su.google-info.org Open in urlscan Pro
95.217.186.71 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://su.google-info.org/
Submission Tags: @phishunt_io
Submission: On November 13 via api (November 13th 2021, 1:12:30 am UTC) from DE — Scanned from DE

Summary HTTP 132 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 16 domains to perform 132 HTTP transactions. The main IP is 95.217.186.71, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is su.google-info.org.
TLS certificate: Issued by R3 on November 12th 2021. Valid for: 3 months.

This is the only time su.google-info.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	95.217.186.71 95.217.186.71	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
6	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
9	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
32	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
2	54.36.108.3 54.36.108.3	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
132	27

7 95.217.186.71 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.71.186.217.95.clients.your-server.de

su.google-info.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.16 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.18 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.117 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	adform.net track.adform.net s1.adform.net	408 KB
19	criteo.net static.criteo.net pix.eu.criteo.net csm.eu.criteo.net	207 KB
17	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	205 KB
13	doubleclick.net googleads.g.doubleclick.net	41 KB
10	redintelligence.net hal9000.redintelligence.net hal900030.redintelligence.net hal900012.redintelligence.net	13 KB
8	mathtag.com tags.mathtag.com pixel.mathtag.com	6 KB
7	google-info.org su.google-info.org	37 KB
3	criteo.com rtb.fr.eu.criteo.com ads.eu.criteo.com cat.nl.eu.criteo.com	52 KB
3	googletagservices.com www.googletagservices.com	109 KB
3	google.com adservice.google.com www.google.com	2 KB
2	contentspread.net cdn.contentspread.net	2 KB
2	rambler.ru kraken.rambler.ru	1003 B
2	google.de adservice.google.de	589 B
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	googleadservices.com partner.googleadservices.com	513 B
1	top100.ru st.top100.ru	63 KB
132	16

	Domain	Requested by
32	s1.adform.net	track.adform.net s1.adform.net su.google-info.org
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com su.google-info.org googleads.g.doubleclick.net
9	pix.eu.criteo.net	ads.eu.criteo.com
9	static.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	su.google-info.org pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	track.adform.net	hal900030.redintelligence.net hal900012.redintelligence.net s1.adform.net
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	su.google-info.org	su.google-info.org
6	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
4	hal900012.redintelligence.net	hal9000.redintelligence.net hal900012.redintelligence.net
4	hal900030.redintelligence.net	hal9000.redintelligence.net hal900030.redintelligence.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	cdn.contentspread.net	hal900030.redintelligence.net hal900012.redintelligence.net
2	pixel.mathtag.com	tags.mathtag.com
2	hal9000.redintelligence.net	su.google-info.org
2	kraken.rambler.ru	st.top100.ru su.google-info.org
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	st.top100.ru	su.google-info.org
132	26

This site contains no links.

Subject Issuer	Validity	Valid
su.google-info.org R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.top100.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-15` - `2022-02-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-12` - `2021-12-10`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://su.google-info.org/
Frame ID: 6B5B965E7E27D366484064D18FFA1B0E
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: BBB1A1255C7911B5CFA29846FC0E1182
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&adk=2886369390&adf=3033102874&lmt=1636765945&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsu.google-info.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945076&bpp=4&bdt=171&idt=77&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=399632473075&frm=20&pv=2&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
Frame ID: 1F61B4919CF5652BD6275E78004A93AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=1105683511&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945080&bpp=1&bdt=176&idt=119&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OqqLy96IAi&p=https%3A//su.google-info.org&dtd=126
Frame ID: 6171F1FA81EF42A77B4871BACBB409C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=600&slotname=7837101497&adk=2444425496&adf=990620671&pi=t.ma~as.7837101497&w=300&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945081&bpp=1&bdt=177&idt=133&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oI51qNknjd&p=https%3A//su.google-info.org&dtd=135
Frame ID: 4D5669CCBC130FB1B726D35D83BCA237
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=918465267&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945082&bpp=1&bdt=178&idt=138&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8jIUc3te8O&p=https%3A//su.google-info.org&dtd=140
Frame ID: 066E9030545602C7136937106144575C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=280&slotname=7837101497&adk=2068671055&adf=3545222378&pi=t.ma~as.7837101497&w=624&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945083&bpp=1&bdt=179&idt=142&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=16&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6B7Grm8USd&p=https%3A//su.google-info.org&dtd=145
Frame ID: 5E7A20A0189A950B8BC3BAB0A01BC564
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=3695659443&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945083&bpp=1&bdt=178&idt=148&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=969&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=brgl8Rhg4z&p=https%3A//su.google-info.org&dtd=150
Frame ID: 796D50E9D6E79ADD1E2BE7CEA0A44C0D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=1663948951&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945084&bpp=1&bdt=180&idt=154&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280%2C302x250&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=333&ady=2335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=U6Vw4KckPt&p=https%3A//su.google-info.org&dtd=159
Frame ID: 98E6D9E9C07D1840BC4B580A124AC654
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=2617884559&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945085&bpp=1&bdt=181&idt=161&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280%2C302x250%2C302x250&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=333&ady=2952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=NDKG8T67dT&p=https%3A//su.google-info.org&dtd=162
Frame ID: 7D2FB85BA47A48B72811C3E395E8EACD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=280&slotname=7837101497&adk=2386618654&adf=3782704349&pi=t.ma~as.7837101497&w=1200&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945085&bpp=1&bdt=180&idt=165&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5cb6210af2b16de4-2226abae52cb0011%3AT%3D1636765945%3ART%3D1636765945%3AS%3DALNI_MawHmoMLww7PaK_cIf8rBr9SIUHIA&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280%2C302x250%2C302x250%2C302x250&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=15&ady=4615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=orvJwJLhS0&p=https%3A//su.google-info.org&dtd=167
Frame ID: 0CFF19D824BC29E8CC86E10CB118D960
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cmi09-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgSyAU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRyuxhVjNZjomuz4Uc9_-KUP-H4wOsTNrDUZ-ofoTlgcgy7GtQoQquABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MjU2ODIyMDQwNzMxOTc2GAA&sigh=hVMuYyki6wQ&uach_m=[UACH]&cid=CAQSGwCNIrLMwDQ07hfaz57aU4Lb60DcconJsERZJhgB&tpd=AGWhJmu_qMLfq3OFbVo_vwaKkN7l0pjex56DEQuLq88WZyYMIA7SEQ4edG0_rsqH_AH9i8OLetjS_LUUGKNMITXceURG09LwmE6P04S77hQCarKCyKfxZcA36sZ6qJI6IGXtQ7JhJRnfWlT3SsDeq8d4hz79-p10XOLu5tulxJQzRok0rPUEtjWUqIzJ9CH8kIakDVGt_X0g8TV99eTIYFZHuzQCG2sqj43JzfLBF_ZL1Hjh0JhIgNMJd8LvAWy7giyab1zcAyPricvdu2FBgL0swRlgDHWPeQSPTE_uMZo5h7goFMnZ84hJA7wDmWKWEtfEyspZ7dFNz5WPda7y9-qMaaGiJiMEquM-YvCdDfzwkarWw98Rps6ofJH6Fjl4GOM9FC6Zi8nclyv4nphTk6IfXwNFbVFxbtI3naWYaTU9Qr2NaqgW12Mg2lX4FVsltfe6FU2X_HiJHUY0HYzWOxnSMCtzMk2Np4UTpk1ISlp66hknH_u-vpFahlTUROGPWv7Gt_4k19DviPd6nHtpAtAEYCSXMbqmlAbrtNZdpaI5LnPaMNx0MwWFM8APLJUM0KPbKgdPRqlKuOHIbU8u9Omt7AAiYkDpjM-qxgGHxYN4LndL16NSBOj_9zWQJ-j_bqNv7qSSytKuoUx7_v5OF05tQV_PZfVluiTxQCEqZ0R4_bgV2UBxR-SwUQZko2PJPzkQh2Rgxu93e6s9WyU5530kK4s1tLjgqUpWm4TRvUIFXQdnoLQVHv_q_OJVk3Ye1FVPgegGfeXU5BPzdq2Jh-ed0c3R2ayCCYrKxtlbhaMObPZwaTHHuBIF7FpSg0oVgNb65MIGOgTg2sa4c0Nv3woMXTX75WoJHUDEbUs2myOYXGcncIyq77L7AG1tbf86VBfe0NwzIJL3lxzYmzRYalUNEOPvX-rebPcBUUttTHpVqXrAoRpqxYuqm4RjOb2xJX97k5YgaeFvcGfeDoC4Bk1uPinrAWkQHpXefiJUjowJFY9mz6zZDpv2QAXdivqB8f5C4m22eQQxxQFFxjffQGdOWe097W3doFXxHDBFVYDC7TOu6122UCSjfc68oAg0ScdH7HTI8g
Frame ID: 8303032E79CE235B5A7A807CF54CCAF1
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cgsjz-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS5AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjqJdtjfrr-rzMb3cpqGdWrnzeS5XB1dxcuLHHOmXVJGIQKi-ALU7gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODI1NjgyMjA0MDczMTk3NhgA&sigh=Q1lzZx2BAGY&uach_m=[UACH]&cid=CAQSGwCNIrLMR75B1FbhMhcAEATgcIRMYHtSpyi94BgB&tpd=AGWhJmteuiIdq8we6vdSTvvGA6YXRf_3lYCqVfm_v3xknw4HPa7ci5NYVirmpfCK5Y_xcg04PdZOOVT9_sm4pZoNZVl9T6Uw7OEvEI-pT7ZfbTmNapkNfvn2-CqrPcPO-iIDIiK4worm5k6skz88nhp-v1KFnMX8l6C2rLpl_I0LAP9bvfgXnKpL4b2k_ttfdUeS6wFKh09HdLYaljVwY_FqhtF1_2gzhzxs70QzgPAm4kgFVrJvFvFgy6eZ39FifhjUzzCAohGDQsigVwDTx5_44pTDdJ8tPYdJFA8rRnUFEmoQYuPUDrVLVZfoFAobPMVdKzMaaGE1Pm3UyE-O5H1k89OW3_5m-5rR0HQUx5iG49bVvy5Z4x8omwtfIVLDzvOt0saFcSN3ZmXZqJfGaKWT25vAFhcVmvi8R0p8A7XqlbTczizHN9lfPT0rDWlgmTYVVjk9RZ6RH8JseX-lGQIPCYif8UUxNqashvsAxYmJEojlnyTMZyhAzgqioTlKZAdx8l2P84wwh0YBdc76kRQU6gTb5O7eeOTUwGRbJNr8Q7ZshPSAWXLFoaOVVXg4yFaNhqww6TmSh0DusQuQVfVWFnhQODXIbZMPyAkEduwv3oG2WNCUK--yigyH0bYCLFOU2bnLq5VZQRjRxL1fO_oUPlaWGerRHHqG5PtupjFKZOCfr8xC31cJoA1aKms1I-ncjmH15nxNqegHzWzmESwO2GImE72ZH6yWMWNsUlw8cwM6TzAJxpexUuz2ljr2QeVPdHVdDkMxnJvlVlti9_JAvRqap4_3p7jaIsqWHTDS5nDSfq9Cmfqbnqqqq2nFPHAW0rKgK7SP0WPUvsmNB6a1u9Y8y8a0Tm7BSSVRnhruWxTEwdJDpKst8-P-wzZgfg7wywQpCLEbTRrw7F7z-UO38hkqOKfK20ht58UrJv3ita3Il0Z4In6n5mWa5JKu-1knUMWW0iOm0rbISAIVQDvUGS8kEsxxPXHdKgu1iRuLg1UbEAwqBcwa2C54cgtU0wJVdMXHz445upkb2RhXJe4ImjAV2jRFbUFyPyiPswyspMaB4M5kzFXKRxgCK8I5JOxDA9_M9NoGvg
Frame ID: 97405DF8392D14AF6E9AD4C7E363F816
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Frame ID: DF029EF915EEEE496268CF4619C93E08
Requests: 22 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=64884100006365403500432011777030&a=4319c610
Frame ID: 29FF83E7DB53AC6D49E033E61FA0B322
Requests: 11 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=34506800006346403500432011777012&a=535637a7
Frame ID: BF2325BBE801FB2F50DAAE1CB43B03D1
Requests: 11 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/10431998/10431998.js?ADFassetID=10431998&bv=258
Frame ID: F6F61EC80D92D8C63453CA3C70C27B07
Requests: 14 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/10431998/10431998.js?ADFassetID=10431998&bv=258
Frame ID: 2EF5E492077B86FB9D7911BB23BE35BF
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 69E370631777244B52B5747B0C316C03
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9329B066366DD0581EC3BC38E5AE5B64
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free online encyclopedia. Did you know?

