homeup.co.kr Open in urlscan Pro
118.67.131.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://homeup.co.kr/
Submission: On November 30 via api (November 30th 2023, 5:16:32 am UTC) from BY — Scanned from DE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 12 domains to perform 71 HTTP transactions. The main IP is 118.67.131.217, located in Korea, Republic Of and belongs to NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG. The main domain is homeup.co.kr.

This is the only time homeup.co.kr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	118.67.131.217 118.67.131.217	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
1 3	27.96.134.25 27.96.134.25	135354 (NBPAP-AS-...) (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD.)
11	220.230.126.70 220.230.126.70	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
10	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::a 2a02:2638:3::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	34.235.200.9 34.235.200.9	() ()
1	2600:1f18:26d... 2600:1f18:26d4:7e06:3a24:a9df:107e:9faa	() ()
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	() ()
71	21

1 118.67.131.217 (Korea, Republic Of)

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

homeup.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 27.96.134.25 (Korea, Republic Of) 1 redirects

ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG)

yesnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 220.230.126.70 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

www.yesnic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.200.9 (None, ) 1 redirects

ASN- ()

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:26d4:7e06:3a24:a9df:107e:9faa (None, )

ASN- ()

ipds.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	299 KB
14	yesnic.com 1 redirects yesnic.com www.yesnic.com	540 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	235 KB
7	criteo.com 1 redirects cas.criteo.com — Cisco Umbrella Rank: 18880 gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 ads.eu.criteo.com — Cisco Umbrella Rank: 9522 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16218 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971	77 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	19 KB
2	adrta.com 1 redirects adrta.com ipds.adrta.com	891 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 MB
1	google.com www.google.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 587	17 KB
1	homeup.co.kr homeup.co.kr	736 B
71	12

	Domain	Requested by
19	imageproxy.eu.criteo.net	ads.eu.criteo.com
11	www.yesnic.com	homeup.co.kr www.yesnic.com
10	static.criteo.net	www.yesnic.com ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
5	pagead2.googlesyndication.com	www.yesnic.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
4	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	yesnic.com	1 redirects www.yesnic.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cdn.jsdelivr.net	www.yesnic.com
1	www.google.com	tpc.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	ipds.adrta.com	ads.eu.criteo.com
1	adrta.com	1 redirects
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	mug.criteo.com	www.yesnic.com
1	cas.criteo.com	static.criteo.net
1	ssl.google-analytics.com	www.yesnic.com
1	homeup.co.kr
71	22

This site contains no links.

Subject Issuer	Validity	Valid
domain.whois.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-10-16` - `2024-11-13`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://homeup.co.kr/
Frame ID: 0C50A685584641E975D621BD670A847E
Requests: 1 HTTP requests in this frame

