIfoIlU1SCD0Zw1PWImeHQQIjt4OnnXNZJDVsqMhi3b-l9ijVOjfjtZzOgi7rVGblzAyhE561N_ag_wXk82XrEZh-1NSpTqFy4jl0gnNOY6De_6MMTmlmC9h4tS7TbYVNWBiETKBh6GNmEff5Cb9GqlWYQpYGOjFj7g1dMAAsYJFObEVLfl8lD7m4p2hx_CXZLjHVO4xdfWkduoYcQfiLdCV1IL_sW6IRC5OaTKLde-MqofHYzF7FWV38YzswrZdc5eZbi59TSRno04Kvz_xRankjLxq1WqdyFEOrwZ4siQ3sM4Qv1XmsLO9Fncc8B7yEUJTzcV08UWC9UOaaoBM1Eig0Ag1qaTXbqvMHdQlEgsuOUFjN64koVCe5nTovAWJz3avlJaPSffj7h0nzwWVq1b7O3vBzXQHfZXyFzB_M9IJoLnY278mZbuEFLHSr2kvH9mB5pMNJkY65BmbIJZEklktZAFj8y5lhM8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xqndy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: traffic.alexa.com
URL: https://traffic.alexa.com/graph?w=540&h=150&r=3m&y=t&u=pontofrio.com.br

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xqndy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d10d1330ed20007e793c32e181d09be4
.xqndy.com/	1970-01-20 13:10:13	Name: __gads Value: ID=bc3e59c211511e09-226e0f09b3cd002c:T=1655317433:RT=1655317433:S=ALNI_MYRnOQg5rwzsq5v-jNiQwP2hZdYSg
.doubleclick.net/	1970-01-20 13:10:13	Name: IDE Value: AHWqTUkVp1BVbqV4MWK5XuVkgA1Q1gt7ibvDTmJmggSGAltMEIsEf8Z8Xd2WXIHXvNs
s2.xqndy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7db5225356460f537c721dc856cce21b
s6.xqndy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ffb7fe8598df01bdae3793b91af9cf69
s3.xqndy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 362e17ac3d980ddecfe54804c7cedd55
s5.xqndy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: aa797d5d361efa2147a2eb457781083e
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 97D3C5CA9E9E989A
s4.xqndy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 45e4d5b63d90ff898df8a1611436e1df
s1.xqndy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 932102eeef98cfde4c7095ef6e8149b1
.xqndy.com/	1970-01-20 12:34:13	Name: Hm_lvt_8e77fe1f0eabaa1c0eb08f18ed0816e5 Value: 1655317436
.xqndy.com/	1969-12-31 23:59:59	Name: Hm_lpvt_8e77fe1f0eabaa1c0eb08f18ed0816e5 Value: 1655317436