Page Statistics

132
Requests

100 %
HTTPS

42 %
IPv6

16
Domains

26
Subdomains

27
IPs

7
Countries

1153 kB
Transfer

2494 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

132 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
su.google-info.org/ 241 KB
16 KB 209ms
145ms Document
text/html 95.217.186.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://su.google-info.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.186.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.186.217.95.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: a5bb54285541ea53dd8600f692932f4616f92b1db7b2ffffff70ed43860e51fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 13 Nov 2021 01:12:24 GMT
Server: Apache/2.4.38 (Debian)
Cache-Control: no-cache, private, max-age=1
Expires: Sat, 13 Nov 2021 01:12:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15590
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 52ms
30ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: su.google-info.org
URL: https://su.google-info.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac5d44cc5f0ac328923c0bf191e04322715df347578fac482ed4a292706c5183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51353
x-xss-protection: 0
server: cafe
etag: 1516322938222958266
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
H/1.1 200
OK vendor.min.js Show response
su.google-info.org/js/web/ 33 KB
11 KB 58ms
29ms Script
application/javascript 95.217.186.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://su.google-info.org/js/web/vendor.min.js
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.186.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.186.217.95.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4aa9326d63782c8fbbff075fd37b1031ad87d6f43af89d12818d7f152eb17637

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 May 2020 17:42:08 GMT
Server: Apache/2.4.38 (Debian)
ETag: "8482-5a5efae901c00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 10784
Expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H/1.1 200
OK web.css
su.google-info.org/css/ 33 KB
6 KB 28ms
28ms Stylesheet
text/css 95.217.186.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://su.google-info.org/css/web.css
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.186.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.186.217.95.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 83691fb83015c6e2e21089f41ba14df7ae774154394f502d350e3119b1711417

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Oct 2021 14:35:37 GMT
Server: Apache/2.4.38 (Debian)
ETag: "84b6-5cf42641c8a12-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5651
Expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 189 KB
63 KB 133ms
41ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 5d0aea97b090054846223242f0be691ac828271b85469f4905bbb0a7edd40fc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 09:35:19 GMT
server: nginx/1.19.4
etag: W/"618e3557-2f440"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=3600
content-type: application/javascript
expires: Sat, 13 Nov 2021 02:12:25 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK body_bg.png
su.google-info.org/images/ 1 KB
1 KB 47ms
26ms Image
image/png 95.217.186.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://su.google-info.org/images/body_bg.png
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/css/web.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.186.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.186.217.95.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 16ca769df94485322e9a1f9015358e7b3b7f5f59fa6960ba07ce2dc162089f22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/css/web.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:24 GMT
Last-Modified: Sat, 07 Dec 2019 22:19:30 GMT
Server: Apache/2.4.38 (Debian)
ETag: "445-599248e5ec080"
Content-Type: image/png
Cache-Control: max-age=31557600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1093
Expires: Sun, 13 Nov 2022 07:12:24 GMT

GET
H/1.1 200
OK ads_bg.png
su.google-info.org/images/ 2 KB
2 KB 47ms
27ms Image
image/png 95.217.186.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://su.google-info.org/images/ads_bg.png
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/css/web.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.186.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.186.217.95.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 62409a8c1ee58a28f58542b7765f2fad51af4da2e04991dfc0a277aff38f81e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/css/web.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:24 GMT
Last-Modified: Mon, 27 Jan 2020 00:38:26 GMT
Server: Apache/2.4.38 (Debian)
ETag: "6ee-59d14534cc480"
Content-Type: image/png
Cache-Control: max-age=31557600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1774
Expires: Sun, 13 Nov 2022 07:12:24 GMT

GET
H/1.1 200
OK menu.svg
su.google-info.org/images/icon/ 353 B
707 B 27ms
27ms Image
image/svg+xml 95.217.186.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://su.google-info.org/images/icon/menu.svg
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.186.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.186.217.95.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 04b27b5d72eba808e6f6b3aedef95ff3366c6b38353dc788dac922615e858411

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Last-Modified: Sat, 07 Dec 2019 22:19:30 GMT
Server: Apache/2.4.38 (Debian)
ETag: "161-599248e5ec080"
Content-Type: image/svg+xml
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 353
Expires: Sat, 13 Nov 2021 01:12:26 GMT

GET
H/1.1 200
OK chevron_right.svg
su.google-info.org/images/icon/ 323 B
677 B 26ms
26ms Image
image/svg+xml 95.217.186.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://su.google-info.org/images/icon/chevron_right.svg
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.186.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.71.186.217.95.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: abfdb1a1720cf270248f176b92f184b055589c4d7c1ae01b9f2791aee14698cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Last-Modified: Sat, 07 Dec 2019 22:19:30 GMT
Server: Apache/2.4.38 (Debian)
ETag: "143-599248e5ec080"
Content-Type: image/svg+xml
Cache-Control: max-age=1
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 323
Expires: Sat, 13 Nov 2021 01:12:26 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
96 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8256822040731976&plah=su.google-info.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 98309
x-xss-protection: 0
server: cafe
etag: 13474340241825499027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame BBB1 11 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 12 Nov 2021 13:38:57 GMT
expires: Fri, 26 Nov 2021 13:38:57 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 41608
alt-svc: clear

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
513 B 74ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=su.google-info.org&callback=_gfp_s_&client=ca-pub-8256822040731976

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8256822040731976&plah=su.google-info.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cbca90793d1401fa6f2a7e5130f4ed557743a3dc0f6fdb8db26a30ba5483e685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: clear
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
424 B 54ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=su.google-info.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 36ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=su.google-info.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 39ms
38ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsu.google-info.org%2F&tn=DIV&cls=header%20hide-scroll&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: su.google-info.org
URL: https://su.google-info.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F61 10 KB
5 KB 123ms
123ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&adk=2886369390&adf=3033102874&lmt=1636765945&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsu.google-info.org%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945076&bpp=4&bdt=171&idt=77&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=399632473075&frm=20&pv=2&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d92e31acf59216059d658d9c3a25731128652897e60f23e813d8992fb06a16dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 4756
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 userip Show response
kraken.rambler.ru/ 13 B
420 B 132ms
41ms XHR
text/plain 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 5b680ea039ce8f3c31c0cf7a532cad5a8b651788eb87bfda1165dab49c7ba809

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://su.google-info.org
date: Sat, 13 Nov 2021 01:12:25 GMT
x-srv: 2node0044.top100.rambler.tech
content-type: application/octet-stream, text/plain
content-length: 13
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6171 26 KB
10 KB 124ms
124ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=1105683511&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945080&bpp=1&bdt=176&idt=119&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OqqLy96IAi&p=https%3A//su.google-info.org&dtd=126

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a6bd4faaf212de48c17ffc9be94db7f9bab7cc978b8e36e8ec7378ad36e347d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 10285
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D56 436 B
379 B 112ms
111ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=600&slotname=7837101497&adk=2444425496&adf=990620671&pi=t.ma~as.7837101497&w=300&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945081&bpp=1&bdt=177&idt=133&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=376&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oI51qNknjd&p=https%3A//su.google-info.org&dtd=135

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcd0f49b27ca0b986256c9c377ab49756b124f16ea6db646c131fd62b325299f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 066E 26 KB
10 KB 132ms
132ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=918465267&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945082&bpp=1&bdt=178&idt=138&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8jIUc3te8O&p=https%3A//su.google-info.org&dtd=140

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd198f9d053354fbf30c98fb6931d81c2b2840ff790f3923fd45a6fd1aa14614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 10329
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E7A 436 B
382 B 89ms
88ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=280&slotname=7837101497&adk=2068671055&adf=3545222378&pi=t.ma~as.7837101497&w=624&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=624x280&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945083&bpp=1&bdt=179&idt=142&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=16&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=6B7Grm8USd&p=https%3A//su.google-info.org&dtd=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06d2e4b102c295f66ca8b4d8eb6a4c66caa6024296d715f70982e31025e5bdea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 796D 20 KB
9 KB 125ms
124ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=3695659443&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945083&bpp=1&bdt=178&idt=148&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=969&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=brgl8Rhg4z&p=https%3A//su.google-info.org&dtd=150

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

424cbb6c10913cb36c5def6ad0b697388f3a4276630248d471f07474503bfc69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 8996
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=su.google-info.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=su.google-info.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98E6 436 B
379 B 110ms
110ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=1663948951&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945084&bpp=1&bdt=180&idt=154&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280%2C302x250&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=333&ady=2335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=U6Vw4KckPt&p=https%3A//su.google-info.org&dtd=159

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69d35529ef201a2559ceadb8ddbf17d8471817155825d3b0ebc6ee0c3c451e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D2F 436 B
379 B 90ms
90ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=2617884559&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945085&bpp=1&bdt=181&idt=161&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280%2C302x250%2C302x250&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=333&ady=2952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=NDKG8T67dT&p=https%3A//su.google-info.org&dtd=162

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7de78f153efaad465b062d13f1fe9639c764768c3376be6500737684ac04491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0CFF 436 B
383 B 98ms
98ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=280&slotname=7837101497&adk=2386618654&adf=3782704349&pi=t.ma~as.7837101497&w=1200&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945085&bpp=1&bdt=180&idt=165&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5cb6210af2b16de4-2226abae52cb0011%3AT%3D1636765945%3ART%3D1636765945%3AS%3DALNI_MawHmoMLww7PaK_cIf8rBr9SIUHIA&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280%2C302x250%2C302x250%2C302x250&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=15&ady=4615&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=orvJwJLhS0&p=https%3A//su.google-info.org&dtd=167

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3491f5a322f49ffaf4300fc46fc478a416327d75ce3d9cc813135c9abf11a341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 13 Nov 2021 01:12:25 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:12:25 GMT
cache-control: private