Frame: https://www.yesnic.com/?_task=fp&_action=basic
Frame ID: 5CB30A11FAEC536C135DDB4E872127AE
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Frame ID: 8537BF766CC2086087851E28DD094B9B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=homeup.co.kr
Frame ID: 7B1039DF37E67F9EE9E36A25638DF787
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1701321390&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&ea=0&wgl=1&dt=1701321390473&bpp=2&bdt=2084&idt=85&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&correlator=5911806939673&frm=22&ife=1&pv=2&ga_vid=131802967.1701321391&ga_sid=1701321391&ga_hid=562711550&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44809317%2C31078301%2C31079721%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=2839378564638026&tmod=155673268&uas=0&nvt=1&top=http%3A%2F%2Fhomeup.co.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lhf01hn7ijm2&fsb=1&dtd=93
Frame ID: 71A12AABB60D52117BA1FE1411AFE1D5
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWgargAI7QIHg6CMAABZYDOWLQ1tMSnqyze6wA&u=%7CV7XG8NTWto0ItVF8u4svFfi9g%2F4U0eerzmPQwlrVsNk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC862S7AWvTrIfESCuNce8VR2LuywgVT530Q0QBh-g09SclGRUA1rpO2WAW5xu_ei6a1WHq3O8YZkhU0VwTJWWE9yUZkTl-oswuQ8toGSH8yFW6IIVMV5VK7PufJQUqNXD4XRzy07jwMsLdsm_aMFL8lASR02AHOcMmPIOv_evsCx2yMQjyvISLo0xRLFu2mWyrfcVxJpCvTQr3eqF5CkMCFbZYKeAfIXJZVSib3mO2QaKa-ZTJmV486QVTejTZTkMxmXZLRpTDIp4SlXyjkSPlbZ51_lKE8dBwQAjClP6sTNgwnVjQeEpDRprD2sfFQskFfGMmXb072OiP5m0I2LIdVD18RPCexDqbZvFMugk9i2GUsgPhTBzYsrtZh9THAV69KdGQnOKL3t1c1pxPpPGNPfxsBZ7HzchQHmANRJmxlJq1DxM_T3s9So6FZ37Wg2xk6lIYi4q8pm1dck-kJp-R2lhmAXeJszEY5gvs3qKEf2QJFhVvrm-FMoBiIFnC-Df33Qld38mJa1J1V0cN3SdU6-eAnG8_G70DLa_9JdlQm6vGIZCw8KWkAhc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDg3grhpoZYLaI4zBjuwP4LKBOMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDAwNzcxNTU4OTE3MDAxNcgBCakCgMtUH0Vpsj6oAwHIAwKqBPABT9B_RjvEdiyEZJGeWOUKg2FMpzbQz3jNA53rseujp0cBjMeU3ix9anzcr_lO6AZ7nchlhkz2BBZK7qwvMXI3jWmj7__lgeJupqsrdxqrv5nlMfvE0WrX2buVl4f4HiX0D12had0woJaiquEFUSWeyH7Xz4ejMBEPgtBf0lXxXJazDhkVcJzeVYtDEzQAYHaDPIO70XqItwUnSqitUZ97S0IctBSeGzoORfrFQlts8v4S-wwzl-WZ8wM1PS1WmoVxM4AzMmOq12TFcOYBu3-rV4b1o6JPrYghTQYjqXKR3zsc-bwoYaod5VKy41F3LwB2gAarmP6p1ruF4XegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1cKJifzqggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iZb-69rqnDpY0ovMMUoT-CbZKIA%26client%3Dca-pub-4007715589170015%26adurl%3D
Frame ID: A0E5B5F0A5915C789488D6A7FCC7F1C3
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B00F1D5CC6247D0315407F9F22B1C33
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92E70F1D9F88C1E5A194E3BFC82FFDC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//(?:cas\.criteo\.com|(?:[^/]\.)?criteo\.net)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

71
Requests

94 %
HTTPS

76 %
IPv6

12
Domains

22
Subdomains

21
IPs

4
Countries

2403 kB
Transfer

3326 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://yesnic.com/?_task=fp&_action=basic HTTP 301
https://www.yesnic.com/?_task=fp&_action=basic

Request Chain 23

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.yesnic.com&sn=ChromeSyncframe&so=0&topUrl=homeup.co.kr&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=F62jvHxYYnpRVzlBSkFuTWZIc0NCb0E1TG5qSUdwN251dzRscFFRZnVYM1l2alNUcUw2N082a2gzYVFuZEt1cTFJNW55aUk2R2M2S1Z2Qm5Wdkl0cURGVDNFbXExRjgrTVRNcjBKcms1a3F6dTFBYUlnUDlYN3dpWTNrYy94TnZqaVlRSnpLMFhVcGpJMllOMUFKRzJQc2JacE1HcmhybEJVcnpySURaMk9SdWR2dk5IbHZCamdWUVZ3QnlncWd1RDAxMTd1WlJQZ3lDTVZ5QXRuZ1RYTXBHeUxGckpkM3Y4NmxNQStLZytuUHZ4SnhxeEJnRG5PU2lvbUU5LzkrK1hmMmFmZUNIc0xwejdvOHl0MmF0RVVld2Ywb2VmRURqeHEvL1cwSDBnZkFZTTNLOD18&cppv=2

Request Chain 36

https://adrta.com/i?cb=65681aae884117570f5e3a74ea523cf7&clid=co&paid=co&avid=89430&caid=412424&plid=11448653&publisherId=141479&kv1=728X90&kv2=https://googleads.g.doubleclick.net/&kv3=9c8d9751-7a3d-48c7-a509-a72456622b5e&kv4=2001:ac8:20::&kv7=317&kv11=65681aae884117570f5e3a74ea523cf7&kv12=786654&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.199%20Safari/537.36&kv24=Windows_Web HTTP 302
https://ipds.adrta.com/i?__x=JJCIKFEIKHCLLBEBOKHGNKONHIOLLHLHHOPAGLEIJGHKOGHIMBFOMMKJKIGLJIOMNNJMKBIMFFHJHHPIIJJ@KPHLHONEJHJLMKFHGINBFNHGIGFKPFJLKAE@HBE&cb=65681aae884117570f5e3a74ea523cf7&clid=co&paid=co&avid=89430&caid=412424&plid=11448653&publisherId=141479&kv1=728X90&kv2=https://googleads.g.doubleclick.net/&kv3=9c8d9751-7a3d-48c7-a509-a72456622b5e&kv4=2001:ac8:20::&kv7=317&kv11=65681aae884117570f5e3a74ea523cf7&kv12=786654&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.199%20Safari/537.36&kv24=Windows_Web

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
homeup.co.kr/ 480 B
736 B 1313ms
275ms Document
text/html 118.67.131.217
NBPAP-AS-AP NAVER...