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.xqndy.com/site/pontofrio.com.br.html(Line 327) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.xqndy.com/site/pontofrio.com.br.html(Line 327) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://traffic.alexa.com/graph?w=540&h=150&r=3m&y=t&u=pontofrio.com.br Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3117042864592570&output=html&h=280&slotname=4563913468&adk=2335523647&adf=3296512626&pi=t.ma~as.4563913468&w=970&fwrn=4&fwrnh=100&lmt=1655317433&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fwww.xqndy.com%2Fsite%2Fpontofrio.com.br.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655317433386&bpp=2&bdt=382&idt=163&shv=r20220613&mjsv=m202206130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3950127467713&frm=20&pv=1&ga_vid=394249544.1655317434&ga_sid=1655317434&ga_hid=1791682454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=89&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31068038%2C42531606%2C42531608&oid=2&pvsid=2952587754359699&tmod=1603320936&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BW8fNljwG1&p=https%3A//www.xqndy.com&dtd=166 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
csm.eu.criteo.net
googleads.g.doubleclick.net
hm.baidu.com
jspassport.ssl.qhimg.com
mini.s-shot.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
s.360.cn
s.ssl.qhres2.com
s1.xqndy.com
s2.xqndy.com
s3.xqndy.com
s4.xqndy.com
s5.xqndy.com
s6.xqndy.com
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
traffic.alexa.com
www.google.com
www.googletagservices.com
www.xqndy.com
traffic.alexa.com
103.235.46.191
142.250.74.194
159.69.57.55
171.8.167.89
178.250.0.139
178.250.2.148
178.250.2.150
2600:9000:2156:e000:12:30a1:de00:93a1
2600:9000:224a:7800:1e:a43d:b640:93a1
2600:9000:2315:2c00:0:e2b1:a380:93a1
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
95.217.24.20
0003113a1f74ac0417e93ab195139be79e07e3083d3cd751e33481708bfd7aa4
00335db085225067b8c8967acd225e42c483fd97f68b24d6d3136842125191ff
05808c39b0affa660efe7bd3d2fc943ce7843ffa1a0109977f411c3d66b8948c
07bcf7e6d0e4e35c6df3fda2913a6043f214bb0dadf4df3363c977d78f3bb881
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e28a95d80be8cfea173dc8050a8398697ab68486ee36fec55caeba3f9287b30
15b45cb30438a7ee60b76c65e7de2ac627644f1bcfe6270ae9882b327ee6bf68
169ec40b0b6d3eed90b7c57d46199274ff0f4d49286d959f93322249e448b9a8
1b011644d833c7366b2af2894746b9582fe3529d83ca7afe58283c3ee48bf573
1c72b01501ce51839dfab0427845ab379be7b0a9f9ec397ca266da1c5c8c21dc
1d454c4bb51bb78f82f9bcbb48b204f9a53db8d214dae02d1f7c7273822abaa5
229278f6a9c1c27fc55bec50f06548fe64c2629f59f462d50cac28e65bb93a83
229cf16521d974125cbe33c705fb8ce9a6292d7221be043c8b6d045e3576951c
23bfdf6c844627ca452f130ff3b5e816002aabe03b41fe45f88025b1dee63f23
2bc9f3649b6b80904e6e657c4bcc20d6d1afe894d41fc227f5bd1225df293527
2cc827ed1506394a6f2370f04853bd6b0948d4310bceb3f54e91530491dcd988
35b7521039e125c3603b473eb7629b6928635a3204224fdf61092e8badf756f3
4575659a641ce75323836fb8958a8218386a5bc1e4ac1acc02f8e652ba183a8b
4672b2dc1c15575781348fc3792704f5aa6abcb203200cda3c017a982cf14982
46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd
4a977f0cb5fd0f9222f6e9c83719c1c74cf7cf8d75e89420d8dad3fba5617312
4cdc800c5276e1636107f0e7e51a6dc7f6920b17f7cd40675e99258e6739da74
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2d7849e2e10d9611b2b1f02b984d6ac75a2c81b9dfaf706814d731f976b927
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c2fd267a1828a0933d9f21739db5a5615a509450ca5cc7f31e1c4236520e1cf
5df803022eaed70a9769685d1f60c261c786981b356b16c062d77bebd5041c44
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
86f87efb71cccda44534e8148513ca5375007c5d6cd13b4b66acf8691a85268e
891ae673331445e00149d031d499370d254465c5d1e67de1a5f624df4ddcbb6a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
9c083537ba7c647f03557cd3c03e75c32326ce6ba1f0ace4214ab08e51a67ceb
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54ef4dd64efaa8085dab01c5bc4f493ecf4e89e4d7b65269f60a1b5316ce066
a66ea2f34d9b1b3c047eaf2e57a1cc0aa52dfb955cd5d3e26cbfc857f220a079
a670321c1bbb98e69013e5a41521a3da5a64d37f0b42fc020481849d28760541
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a80bd8afe9fff36e67eab3284be57dd196d8ae54f4588a9cafd7ecfb8db32526
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
ac5721abe8a58463132dcf7586610bbb2f6eb4143847ca502ee67444e54734de
aed373d532a986d84dd34b3374744bc739eb023357f3d2666fc4c082856f176e
b20fa09a335f0fa196a376b44019a1f7147a56c875cef0fed363b13234cb1bdd
c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172
c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955
cbf9ac4e3ea585a2dc0fa34636f2acf0dce866d788c38246f58315d246ac0449
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3f7c043b502e9e40c62773d70727db9478784acd0808a32a4887c31bf3b090f
d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
df975aa5e60b6ee01b6cbc0e7a81dfba0eec0ec4e19f4b6ba641fa2c8e986ed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e700cc07133f33152adac4db7b52bb06fcafba45e73025322570a7dfa2489dcf
e7a34f3886cdda1982a170070de113119d0b3903771c4e9b8f1cbd72805e11bb
e9b6d531c9951450390ca5e0b64ce769eb84f9816aaf48c7c11fcad6f22c685b
ec063adcd4635271a0f6bf052d6fd1e04112972f0b544bf5f8fa210905dca5d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a006dac953e89fce8978cceeffcdcfabd73a1a0bbc9a081e4b164161041767
f3e8a709afe317f20ce6eb0c3a685df3e2f33022314c46afa6ebd17c4d4b2eab
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fa8ddfe2bc5b4cf36ebe7e56d516722b9f8ed138b347d02dd28f66c2c6778aac

www.xqndy.com Open in urlscan Pro 159.69.57.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

99 %HTTPS

60 %IPv6

16 Domains

28 Subdomains

21 IPs

6 Countries

701 kBTransfer

1815 kBSize

12 Cookies

1 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xqndy.com Open in urlscan Pro
159.69.57.55 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

99 %
HTTPS

60 %
IPv6

16
Domains

28
Subdomains

21
IPs

6
Countries

701 kB
Transfer

1815 kB
Size

12
Cookies

106 HTTP transactions
2 data transactions