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
583 B 126ms
42ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=6860606&rid=1636765945.18-13862199&tid=t1.6860606.1091603320.1636765945181&v=1.25.4&exp=exp_bot%2Csplit_a%2Cexp_ab3%2Ca&aduid=94c6e45e-53f1-478c-8f4d-5cc55a170118&aduidsc=google-info.org&rn=2078150806&bs=1600x1200&ce=1&rf&en=1&pt=Free%20online%20encyclopedia.%20Did%20you%20know%3F&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&fv&sv&lv&url=https%3A%2F%2Fsu.google-info.org%2F&eid=8200659451889811&stid=387151243_1636765945182&sn=1&sen=1&fid=pA8AAN9Js1ckWfw%2FAe2HGQA%3D&fip=pA8AAN9Js1fd%2ByoMAS9rmAA%3D
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
x-srv: 2node0044.top100.rambler.tech
access-control-allow-credentials: true
content-type: image/gif, image/gif
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8303 0
0 53ms
50ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmi09-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgSyAU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRyuxhVjNZjomuz4Uc9_-KUP-H4wOsTNrDUZ-ofoTlgcgy7GtQoQquABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MjU2ODIyMDQwNzMxOTc2GAA&sigh=hVMuYyki6wQ&uach_m=[UACH]&cid=CAQSGwCNIrLMwDQ07hfaz57aU4Lb60DcconJsERZJhgB&tpd=AGWhJmu_qMLfq3OFbVo_vwaKkN7l0pjex56DEQuLq88WZyYMIA7SEQ4edG0_rsqH_AH9i8OLetjS_LUUGKNMITXceURG09LwmE6P04S77hQCarKCyKfxZcA36sZ6qJI6IGXtQ7JhJRnfWlT3SsDeq8d4hz79-p10XOLu5tulxJQzRok0rPUEtjWUqIzJ9CH8kIakDVGt_X0g8TV99eTIYFZHuzQCG2sqj43JzfLBF_ZL1Hjh0JhIgNMJd8LvAWy7giyab1zcAyPricvdu2FBgL0swRlgDHWPeQSPTE_uMZo5h7goFMnZ84hJA7wDmWKWEtfEyspZ7dFNz5WPda7y9-qMaaGiJiMEquM-YvCdDfzwkarWw98Rps6ofJH6Fjl4GOM9FC6Zi8nclyv4nphTk6IfXwNFbVFxbtI3naWYaTU9Qr2NaqgW12Mg2lX4FVsltfe6FU2X_HiJHUY0HYzWOxnSMCtzMk2Np4UTpk1ISlp66hknH_u-vpFahlTUROGPWv7Gt_4k19DviPd6nHtpAtAEYCSXMbqmlAbrtNZdpaI5LnPaMNx0MwWFM8APLJUM0KPbKgdPRqlKuOHIbU8u9Omt7AAiYkDpjM-qxgGHxYN4LndL16NSBOj_9zWQJ-j_bqNv7qSSytKuoUx7_v5OF05tQV_PZfVluiTxQCEqZ0R4_bgV2UBxR-SwUQZko2PJPzkQh2Rgxu93e6s9WyU5530kK4s1tLjgqUpWm4TRvUIFXQdnoLQVHv_q_OJVk3Ye1FVPgegGfeXU5BPzdq2Jh-ed0c3R2ayCCYrKxtlbhaMObPZwaTHHuBIF7FpSg0oVgNb65MIGOgTg2sa4c0Nv3woMXTX75WoJHUDEbUs2myOYXGcncIyq77L7AG1tbf86VBfe0NwzIJL3lxzYmzRYalUNEOPvX-rebPcBUUttTHpVqXrAoRpqxYuqm4RjOb2xJX97k5YgaeFvcGfeDoC4Bk1uPinrAWkQHpXefiJUjowJFY9mz6zZDpv2QAXdivqB8f5C4m22eQQxxQFFxjffQGdOWe097W3doFXxHDBFVYDC7TOu6122UCSjfc68oAg0ScdH7HTI8g

Requested by

Host: su.google-info.org
URL: https://su.google-info.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=1105683511&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945080&bpp=1&bdt=176&idt=119&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OqqLy96IAi&p=https%3A//su.google-info.org&dtd=126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 13 Nov 2021 01:12:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 8303 2 KB
2 KB 51ms
15ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdNM1l6YzVaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwNjcwNjYzMjE3NDIxOTYyNzYvOTU1ODE4Ni85NDY0NjAyLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUSUlHMjl5Q2djb055cFVqei1GM1JYay8xLzQvMC8wLzE2OTAwODMvMC8yMjY1ODkvMTAxMDIwNi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzUwNjcwNjYzMjE3NDIxOTYyNzYvenJoLzAvNzY4MC8yMC85OTkvMi8yYTBmOjk0NDE6NTo6LzAuMDAwLzE2MzY3NjU5NDUvMTYzNjc3ODU0NS80L3B1Yi04MjU2ODIyMDQwNzMxOTc2Lw/IvM7nlvVTwIfZtpAU_lTthDH68M&nodeid=1615&group=zrh&auctionid=5067066321742196276&shardkey=5067066321742196276&sid=9464602&cid=9558186&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7rpY-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS1AU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRy-Rp0HnrfBmw-RQ-WJ6I7z_zsylcZGKg12ipfDsPBbCCjtE2URSakmc6ABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2yhBDPQ-YRcharQbgIDa_biQ9yVg%26client%3Dca-pub-8256822040731976%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=1105683511&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945080&bpp=1&bdt=176&idt=119&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OqqLy96IAi&p=https%3A//su.google-info.org&dtd=126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.2 /
Resource Hash: ae6b980d575d4b40f8a49063c8e3ea4f5d3544da91b60b108e99c3b7cd8961db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1636765945
Last-Modified: Sat, 13 Nov 2021 01:12:25 GMT
Server: MMBD/3.208.2
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x72, zrh-bidder-x126
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 8303 2 KB
1 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=1105683511&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945080&bpp=1&bdt=176&idt=119&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OqqLy96IAi&p=https%3A//su.google-info.org&dtd=126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:52:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8303 119 KB
37 KB 59ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 8303 15 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:41:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 796D 2 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=3695659443&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945083&bpp=1&bdt=178&idt=148&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=969&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=brgl8Rhg4z&p=https%3A//su.google-info.org&dtd=150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:52:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 796D 119 KB
36 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 796D 15 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:41:28 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9740 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgsjz-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS5AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjqJdtjfrr-rzMb3cpqGdWrnzeS5XB1dxcuLHHOmXVJGIQKi-ALU7gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODI1NjgyMjA0MDczMTk3NhgA&sigh=Q1lzZx2BAGY&uach_m=[UACH]&cid=CAQSGwCNIrLMR75B1FbhMhcAEATgcIRMYHtSpyi94BgB&tpd=AGWhJmteuiIdq8we6vdSTvvGA6YXRf_3lYCqVfm_v3xknw4HPa7ci5NYVirmpfCK5Y_xcg04PdZOOVT9_sm4pZoNZVl9T6Uw7OEvEI-pT7ZfbTmNapkNfvn2-CqrPcPO-iIDIiK4worm5k6skz88nhp-v1KFnMX8l6C2rLpl_I0LAP9bvfgXnKpL4b2k_ttfdUeS6wFKh09HdLYaljVwY_FqhtF1_2gzhzxs70QzgPAm4kgFVrJvFvFgy6eZ39FifhjUzzCAohGDQsigVwDTx5_44pTDdJ8tPYdJFA8rRnUFEmoQYuPUDrVLVZfoFAobPMVdKzMaaGE1Pm3UyE-O5H1k89OW3_5m-5rR0HQUx5iG49bVvy5Z4x8omwtfIVLDzvOt0saFcSN3ZmXZqJfGaKWT25vAFhcVmvi8R0p8A7XqlbTczizHN9lfPT0rDWlgmTYVVjk9RZ6RH8JseX-lGQIPCYif8UUxNqashvsAxYmJEojlnyTMZyhAzgqioTlKZAdx8l2P84wwh0YBdc76kRQU6gTb5O7eeOTUwGRbJNr8Q7ZshPSAWXLFoaOVVXg4yFaNhqww6TmSh0DusQuQVfVWFnhQODXIbZMPyAkEduwv3oG2WNCUK--yigyH0bYCLFOU2bnLq5VZQRjRxL1fO_oUPlaWGerRHHqG5PtupjFKZOCfr8xC31cJoA1aKms1I-ncjmH15nxNqegHzWzmESwO2GImE72ZH6yWMWNsUlw8cwM6TzAJxpexUuz2ljr2QeVPdHVdDkMxnJvlVlti9_JAvRqap4_3p7jaIsqWHTDS5nDSfq9Cmfqbnqqqq2nFPHAW0rKgK7SP0WPUvsmNB6a1u9Y8y8a0Tm7BSSVRnhruWxTEwdJDpKst8-P-wzZgfg7wywQpCLEbTRrw7F7z-UO38hkqOKfK20ht58UrJv3ita3Il0Z4In6n5mWa5JKu-1knUMWW0iOm0rbISAIVQDvUGS8kEsxxPXHdKgu1iRuLg1UbEAwqBcwa2C54cgtU0wJVdMXHz445upkb2RhXJe4ImjAV2jRFbUFyPyiPswyspMaB4M5kzFXKRxgCK8I5JOxDA9_M9NoGvg

Requested by

Host: su.google-info.org
URL: https://su.google-info.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=918465267&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945082&bpp=1&bdt=178&idt=138&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8jIUc3te8O&p=https%3A//su.google-info.org&dtd=140
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 13 Nov 2021 01:12:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 9740 2 KB
2 KB 36ms
12ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdNM1l6YzVaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MTQxNDQ4MTcxMzUzNDk0MzQvOTU1ODE4Ni85NDY0NjAyLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTTJWQmJHTmFVa21rR0wtd2x5cU1Ycy8xLzQvMC8wLzE2OTAwODMvMC8yMjY1ODkvMTAxMDIwNi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM5MTQxNDQ4MTcxMzUzNDk0MzQvenJoLzAvNzY4MC8yMC85OTkvMjU4LzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzNjc2NTk0NS8xNjM2Nzc4NTQ1LzQvcHViLTgyNTY4MjIwNDA3MzE5NzYv/HppBRMRNvm6UrriGoLhQY92r6tw&nodeid=1615&group=zrh&auctionid=3914144817135349434&shardkey=3914144817135349434&sid=9464602&cid=9558186&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.159&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyANA-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS8AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjuBfl6VHE070vBmUDXnd9UnubSTrDXlpk18HXEZt9Y-kWAYnvLK20GA1gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zVSGLNXBXt4Jr8LwUp5Z69GgivQ%26client%3Dca-pub-8256822040731976%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=918465267&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945082&bpp=1&bdt=178&idt=138&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8jIUc3te8O&p=https%3A//su.google-info.org&dtd=140
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.2 /
Resource Hash: 3770270eabb7de28007bdc5f8610f7b86d42a0bf6e50c6c5c6048dcab0c97038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1636765945
Last-Modified: Sat, 13 Nov 2021 01:12:25 GMT
Server: MMBD/3.208.2
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x64, zrh-bidder-x126
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9740 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=918465267&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945082&bpp=1&bdt=178&idt=138&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8jIUc3te8O&p=https%3A//su.google-info.org&dtd=140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:52:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9740 119 KB
36 KB 41ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=918465267&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945082&bpp=1&bdt=178&idt=138&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8jIUc3te8O&p=https%3A//su.google-info.org&dtd=140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 9740 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=300&slotname=3323141418&adk=978640161&adf=918465267&pi=t.ma~as.3323141418&w=300&lmt=1636765945&psa=0&format=300x300&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945082&bpp=1&bdt=178&idt=138&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1288&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8jIUc3te8O&p=https%3A//su.google-info.org&dtd=140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:41:28 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 796D 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJB4q-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLgBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCzhFD8KKYj6nfKaE1EcZvmvZ3FiOl5zNlzyX-5DG1CQafs-gP4K7IAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgyNTY4MjIwNDA3MzE5NzYYAA&sigh=qmbiA_IuFQs&uach_m=[UACH]&cid=CAQSGwCNIrLMcWOLFeyibkGZrD2g1Ki7F63L4Rwq9xgB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=3695659443&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945083&bpp=1&bdt=178&idt=148&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=969&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=brgl8Rhg4z&p=https%3A//su.google-info.org&dtd=150
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 13 Nov 2021 01:12:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Sat, 13 Nov 2021 01:12:25 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 796D 0
0 62ms
15ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UKW_EMz6RK4C-gGdg2ICAgAAAE9cCkoQFv9dEPkQj2GRYsokHW1JqQ9SDwAS&wp=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=3695659443&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945083&bpp=1&bdt=178&idt=148&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=969&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=brgl8Rhg4z&p=https%3A//su.google-info.org&dtd=150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:24 GMT
server: Kestrel
content-length: 0
server-processing-duration-in-ticks: 218856

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DF02 158 KB
52 KB 163ms
121ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8256822040731976&output=html&h=250&slotname=7837101497&adk=3833689462&adf=3695659443&pi=t.ma~as.7837101497&w=302&fwrn=4&fwrnh=100&lmt=1636765945&rafmt=1&psa=0&format=302x250&url=https%3A%2F%2Fsu.google-info.org%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636765945083&bpp=1&bdt=178&idt=148&shv=r20211109&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C300x600%2C300x300%2C624x280&nras=1&correlator=399632473075&frm=20&pv=1&ga_vid=1946075796.1636765945&ga_sid=1636765945&ga_hid=1177294700&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=969&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300&oid=2&pvsid=2132859347964004&pem=749&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeEbr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=brgl8Rhg4z&p=https%3A//su.google-info.org&dtd=150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 08c402477078c7179dc5dfe9382244ec1d71cea9216ec9b4698c62ef77d9ea20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Vt0KV9SjEG39li869m5Y4Vj0g9MqrglRtBXQim8oMNhI3_CSGX0IrtmBabod8nJIOjHK2KNv4hrsP5WpjUvY78REXZx-FclH0xsHt0zfqpC9zWYbOELR4AmpWP6WRvAbe-EuPBIXQT29qpXuO5pgaBftxRadLIL_5TMfcqpUUAiftyxz2MMtpEpcenczWYrh6IgJoPud74VWyXYDJd2SMbP7rQhSJOKjEdv9gI2k4N6KgvHgBZGmr_JoABf4PtgL-0f_wQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 107312557
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK 7vw59adviql2 Show response
hal9000.redintelligence.net/zone/ Frame 8303 10 KB
3 KB 44ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/7vw59adviql2?subid=&gdpr=1&gdpr_consent=li&rnd=5067066321742196276&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5067066321742196276%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D63a5618f-10f9-4501-8622-b6f3eaadae5e%26mt_cid%3D63a5618f-10f9-4501-8622-b6f3eaadae5e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7rpY-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS1AU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRy-Rp0HnrfBmw-RQ-WJ6I7z_zsylcZGKg12ipfDsPBbCCjtE2URSakmc6ABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2yhBDPQ-YRcharQbgIDa_biQ9yVg%2526client%253Dca-pub-8256822040731976%2526adurl%253D%26redirect%3D
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1c13cd3472fac930244e02b3b34bd23e138100c2a885ef9f236dca2a1c821eb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3258
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 8303 49 B
330 B 39ms
13ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=5067066321742196276&node_id=1615&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdNM1l6YzVaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwNjcwNjYzMjE3NDIxOTYyNzYvOTU1ODE4Ni85NDY0NjAyLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUSUlHMjl5Q2djb055cFVqei1GM1JYay8xLzQvMC8wLzE2OTAwODMvMC8yMjY1ODkvMTAxMDIwNi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzUwNjcwNjYzMjE3NDIxOTYyNzYvenJoLzAvNzY4MC8yMC85OTkvMi8yYTBmOjk0NDE6NTo6LzAuMDAwLzE2MzY3NjU5NDUvMTYzNjc3ODU0NS80L3B1Yi04MjU2ODIyMDQwNzMxOTc2Lw/IvM7nlvVTwIfZtpAU_lTthDH68M&nodeid=1615&group=zrh&auctionid=5067066321742196276&shardkey=5067066321742196276&sid=9464602&cid=9558186&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7rpY-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS1AU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRy-Rp0HnrfBmw-RQ-WJ6I7z_zsylcZGKg12ipfDsPBbCCjtE2URSakmc6ABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2yhBDPQ-YRcharQbgIDa_biQ9yVg%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: MMBD/3.208.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x68, zrh-bidder-x126
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 8303 43 B
373 B 55ms
23ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=5067066321742196276&v3=1010206&v4=9464602&v5=9558186&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdNM1l6YzVaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwNjcwNjYzMjE3NDIxOTYyNzYvOTU1ODE4Ni85NDY0NjAyLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUSUlHMjl5Q2djb055cFVqei1GM1JYay8xLzQvMC8wLzE2OTAwODMvMC8yMjY1ODkvMTAxMDIwNi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzUwNjcwNjYzMjE3NDIxOTYyNzYvenJoLzAvNzY4MC8yMC85OTkvMi8yYTBmOjk0NDE6NTo6LzAuMDAwLzE2MzY3NjU5NDUvMTYzNjc3ODU0NS80L3B1Yi04MjU2ODIyMDQwNzMxOTc2Lw/IvM7nlvVTwIfZtpAU_lTthDH68M&nodeid=1615&group=zrh&auctionid=5067066321742196276&shardkey=5067066321742196276&sid=9464602&cid=9558186&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7rpY-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS1AU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRy-Rp0HnrfBmw-RQ-WJ6I7z_zsylcZGKg12ipfDsPBbCCjtE2URSakmc6ABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2yhBDPQ-YRcharQbgIDa_biQ9yVg%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 8303 49 B
330 B 38ms
12ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=5067066321742196276&st=9464602&time=1636765945&nodeid=1615
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdNM1l6YzVaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUwNjcwNjYzMjE3NDIxOTYyNzYvOTU1ODE4Ni85NDY0NjAyLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUSUlHMjl5Q2djb055cFVqei1GM1JYay8xLzQvMC8wLzE2OTAwODMvMC8yMjY1ODkvMTAxMDIwNi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzUwNjcwNjYzMjE3NDIxOTYyNzYvenJoLzAvNzY4MC8yMC85OTkvMi8yYTBmOjk0NDE6NTo6LzAuMDAwLzE2MzY3NjU5NDUvMTYzNjc3ODU0NS80L3B1Yi04MjU2ODIyMDQwNzMxOTc2Lw/IvM7nlvVTwIfZtpAU_lTthDH68M&nodeid=1615&group=zrh&auctionid=5067066321742196276&shardkey=5067066321742196276&sid=9464602&cid=9558186&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7rpY-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS1AU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRy-Rp0HnrfBmw-RQ-WJ6I7z_zsylcZGKg12ipfDsPBbCCjtE2URSakmc6ABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2yhBDPQ-YRcharQbgIDa_biQ9yVg%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: MMBD/3.208.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x30, zrh-bidder-x126
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
H/1.1 200
OK 7vw59adviql2 Show response
hal9000.redintelligence.net/zone/ Frame 9740 10 KB
3 KB 35ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/7vw59adviql2?subid=&gdpr=1&gdpr_consent=li&rnd=3914144817135349434&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3914144817135349434%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64a5618f-10f9-4301-a544-3ed0f3543e2f%26mt_cid%3D64a5618f-10f9-4301-a544-3ed0f3543e2f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCyANA-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS8AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjuBfl6VHE070vBmUDXnd9UnubSTrDXlpk18HXEZt9Y-kWAYnvLK20GA1gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1zVSGLNXBXt4Jr8LwUp5Z69GgivQ%2526client%253Dca-pub-8256822040731976%2526adurl%253D%26redirect%3D
Requested by: Host: su.google-info.org
URL: https://su.google-info.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 449e3b8e888db8b54ce352683076532166a844df60bd02b19d93ec031f8d9412

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3270
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 9740 49 B
330 B 35ms
13ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=3914144817135349434&node_id=1615&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdNM1l6YzVaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MTQxNDQ4MTcxMzUzNDk0MzQvOTU1ODE4Ni85NDY0NjAyLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTTJWQmJHTmFVa21rR0wtd2x5cU1Ycy8xLzQvMC8wLzE2OTAwODMvMC8yMjY1ODkvMTAxMDIwNi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM5MTQxNDQ4MTcxMzUzNDk0MzQvenJoLzAvNzY4MC8yMC85OTkvMjU4LzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzNjc2NTk0NS8xNjM2Nzc4NTQ1LzQvcHViLTgyNTY4MjIwNDA3MzE5NzYv/HppBRMRNvm6UrriGoLhQY92r6tw&nodeid=1615&group=zrh&auctionid=3914144817135349434&shardkey=3914144817135349434&sid=9464602&cid=9558186&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.159&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyANA-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS8AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjuBfl6VHE070vBmUDXnd9UnubSTrDXlpk18HXEZt9Y-kWAYnvLK20GA1gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zVSGLNXBXt4Jr8LwUp5Z69GgivQ%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: MMBD/3.208.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x68, zrh-bidder-x126
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 9740 43 B
373 B 39ms
24ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=3914144817135349434&v3=1010206&v4=9464602&v5=9558186&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdNM1l6YzVaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MTQxNDQ4MTcxMzUzNDk0MzQvOTU1ODE4Ni85NDY0NjAyLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTTJWQmJHTmFVa21rR0wtd2x5cU1Ycy8xLzQvMC8wLzE2OTAwODMvMC8yMjY1ODkvMTAxMDIwNi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM5MTQxNDQ4MTcxMzUzNDk0MzQvenJoLzAvNzY4MC8yMC85OTkvMjU4LzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzNjc2NTk0NS8xNjM2Nzc4NTQ1LzQvcHViLTgyNTY4MjIwNDA3MzE5NzYv/HppBRMRNvm6UrriGoLhQY92r6tw&nodeid=1615&group=zrh&auctionid=3914144817135349434&shardkey=3914144817135349434&sid=9464602&cid=9558186&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.159&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyANA-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS8AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjuBfl6VHE070vBmUDXnd9UnubSTrDXlpk18HXEZt9Y-kWAYnvLK20GA1gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zVSGLNXBXt4Jr8LwUp5Z69GgivQ%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 9740 49 B
330 B 34ms
12ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=3914144817135349434&st=9464602&time=1636765945&nodeid=1615
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdNM1l6YzVaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MTQxNDQ4MTcxMzUzNDk0MzQvOTU1ODE4Ni85NDY0NjAyLzQvYlFyZVpXbG5LZjBpNXd1SHF5TjRUTTJWQmJHTmFVa21rR0wtd2x5cU1Ycy8xLzQvMC8wLzE2OTAwODMvMC8yMjY1ODkvMTAxMDIwNi8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM5MTQxNDQ4MTcxMzUzNDk0MzQvenJoLzAvNzY4MC8yMC85OTkvMjU4LzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzNjc2NTk0NS8xNjM2Nzc4NTQ1LzQvcHViLTgyNTY4MjIwNDA3MzE5NzYv/HppBRMRNvm6UrriGoLhQY92r6tw&nodeid=1615&group=zrh&auctionid=3914144817135349434&shardkey=3914144817135349434&sid=9464602&cid=9558186&bp=a_cfjjig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.159&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyANA-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS8AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjuBfl6VHE070vBmUDXnd9UnubSTrDXlpk18HXEZt9Y-kWAYnvLK20GA1gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1zVSGLNXBXt4Jr8LwUp5Z69GgivQ%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.208.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: MMBD/3.208.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x72, zrh-bidder-x126
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 13 Nov 2021 01:12:24 GMT

GET
DATA 200
OK truncated
/ Frame 796D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f71dd6de3fa7c7ac277ddaa83d6afe318fe019672accf42b3a87cb34acc2fc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request.php Show response
hal900030.redintelligence.net/ Frame 8303 613 B
774 B 88ms
51ms Script
application/x-javascript 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=b521e1701c&subid=&uid=fe8622caac3d2964&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5067066321742196276%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D63a5618f-10f9-4501-8622-b6f3eaadae5e%26mt_cid%3D63a5618f-10f9-4501-8622-b6f3eaadae5e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7rpY-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS1AU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRy-Rp0HnrfBmw-RQ-WJ6I7z_zsylcZGKg12ipfDsPBbCCjtE2URSakmc6ABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2yhBDPQ-YRcharQbgIDa_biQ9yVg%2526client%253Dca-pub-8256822040731976%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8256822040731976%26output%3Dhtml%26h%3D300%26slotname%3D3323141418%26adk%3D978640161%26adf%3D1105683511%26pi%3Dt.ma~as.3323141418%26w%3D300%26lmt%3D1636765945%26psa%3D0%26format%3D300x300%26url%3Dhttps%253A%252F%252Fsu.google-info.org%252F%26flash%3D0%26fwrattr%3Dtrue%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1636765945080%26bpp%3D1%26bdt%3D176%26idt%3D119%26shv%3Dr20211109%26mjsv%3Dm202111080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D399632473075%26frm%3D20%26pv%3D1%26ga_vid%3D1946075796.1636765945%26ga_sid%3D1636765945%26ga_hid%3D1177294700%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D1288%26ady%3D70%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D182982100%252C182982300%26oid%3D2%26pvsid%3D2132859347964004%26pem%3D749%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DOqqLy96IAi%26p%3Dhttps%253A%2F%2Fsu.google-info.org%26dtd%3D126&ancestorOrigins=null&random=2638414419244&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/7vw59adviql2?subid=&gdpr=1&gdpr_consent=li&rnd=5067066321742196276&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5067066321742196276%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D63a5618f-10f9-4501-8622-b6f3eaadae5e%26mt_cid%3D63a5618f-10f9-4501-8622-b6f3eaadae5e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7rpY-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS1AU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRy-Rp0HnrfBmw-RQ-WJ6I7z_zsylcZGKg12ipfDsPBbCCjtE2URSakmc6ABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2yhBDPQ-YRcharQbgIDa_biQ9yVg%2526client%253Dca-pub-8256822040731976%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 22bc024f5df80137ab83a43092f0ce52bfdd5f73756a5989d522a60cd2c7e660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:12:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 64884100006365403500432011777030
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Sat, 13 Nov 2021 01:12:25 +0100

GET
H/1.1 200
OK request.php Show response
hal900012.redintelligence.net/ Frame 9740 613 B
774 B 140ms
106ms Script
application/x-javascript 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=f280619c92&subid=&uid=728c67baddc8cf2a&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3914144817135349434%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64a5618f-10f9-4301-a544-3ed0f3543e2f%26mt_cid%3D64a5618f-10f9-4301-a544-3ed0f3543e2f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCyANA-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS8AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjuBfl6VHE070vBmUDXnd9UnubSTrDXlpk18HXEZt9Y-kWAYnvLK20GA1gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1zVSGLNXBXt4Jr8LwUp5Z69GgivQ%2526client%253Dca-pub-8256822040731976%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8256822040731976%26output%3Dhtml%26h%3D300%26slotname%3D3323141418%26adk%3D978640161%26adf%3D918465267%26pi%3Dt.ma~as.3323141418%26w%3D300%26lmt%3D1636765945%26psa%3D0%26format%3D300x300%26url%3Dhttps%253A%252F%252Fsu.google-info.org%252F%26flash%3D0%26fwrattr%3Dtrue%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1636765945082%26bpp%3D1%26bdt%3D178%26idt%3D138%26shv%3Dr20211109%26mjsv%3Dm202111080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x300%252C300x600%26nras%3D1%26correlator%3D399632473075%26frm%3D20%26pv%3D1%26ga_vid%3D1946075796.1636765945%26ga_sid%3D1636765945%26ga_hid%3D1177294700%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D1288%26ady%3D998%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D182982100%252C182982300%26oid%3D2%26pvsid%3D2132859347964004%26pem%3D749%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3D8jIUc3te8O%26p%3Dhttps%253A%2F%2Fsu.google-info.org%26dtd%3D140&ancestorOrigins=null&random=9295218440156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/7vw59adviql2?subid=&gdpr=1&gdpr_consent=li&rnd=3914144817135349434&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3914144817135349434%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64a5618f-10f9-4301-a544-3ed0f3543e2f%26mt_cid%3D64a5618f-10f9-4301-a544-3ed0f3543e2f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCyANA-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS8AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjuBfl6VHE070vBmUDXnd9UnubSTrDXlpk18HXEZt9Y-kWAYnvLK20GA1gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1zVSGLNXBXt4Jr8LwUp5Z69GgivQ%2526client%253Dca-pub-8256822040731976%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 64a44804c3fd3a81e3ecf38fd0bb10cfd21ee540dc1bb4c0b96ee6b6d16766ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:12:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 34506800006346403500432011777012
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Sat, 13 Nov 2021 01:12:25 +0100

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame 29FF 4 KB
2 KB 39ms
13ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=64884100006365403500432011777030&a=4319c610
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=b521e1701c&subid=&uid=fe8622caac3d2964&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5067066321742196276%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D63a5618f-10f9-4501-8622-b6f3eaadae5e%26mt_cid%3D63a5618f-10f9-4501-8622-b6f3eaadae5e%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC7rpY-RCPYereDZiH7_UPmYis6A_Ph46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS1AU_Q-9P321QUoQFpZzcQfL50eyfO6OIgsxIR6jpIZUEXQrdoQNRUJ3HRW8MmvZQ0Cf6F3pfG7KMrm4mS_713SScNR1NBzDH7bfvoQz2gJqUFENR7QJkBitd_grGgcnb_on8ERJGVVpMR6I931O7dENZ3qVjuYFvkN-d34XDxeNfFeiAmEsIF1Bxe3aRy-Rp0HnrfBmw-RQ-WJ6I7z_zsylcZGKg12ipfDsPBbCCjtE2URSakmc6ABt_nrvfUuLW8pwGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2yhBDPQ-YRcharQbgIDa_biQ9yVg%2526client%253Dca-pub-8256822040731976%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8256822040731976%26output%3Dhtml%26h%3D300%26slotname%3D3323141418%26adk%3D978640161%26adf%3D1105683511%26pi%3Dt.ma~as.3323141418%26w%3D300%26lmt%3D1636765945%26psa%3D0%26format%3D300x300%26url%3Dhttps%253A%252F%252Fsu.google-info.org%252F%26flash%3D0%26fwrattr%3Dtrue%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1636765945080%26bpp%3D1%26bdt%3D176%26idt%3D119%26shv%3Dr20211109%26mjsv%3Dm202111080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D399632473075%26frm%3D20%26pv%3D1%26ga_vid%3D1946075796.1636765945%26ga_sid%3D1636765945%26ga_hid%3D1177294700%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D1288%26ady%3D70%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D182982100%252C182982300%26oid%3D2%26pvsid%3D2132859347964004%26pem%3D749%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DOqqLy96IAi%26p%3Dhttps%253A%2F%2Fsu.google-info.org%26dtd%3D126&ancestorOrigins=null&random=2638414419244&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 406cdb3c23096004e4d33b279cdf8a3878f745a3cab416dc638064bcfb5df6a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 13 Nov 2021 01:12:25 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1522
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8303 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 001c3fd19a5c844fff2d21ddfd599a84023d8fce31708072e135956c604c07a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DF02 2 KB
1 KB 41ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy_small.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DF02 2 KB
1 KB 41ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DF02 308 B
608 B 41ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/close_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame DF02 507 B
807 B 35ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/back_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame DF02 43 B
344 B 54ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZAYvjVpK7UNOzZVT8RZfYtdX4rCkZLWwvJ8yZw7RxwUhUuEhD9sP6ZRvo5IC3MV9AfV5ibwmGmwo4brmZcc04M-BPh8oYYSbXZ-KgXC8veGvNcQWA5wigXWY7Ro_cjpWebDKHoaYFVz99iYlwledkQrMSRg97wm-_EzJp8jZWGqcIAoyZgv7JGyKj6uMY3WNWQSGqWjr-Y3bY4iFSb-sTyEg-1zy7LlPj54zIBUp4YBJcELCmWxuzjMNzQ_SIGXlaG9tV9DzfBLBCgkwLVL_4nrjO3LbSxT6_n0MrZQ7Em45mF1gqy4fYlVg1AiahG4BFUncvuOm4LNDHx1n3peG9tWRFxMde-PA8BjVg81pWNphth7hUCyXK4PCwdf7pGAdL9HB79gB_Kh-QTUg4L0O7c7Su0bSd2wlz80SrLbmcC4vANEym_3jcZnxjQEdakp9wyJzgg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6437
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DF02 12 KB
5 KB 29ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 93529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAINBW5RFb5potdOtZGGynOUCT6fUjyIDZ7khmn3ZlS9guACyTU1QbYYp7dTtxqlRRLsphbdXytS5kcCsv412DA2rvad%2F9%2BT4CGGsgI62HVp47n9wljtn3M26sNch5jrV%2BHZHN%2BFFuL0gB7Va5rTpumU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ad421b89ddb42ee-FRA
x-cache-tag: abcd1234
expires: Thu, 03 Nov 2022 01:12:25 GMT

GET
H2 200 481598564da646f69bf741ec80763656_museocyrl-500.woff
static.criteo.net/design/dt/ Frame DF02 45 KB
45 KB 36ms
12ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/design/dt/481598564da646f69bf741ec80763656_museocyrl-500.woff
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
last-modified: Thu, 28 Jun 2018 08:44:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b349ff6-b5a0"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H2 200 bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
static.criteo.net/design/dt/ Frame DF02 45 KB
45 KB 51ms
28ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/design/dt/bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
last-modified: Thu, 28 Jun 2018 08:44:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b349ff6-b498"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DF02 12 KB
6 KB 12ms
12ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/animejs/animejs.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 8 KB
8 KB 99ms
60ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?h=158&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2Ffd60b42c500a47969d666715f9e0f7e9_logosin.png&v=3&w=600&s=rYn_kHhHlsSMGBQyoSZHuyU1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 0a0570d87a56207b3acc2454877a8d1d6ce9965b2f82fa39c791fe2538ab9a17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28958628
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7710
expires: Fri, 14 Oct 2022 05:16:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 12 KB
12 KB 59ms
21ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1534252881%2F16133705-j7ewYSeG.jpg&v=3&w=400&s=E-5pmStuHdfWYSFYPRIeYuXH&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e73fa32bba14a4a95d9a4d02663134340805ff735a7c942b9214d3401014c1f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=287680
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12304
expires: Tue, 16 Nov 2021 09:07:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 12 KB
12 KB 60ms
21ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1534252857%2F16128126-ZvMYztIO.jpg&v=3&w=400&s=ZTShTpOHsLFYY0vGDuJPwzTO&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: d35c27586b5cf117fc67a2d3d48789eeaf18038528e4aa5aec627b5287fc5871

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=538582
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12306
expires: Fri, 19 Nov 2021 06:48:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 3 KB
3 KB 50ms
12ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544802950%2F18353983-JekpOJhC.jpg&v=3&w=400&s=WS84hzcqQqv1SwpTXBe71kG9&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 1d7549d6513e7c28a55a0879a5bba504213eed0bc16b765fc680022efaabc117

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=458154
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3134
expires: Thu, 18 Nov 2021 08:28:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 11 KB
11 KB 51ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19307127-lDSBOQQe.jpg&v=3&w=400&s=G_ucFYYzOWAhQyQWxzKOnEuQ&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: eb3c427f5d3e949223e20f8b19f7c2fa12bc3f90fda4e843106ce3cd918d98f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=492952
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11390
expires: Thu, 18 Nov 2021 18:08:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 15 KB
15 KB 50ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16116377-L9CoFGjv.jpg&v=3&w=400&s=r0ajBxzS0KMGPHhZKQ4_4tEA&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 8be1fd1245ede2ae2a3a55835c455ffb3904799ebfd31403db80e6154aae41a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=25424
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15414
expires: Sat, 13 Nov 2021 08:16:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 17 KB
17 KB 14ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19274140-qGbQocSH.jpg&v=3&w=400&s=R1uafv56oEEzhXenPqf-NbAq&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: c81d2f11bb22e604f678a4c889099a9a0cfba9aecddc836400e35efe931c68ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=203631
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16910
expires: Mon, 15 Nov 2021 09:46:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 10 KB
10 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1475759793%2F16210225-sIZjtkhg.jpg&v=3&w=400&s=8kBEDUSrdzQj7PbkcDTtbDUv&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 6004f7b9e0f41be3c5cdf30a01be7448bf1ae72a014bdab7d13d32160fb26430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=444059
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9972
expires: Thu, 18 Nov 2021 04:33:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DF02 14 KB
15 KB 13ms
12ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20096256-0T0RPH7t.jpg&v=3&w=400&s=cXXhxC3ncJpLb5QHQWapevQF&b=400
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ab6b6c7a7ebfce5c873bf9ab704e5905b32738b09fac42e8b55801d6668cf360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=445572
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14814
expires: Thu, 18 Nov 2021 04:58:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DF02 0
99 B 48ms
12ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=Vt0KV9SjEG39li869m5Y4Vj0g9MqrglRtBXQim8oMNhI3_CSGX0IrtmBabod8nJIOjHK2KNv4hrsP5WpjUvY78REXZx-FclH0xsHt0zfqpC9zWYbOELR4AmpWP6WRvAbe-EuPBIXQT29qpXuO5pgaBftxRadLIL_5TMfcqpUUAiftyxz2MMtpEpcenczWYrh6IgJoPud74VWyXYDJd2SMbP7rQhSJOKjEdv9gI2k4N6KgvHgBZGmr_JoABf4PtgL-0f_wQ&sds=2&rev=79295.5&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 13 Nov 2021 01:12:25 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DF02 2 KB
1 KB 12ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DF02 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YY8Q-QAD2JcIu8X1AAh_gYfmwneETPI1R_SX5w&u=%7CyC5YffPZJFYmwShoBjo8Hl0Nt1KsqYAHlxnvbVlXIvI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9weQenrEcIPjXF4FnOL7C1-AciFYoTqoWiWepM8KQwufUC8rQmhIfiU1Cqb6Wo2x3NMs9nf6LX2bmN6hOCoZhdUQllkJQ6KCXwC522zIHrLz5YIsQBFB_fHmcz2bpx2_tFB0nIBdcrR2bKGkckO0zUzWo04XzuTJjMnmu0M-TVNA-Zo2K6yrfKIJ0hvlgcHcgneVennT_mnxPGF2KaVv-pla4wGElGrHYFSTh5HY5zkmxs-Pma2GhbU9rgdl7IAcXfKGJLi7iwFAn8uyb9kIADg2GfbwPWFOd9KhuDzezlYNOfifgr80hVkUQ8aZOWNQUPEz6ChpccDxme4gD9I0AQSHwc7QEDKWAAsWfFFZreqOwr2OZCfHyuKkj5QKwtouHTKLSh4fV3pS4JWDY-K6QelQGtlDS6Q7C5srtzh4JxS22d2js2VCJcYbzYDbCuYxU8w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgiA0-RCPYZexD_WL7_UPgf-hoAnJntKxXM3x4t2IAcCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2oAHVttLqA8gBCakCcyyocR40sz6oAwGqBLsBT9BBt-myj87mKoCFJ2ZIuUG7J3ew82bR1GGAFZj5ZAPuTHY1asJ0aDwFtQPDMGk0MgX_vfNACyXmUfkatpwJAY-AacaEz1jTno5JJ0KaHwH9dx4Ys2yE12_Xa2Y-O-Zri8YFqjS1B6nsor0MH6RUXZ3TXaIp1ExEB5uY35ALBvV-ixi2EHkE6-yN4Xlz1Qt4GCyjFh6Yrgdmjk0GB_LMW19XbmVojFRdLt5Gl9Pl6e-OReO7KnoZUzN2poAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1J7j_E_9bWPkZXkRoymJDie4toOw%26client%3Dca-pub-8256822040731976%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 08 Nov 2022 01:12:25 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame BF23 4 KB
2 KB 36ms
14ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=34506800006346403500432011777012&a=535637a7
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=f280619c92&subid=&uid=728c67baddc8cf2a&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3914144817135349434%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D64a5618f-10f9-4301-a544-3ed0f3543e2f%26mt_cid%3D64a5618f-10f9-4301-a544-3ed0f3543e2f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCyANA-RCPYYftDpGH7_UPk_Cm4AzPh46bXMCG2YLGAsCNtwEQASAAYJW6rIK0B4IBF2NhLXB1Yi04MjU2ODIyMDQwNzMxOTc2yAEJqAMBqgS8AU_Q6T2Pc-fdvFWr29n6yjPxhorh8EHFbSMtDE1eFz_io9eRnoUMKbJkvSaR8s6GG1EFSMYqiu1_E_fxwjmTAGVj8gOLdE0CXgfePnl9yJYEpc264G-8gaE3XQt3okr9fWrmcfH1PhMyPvq_TjXgKV-dcyzjrTerOSRHhBYfpZZgw7aVFgMXL9NE9UpiOcA9JjygjuBfl6VHE070vBmUDXnd9UnubSTrDXlpk18HXEZt9Y-kWAYnvLK20GA1gAbf56731Li1vKcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1zVSGLNXBXt4Jr8LwUp5Z69GgivQ%2526client%253Dca-pub-8256822040731976%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8256822040731976%26output%3Dhtml%26h%3D300%26slotname%3D3323141418%26adk%3D978640161%26adf%3D918465267%26pi%3Dt.ma~as.3323141418%26w%3D300%26lmt%3D1636765945%26psa%3D0%26format%3D300x300%26url%3Dhttps%253A%252F%252Fsu.google-info.org%252F%26flash%3D0%26fwrattr%3Dtrue%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1636765945082%26bpp%3D1%26bdt%3D178%26idt%3D138%26shv%3Dr20211109%26mjsv%3Dm202111080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x300%252C300x600%26nras%3D1%26correlator%3D399632473075%26frm%3D20%26pv%3D1%26ga_vid%3D1946075796.1636765945%26ga_sid%3D1636765945%26ga_hid%3D1177294700%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D1288%26ady%3D998%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D182982100%252C182982300%26oid%3D2%26pvsid%3D2132859347964004%26pem%3D749%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3D8jIUc3te8O%26p%3Dhttps%253A%2F%2Fsu.google-info.org%26dtd%3D140&ancestorOrigins=null&random=9295218440156&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 74dd3eb4fe0687bff87a21780b7f24042a6917ba39e1d6a5668480878549f8e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 13 Nov 2021 01:12:25 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9740 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9b56e15823616c93e46baadda9d37ba81fde2d648a5450d1e8b1905c08c5c9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 29FF 747 B
941 B 97ms
16ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=50457261;click=https%3A%2F%2Fhal900030.redintelligence.net%2Fc%2Fp30neax8sb7rnmt%3Ftprde%3D

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=64884100006365403500432011777030&a=4319c610

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2dc532000b90284576611699556fbd4d036af3743fc2e7cb7afc1418d38e5f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 548
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame 29FF 0
150 B 39ms
16ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=64884100006365403500432011777030&a=498847d5&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=64884100006365403500432011777030&a=4319c610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=64884100006365403500432011777030&a=4319c610
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame BF23 747 B
940 B 19ms
17ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=50457261;click=https%3A%2F%2Fhal900012.redintelligence.net%2Fc%2Fpxajlqcfpm5eqqe%3Ftprde%3D

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=34506800006346403500432011777012&a=535637a7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6c06b447ceff7aea9b2347f3dc6a499abe492bf2744a1223170de0d22f25875d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 548
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame BF23 0
150 B 35ms
13ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=34506800006346403500432011777012&a=94dc257f&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=34506800006346403500432011777012&a=535637a7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=34506800006346403500432011777012&a=535637a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:25 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 29FF 33 KB
16 KB 83ms
22ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=50457261;click=https%3A%2F%2Fhal900030.redintelligence.net%2Fc%2Fp30neax8sb7rnmt%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 14 Nov 2021 04:22:20 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame BF23 33 KB
16 KB 90ms
29ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=50457261;click=https%3A%2F%2Fhal900012.redintelligence.net%2Fc%2Fpxajlqcfpm5eqqe%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 14 Nov 2021 04:22:20 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 29FF 4 KB
2 KB 18ms
17ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=50457261;click=https%3A%2F%2Fhal900030.redintelligence.net%2Fc%2Fp30neax8sb7rnmt%3Ftprde%3D;js=1;adfxid=1x;2147;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fsu.google-info.org

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f6e173b3b3926689a5f120c6976b69d8be3a0ae43723bb4ae7140a2b843ecbf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2012
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame BF23 4 KB
2 KB 17ms
17ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=50457261;click=https%3A%2F%2Fhal900012.redintelligence.net%2Fc%2Fpxajlqcfpm5eqqe%3Ftprde%3D;js=1;adfxid=1x;10708;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fsu.google-info.org

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

92ce9c3f50a515d12b50cfde108e720735b75f165650f374524ceda3191cc8da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2017
expires: -1

GET
DATA 200
OK truncated
/ Frame 29FF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame 29FF 851 B
1 KB 92ms
18ms Script
application/javascript 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=64884100006365403500432011777030&a=4319c610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:26 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
DATA 200
OK truncated
/ Frame BF23 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame BF23 851 B
1 KB 88ms
18ms Script
application/javascript 54.36.108.3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=34506800006346403500432011777012&a=535637a7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3112796.ip-54-36-108.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:26 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 29FF 90 KB
39 KB 21ms
21ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 14 Nov 2021 04:22:31 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame BF23 90 KB
39 KB 24ms
24ms Script
text/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 14 Nov 2021 04:22:31 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 29FF 35 B
478 B 17ms
17ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=50457261&csi=ZWrPJpQmUg_WtTHLROfT0oEHCsTJb988p0tSJ5z2zVfrygPkIxxfkw07-alDNfKkcfRcC7CmVZkpmjCoasaiy96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900030.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900030.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 10431998.js Show response
s1.adform.net/Banners/Elements/Files/169192/10431998/ Frame F6F6 6 KB
2 KB 16ms
16ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/10431998.js?ADFassetID=10431998&bv=258

Requested by

Host: su.google-info.org
URL: https://su.google-info.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3b6dabc25c6f2284c68ffa1a0a016d6d8eac85d2244675ee2c94d910255b010e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: W/"617585ab-191a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H2 200 /
track.adform.net/csimpr/ Frame BF23 35 B
478 B 17ms
17ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=50457261&csi=xCmpqcbJUdgmu7Fmtc1VZc4RyTqJz8kHp0tSJ5z2zVfrygPkIxxfkzjwIJHLCCwR-pIIH2xr0R6flAhxZFh_AN6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900012.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:26 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900012.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 39ms
20ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a5d225ac426bc4cc1e39b5bafc720c86a261486721199962da73a87b02195e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 9221
x-xss-protection: 0

GET
H2 200 10431998.js Show response
s1.adform.net/Banners/Elements/Files/169192/10431998/ Frame 2EF5 6 KB
2 KB 16ms
16ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/10431998.js?ADFassetID=10431998&bv=258

Requested by

Host: su.google-info.org
URL: https://su.google-info.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3b6dabc25c6f2284c68ffa1a0a016d6d8eac85d2244675ee2c94d910255b010e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: W/"617585ab-191a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame F6F6 30 KB
13 KB 16ms
16ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 logo1_linie.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 374 B
671 B 18ms
18ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/logo1_linie.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4fb7da1e767138bdd223778786f7b3a48072fd689f029940600fcc5678efcbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-176"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 374

GET
H2 200 logo1.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 11 KB
11 KB 19ms
18ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/logo1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5f2f18aec7345dd5c5af496b485f07156f039b3fbd091e52418ee993885175ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-2afd"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11005

GET
H2 200 logo2.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 6 KB
6 KB 19ms
17ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/logo2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b4bd66d27bcd179af78cc5596a6ebb04457528cd7d4344760c9119ce7b26e233

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-175b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5979

GET
H2 200 motiv1.jpg
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 18 KB
18 KB 19ms
17ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/motiv1.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c3486c8d6b8a89a785cd2bd20bd64487a6518900720d85999ecefffc246c076

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-4731"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 18225

GET
H2 200 txt1.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 7 KB
7 KB 20ms
18ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/txt1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cf19b50b61fcb709cac17f29d02dddb82a9711227585e2607dd5ef42b613fa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-1bcb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 7115

GET
H2 200 txt12.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 1 KB
2 KB 20ms
18ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/txt12.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

323f9384b04de16655cc1378fd2655ff02e512ff2c2536d5ab8e0d7ac9a1037c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-536"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1334

GET
H2 200 txt2.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 3 KB
4 KB 20ms
18ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/txt2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a1eb43d3b2628d370e2446a492808c177f039292f007b984a851a70812753b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-d65"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3429

GET
H2 200 motiv2.jpg
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 34 KB
34 KB 21ms
19ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/motiv2.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

257aa0fe09b3bf4b6c1869211fdbd95f9e56d739dabb3be9808764270a00e410

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-87cf"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 34767

GET
H2 200 unten.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 852 B
1 KB 22ms
20ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/unten.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8a3444042157f7809f0fab7cad136bf9b3a383c2d2b3b3b87311e55c85ee0837

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-354"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 852

GET
H2 200 txt4.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 816 B
1 KB 22ms
21ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/txt4.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7df1f509c76a628ef5d5ad7786b00a73603a4fdb7cdb104d4ec2e69a59e89275

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-330"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 816

GET
H2 200 motiv3.jpg
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 34 KB
34 KB 22ms
21ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/motiv3.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6577a7f099bb2427321e33527186d259d4b6e248497fdc97a6600d51d6a8484a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-883a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 34874

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame F6F6 11 KB
11 KB 24ms
23ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9c20e67813d6532fc91d472a08de97f00a56d4274ae5594b7570d158a2d15097

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-2afa"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11002

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 2EF5 30 KB
13 KB 17ms
16ms Script
application/x-javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:21 GMT
server: nginx
etag: W/"609e6e89-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 logo1_linie.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 374 B
671 B 17ms
16ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/logo1_linie.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4fb7da1e767138bdd223778786f7b3a48072fd689f029940600fcc5678efcbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-176"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 374

GET
H2 200 logo1.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 11 KB
11 KB 17ms
16ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/logo1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5f2f18aec7345dd5c5af496b485f07156f039b3fbd091e52418ee993885175ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-2afd"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11005

GET
H2 200 logo2.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 6 KB
6 KB 17ms
16ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/logo2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b4bd66d27bcd179af78cc5596a6ebb04457528cd7d4344760c9119ce7b26e233

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-175b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5979

GET
H2 200 motiv1.jpg
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 18 KB
18 KB 18ms
16ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/motiv1.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c3486c8d6b8a89a785cd2bd20bd64487a6518900720d85999ecefffc246c076

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-4731"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 18225

GET
H2 200 txt1.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 7 KB
7 KB 20ms
18ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/txt1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cf19b50b61fcb709cac17f29d02dddb82a9711227585e2607dd5ef42b613fa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-1bcb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 7115

GET
H2 200 txt12.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 1 KB
2 KB 20ms
18ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/txt12.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

323f9384b04de16655cc1378fd2655ff02e512ff2c2536d5ab8e0d7ac9a1037c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-536"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1334

GET
H2 200 txt2.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 3 KB
4 KB 20ms
18ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/txt2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a1eb43d3b2628d370e2446a492808c177f039292f007b984a851a70812753b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-d65"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3429

GET
H2 200 motiv2.jpg
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 34 KB
34 KB 20ms
18ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/motiv2.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

257aa0fe09b3bf4b6c1869211fdbd95f9e56d739dabb3be9808764270a00e410

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-87cf"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 34767

GET
H2 200 unten.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 852 B
1 KB 20ms
19ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/unten.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8a3444042157f7809f0fab7cad136bf9b3a383c2d2b3b3b87311e55c85ee0837

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-354"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 852

GET
H2 200 txt4.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 816 B
1 KB 20ms
19ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/txt4.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7df1f509c76a628ef5d5ad7786b00a73603a4fdb7cdb104d4ec2e69a59e89275

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-330"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 816

GET
H2 200 motiv3.jpg
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 34 KB
34 KB 20ms
19ms Image
image/jpeg 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/motiv3.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6577a7f099bb2427321e33527186d259d4b6e248497fdc97a6600d51d6a8484a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-883a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 34874

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/ Frame 2EF5 11 KB
11 KB 20ms
20ms Image
image/png 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431998/bvpath_258/images/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9c20e67813d6532fc91d472a08de97f00a56d4274ae5594b7570d158a2d15097

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
last-modified: Sun, 24 Oct 2021 16:11:23 GMT
server: nginx
etag: "617585ab-2afa"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11002

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: clear
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 13 Nov 2021 01:12:26 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 69E3 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 12 Nov 2021 18:50:52 GMT
expires: Sat, 12 Nov 2022 18:50:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22894
alt-svc: clear

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9329 783 B
1 KB 38ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec8321151f0136227f53388af12e0a9736abfc02bc555061ebe520e4d20731e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BG1nTCGfu+Y/9MGGCrlRYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 13 Nov 2021 01:12:26 GMT
date: Sat, 13 Nov 2021 01:12:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-BG1nTCGfu+Y/9MGGCrlRYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: clear

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 69E3 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 13:36:25 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9329 0
0 49ms
48ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211109&jk=2132859347964004&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211109&jk=2132859347964004&bg=!hIelh8PNAAZQLpa_UC47ACkAdvg8WoCLVc1DBvBxYOY-k_GS5Y6iqmPdNeKVgottHnKVJ7DX8l_aUwIAAABgUgAAAAhoAQcKAKqUzVw0yOv08AbngdQxinVSAlctfF7Zuhl8SaQ0TdsOo-MMuTK02P3gdA2TZKue2DD-Ub5e1z8N0bp0nuZXG_AN5lOWpHzqm7VRLUw0daa6ZY9L5KV862uMUhP8Rj--MPi_FQp2csxW8SJuReW28fbojnTPsszO5SZpp4CSyoIOQOnkCa2Qkb9h9B_6hjSTPwgHQfR0Xsc2UCs_GIfFz2OLewCv7kNEajei7ZkCu6PXmeWMmsrnm9VhvEib9kmb0-UGr3p5JVlDzRPCmQv90fGGVZHSH-ZNLLw9vCsCHw8DcmfLmhd7MJ73BuiHMGxOvRsbTCx7x-lr1v33jwUvXsYKBYVHiILbCvanTcdNUM0D-EBTHIUBuVFFuxOD0tYPMFSxntOtaIiE4JDqLcK4sRcvp0Y95vba_NOOqrTH7MnnW3yDYLUVi9Lw8QOnHtGxwJ5JJgyiUl14Ntr_aIDc1P0bAOzifl5IG_dHZ3Yfuse9KBSh2_noWbfDSA8o8S94DrVv8ZqN-aYwt9FFBzPXj5Hg6YXkBbqMjqbBPKv3fAc1bLuU0jQ6SabeY1BaQU9Emb3QMQhYs-9hmATAlOGl3E0DhoKB3eYaZeUz1J7KyFvYlAlmleS_RQlZFRykE2BKVVlYbQtQmIuXQlleqFhYSka5FoDqp_8rN7AW3A3oOTubLqe-QL2GtMmf4kItOaoFGFMDxnMJg53LkpmvBG90ehHcjUYOJF78iV_2kjA_FEoUIN0BHncAjgf-3RzGC86D8Oyc9Du55QTu0iJ6NPtecNjcKNErJe7cbtMv5B9vfSom1Ltmp5jsB5wMQg6FN-SoUbq8FUlzB2a2bN0_8fdY71cbhGhZxpPWSHmprKO6xxlznYWVQfx-uLwPn6PLS9PvHF0OhOUwNDpT9xL3FhXsuzLj4alp9BQLHqI9EZ3AjJoRzCD6oxAbKUuxW_va-dky-4ZEpei85S3p89b1Jy9yhKayHpOesgUv-oQSVdv2w1jbTJvaWkXxJSuzmLfYB6l4TR4qpNdZ7nItAeB5MNHQDVKMbpXQYrZiLO43hZ3FoM5CRH4TvxW7G1p6PmCOTFBk6rmUBTGhmjOkiz3KX-OTbrSDAcM5vxu5Y8fPUb6kXwVnhFXoHjwQJGLGGoCq64fCb-GlVD3ICGudKQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://su.google-info.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8303 42 B
174 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-iSsAltxnvOczPo0mw2jYaGQjhDqp_M8DC_is4msFtmXtrdbaUXhiGxZRlgpi_YcZ3XLtIl5ITGYmDVen7dw_cQ&sig=Cg0ArKJSzE8uzSFeoYAiEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=978640161&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636765945348&rpt=241&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9740 42 B
108 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPjBw7DhPFh8FmtIdsRG5-_upp2FzpuXOJmDt_YzyfaD6UP7JjU0pEVorNX0Zjb1P_LA3j2KLWSqUU0Txhu2saVA&sig=Cg0ArKJSzCvutkuTSvGZEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.61&if=1&app=0&itpl=20&adk=978640161&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636765945382&rpt=416&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame BF23 0
150 B 39ms
16ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=34506800006346403500432011777012&a=94dc257f&vb=v
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=34506800006346403500432011777012&a=535637a7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=34506800006346403500432011777012&a=535637a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame 29FF 0
150 B 34ms
12ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=64884100006365403500432011777030&a=498847d5&vb=v
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=64884100006365403500432011777030&a=4319c610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=64884100006365403500432011777030&a=4319c610
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:12:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/serving/unload/ Frame 29FF 35 B
478 B 17ms
17ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8719851456934464657@@50457261,7515334697729313039,100|1100|0|0|0|0|0|0|0||43|1|||||1|0|0|0LO8n8CY2shcPlakbYq96V8u5cjbrSn3_mzstmiBzw320Qsc5NJz44m3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900030.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900030.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame BF23 35 B
478 B 17ms
16ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4299934110108574780@@50457261,1915449178238337060,61|1099|0|0|0|0|0|0|0||26|1|||||1|0|0|0LO8n8CY2shcPlakbYq96e45vyDp9lVZoduSD1G_1UZ16RAqW8DILYm3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900012.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:12:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900012.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google-info.org/	1970-01-20 07:25:01	Name: top100_id Value: t1.6860606.1091603320.1636765945181
.su.google-info.org/	1970-01-20 22:39:25	Name: last_visit Value: 1636765945184::1636765945184
.google-info.org/	1970-01-20 07:25:01	Name: adtech_uid Value: 94c6e45e-53f1-478c-8f4d-5cc55a170118%3Agoogle-info.org
.google-info.org/	1970-01-20 07:25:01	Name: t1_sid_6860606 Value: s1.387151243.1636765945182.1636765945188.1.1.1
.google-info.org/	1970-01-19 23:22:37	Name: user-id_1.0.5_lr_lruid Value: pQ8AAPkQj2ETbZQxAee07AA%3D
.google-info.org/	1970-01-20 08:01:01	Name: __gads Value: ID=5cb6210af2b16de4-2226abae52cb0011:T=1636765945:RT=1636765945:S=ALNI_MawHmoMLww7PaK_cIf8rBr9SIUHIA
.mathtag.com/	1970-01-20 07:25:01	Name: uuid Value: 64a5618f-10f9-4301-a544-3ed0f3543e2f
.doubleclick.net/	1970-01-20 08:01:01	Name: IDE Value: AHWqTUnVCAODthKoKFzMI9i3o2KcUhunUKp96s8zmpYCGjr1SwU_u4UYTOIHoLfw-u8
.rambler.ru/	1970-01-25 20:05:16	Name: ruid Value: 1CIAAPkQj2G2GagbAT4buAB=
.adform.net/	1970-01-19 23:22:37	Name: C Value: 1
.adform.net/	1970-01-20 00:05:49	Name: uid Value: 4299934110108574780
.adform.net/	1970-01-19 22:49:30	Name: TPC Value: 1636765946078

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdn.contentspread.net
cdnjs.cloudflare.com
csm.eu.criteo.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900030.redintelligence.net
kraken.rambler.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.mathtag.com
rtb.fr.eu.criteo.com
s1.adform.net
st.top100.ru
static.criteo.net
su.google-info.org
tags.mathtag.com
tpc.googlesyndication.com
track.adform.net
www.google.com
www.googletagservices.com
136.243.149.243
138.201.63.117
142.250.186.98
178.250.2.135
178.250.2.148
178.250.2.150
185.29.132.246
2.18.233.201
2606:4700::6810:135e
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a02:2638:1::11
2a02:2638:1::3
2a02:2638::2
37.157.2.237
37.157.5.71
54.36.108.3
81.19.89.16
81.19.89.18
94.130.102.164
95.217.186.71
001c3fd19a5c844fff2d21ddfd599a84023d8fce31708072e135956c604c07a1
04b27b5d72eba808e6f6b3aedef95ff3366c6b38353dc788dac922615e858411
06d2e4b102c295f66ca8b4d8eb6a4c66caa6024296d715f70982e31025e5bdea
08c402477078c7179dc5dfe9382244ec1d71cea9216ec9b4698c62ef77d9ea20
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a0570d87a56207b3acc2454877a8d1d6ce9965b2f82fa39c791fe2538ab9a17
16ca769df94485322e9a1f9015358e7b3b7f5f59fa6960ba07ce2dc162089f22
1a5d225ac426bc4cc1e39b5bafc720c86a261486721199962da73a87b02195e5
1a6bd4faaf212de48c17ffc9be94db7f9bab7cc978b8e36e8ec7378ad36e347d
1c13cd3472fac930244e02b3b34bd23e138100c2a885ef9f236dca2a1c821eb2
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d7549d6513e7c28a55a0879a5bba504213eed0bc16b765fc680022efaabc117
1f71dd6de3fa7c7ac277ddaa83d6afe318fe019672accf42b3a87cb34acc2fc0
22bc024f5df80137ab83a43092f0ce52bfdd5f73756a5989d522a60cd2c7e660
257aa0fe09b3bf4b6c1869211fdbd95f9e56d739dabb3be9808764270a00e410
2dc532000b90284576611699556fbd4d036af3743fc2e7cb7afc1418d38e5f37
2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a
323f9384b04de16655cc1378fd2655ff02e512ff2c2536d5ab8e0d7ac9a1037c
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
3491f5a322f49ffaf4300fc46fc478a416327d75ce3d9cc813135c9abf11a341
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3770270eabb7de28007bdc5f8610f7b86d42a0bf6e50c6c5c6048dcab0c97038
3b6dabc25c6f2284c68ffa1a0a016d6d8eac85d2244675ee2c94d910255b010e
406cdb3c23096004e4d33b279cdf8a3878f745a3cab416dc638064bcfb5df6a9
424cbb6c10913cb36c5def6ad0b697388f3a4276630248d471f07474503bfc69
449e3b8e888db8b54ce352683076532166a844df60bd02b19d93ec031f8d9412
4aa9326d63782c8fbbff075fd37b1031ad87d6f43af89d12818d7f152eb17637
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb7da1e767138bdd223778786f7b3a48072fd689f029940600fcc5678efcbe2
5b680ea039ce8f3c31c0cf7a532cad5a8b651788eb87bfda1165dab49c7ba809
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d0aea97b090054846223242f0be691ac828271b85469f4905bbb0a7edd40fc4
5f2f18aec7345dd5c5af496b485f07156f039b3fbd091e52418ee993885175ff
6004f7b9e0f41be3c5cdf30a01be7448bf1ae72a014bdab7d13d32160fb26430
62409a8c1ee58a28f58542b7765f2fad51af4da2e04991dfc0a277aff38f81e7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64a44804c3fd3a81e3ecf38fd0bb10cfd21ee540dc1bb4c0b96ee6b6d16766ec
6577a7f099bb2427321e33527186d259d4b6e248497fdc97a6600d51d6a8484a
69d35529ef201a2559ceadb8ddbf17d8471817155825d3b0ebc6ee0c3c451e2a
6c06b447ceff7aea9b2347f3dc6a499abe492bf2744a1223170de0d22f25875d
74dd3eb4fe0687bff87a21780b7f24042a6917ba39e1d6a5668480878549f8e0
7c3486c8d6b8a89a785cd2bd20bd64487a6518900720d85999ecefffc246c076
7df1f509c76a628ef5d5ad7786b00a73603a4fdb7cdb104d4ec2e69a59e89275
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83691fb83015c6e2e21089f41ba14df7ae774154394f502d350e3119b1711417
8a3444042157f7809f0fab7cad136bf9b3a383c2d2b3b3b87311e55c85ee0837
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8be1fd1245ede2ae2a3a55835c455ffb3904799ebfd31403db80e6154aae41a3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
92ce9c3f50a515d12b50cfde108e720735b75f165650f374524ceda3191cc8da
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
9c20e67813d6532fc91d472a08de97f00a56d4274ae5594b7570d158a2d15097
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1eb43d3b2628d370e2446a492808c177f039292f007b984a851a70812753b3f
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bb54285541ea53dd8600f692932f4616f92b1db7b2ffffff70ed43860e51fb
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab6b6c7a7ebfce5c873bf9ab704e5905b32738b09fac42e8b55801d6668cf360
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
abfdb1a1720cf270248f176b92f184b055589c4d7c1ae01b9f2791aee14698cd
ac5d44cc5f0ac328923c0bf191e04322715df347578fac482ed4a292706c5183
ae6b980d575d4b40f8a49063c8e3ea4f5d3544da91b60b108e99c3b7cd8961db
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4bd66d27bcd179af78cc5596a6ebb04457528cd7d4344760c9119ce7b26e233
bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c81d2f11bb22e604f678a4c889099a9a0cfba9aecddc836400e35efe931c68ff
cbca90793d1401fa6f2a7e5130f4ed557743a3dc0f6fdb8db26a30ba5483e685
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cf19b50b61fcb709cac17f29d02dddb82a9711227585e2607dd5ef42b613fa28
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d3e62be49a950029e24adea571c09bb20f4e208df3ba0e6f18ee613446f466
d35c27586b5cf117fc67a2d3d48789eeaf18038528e4aa5aec627b5287fc5871
d7de78f153efaad465b062d13f1fe9639c764768c3376be6500737684ac04491
d92e31acf59216059d658d9c3a25731128652897e60f23e813d8992fb06a16dc
dd198f9d053354fbf30c98fb6931d81c2b2840ff790f3923fd45a6fd1aa14614
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73fa32bba14a4a95d9a4d02663134340805ff735a7c942b9214d3401014c1f0
e9b56e15823616c93e46baadda9d37ba81fde2d648a5450d1e8b1905c08c5c9c
eb3c427f5d3e949223e20f8b19f7c2fa12bc3f90fda4e843106ce3cd918d98f9
ec8321151f0136227f53388af12e0a9736abfc02bc555061ebe520e4d20731e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6e173b3b3926689a5f120c6976b69d8be3a0ae43723bb4ae7140a2b843ecbf7
f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec
fcd0f49b27ca0b986256c9c377ab49756b124f16ea6db646c131fd62b325299f

su.google-info.org Open in urlscan Pro 95.217.186.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

132 Requests

100 %HTTPS

42 %IPv6

16 Domains

26 Subdomains

27 IPs

7 Countries

1153 kBTransfer

2494 kBSize

12 Cookies

0 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

su.google-info.org Open in urlscan Pro
95.217.186.71 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

42 %
IPv6

16
Domains

26
Subdomains

27
IPs

7
Countries

1153 kB
Transfer

2494 kB
Size

12
Cookies

132 HTTP transactions
6 data transactions