General

Check archive.org

Show headers Download Go to

Full URL: http://homeup.co.kr/
Protocol: HTTP/1.1
Server: 118.67.131.217 , Korea, Republic Of, ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 98a1e2b916326a471dff04d4141dbdbcac0ffd60ed35b7e151c02086f8728f51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Length: 480
Content-Type: text/html; charset=euc-kr
Date: Thu, 30 Nov 2023 05:16:26 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR DELa BUS IND PHY ONL UNI COM NAV INT DEM PRE"

GET
H/1.1

200
OK

/ Show response
www.yesnic.com/ Frame 5CB3
Redirect Chain

http://yesnic.com/?_task=fp&_action=basic
https://www.yesnic.com/?_task=fp&_action=basic

12 KB
12 KB

1257ms
276ms

Document
text/html

220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/?_task=fp&_action=basic
Requested by: Host: homeup.co.kr
URL: http://homeup.co.kr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 805c5aab782ff4853b51cd3a0bca99ff03b141b5f9f14736479460db21ae2845

Request headers

Referer: http://homeup.co.kr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 30 Nov 2023 05:16:28 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 258
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 30 Nov 2023 05:16:26 GMT
Keep-Alive: timeout=15, max=100
Location: https://www.yesnic.com/?_task=fp&_action=basic
Server: Apache

GET
H/1.1 200
OK style_forward_2021.css
www.yesnic.com/templates/yesnic/css/ Frame 5CB3 13 KB
13 KB 249ms
248ms Stylesheet
text/css 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: f90f7c136b9ef485a196ad3baf2073a544c93b49b4c59e88c35c5ecd2e90e055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:28 GMT
Last-Modified: Wed, 26 Jul 2023 01:13:04 GMT
Server: Apache
ETag: "3297-601598cb7b827"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 12951

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.yesnic.com/js/ Frame 5CB3 94 KB
94 KB 498ms
248ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/jquery-1.11.3.min.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:28 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:18 GMT
Server: Apache
ETag: "176d5-5f15450c7318a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 95957

GET
H/1.1 200
OK common.js Show response
www.yesnic.com/js/ Frame 5CB3 54 KB
55 KB 769ms
256ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/common.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: e1dd6d68e00d98fe5bfbc6b196ff6b9538eb44dae9a7b386e9c4aea3e156d80e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:29 GMT
Last-Modified: Tue, 08 Aug 2023 05:13:18 GMT
Server: Apache
ETag: "d974-602626bc160b2"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 55668

GET
H/1.1 200
OK apps.js Show response
www.yesnic.com/js/ Frame 5CB3 2 KB
2 KB 813ms
273ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/apps.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 24fe66dfcc1e4089a66b758e679dd49b90b1c185851e35b30e73fd0ee6b542e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:29 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:18 GMT
Server: Apache
ETag: "6f7-5f15450c7124a"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1783

GET
H/1.1 200
OK parking_basic.js Show response
www.yesnic.com/js/ Frame 5CB3 2 KB
3 KB 816ms
272ms Script
application/javascript 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/parking_basic.js
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: b8f32ce5d6e08fad5854ae7bab81127ce5a0b3031f6a62b62700f77add7dfa86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:29 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:18 GMT
Server: Apache
ETag: "98a-5f15450c74ce2"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 2442

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 5CB3 129 KB
42 KB 68ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-20336"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 01 Dec 2023 05:16:28 GMT

GET
H/1.1 200
OK img_https.svg
yesnic.com/templates/yesnic/images/ Frame 5CB3 7 KB
7 KB 268ms
268ms Image
image/svg+xml 27.96.134.25
NBPAP-AS-AP NAVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yesnic.com/templates/yesnic/images/img_https.svg
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 27.96.134.25 , Korea, Republic Of, ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG),
Reverse DNS
Software: Apache /
Resource Hash: b23bb9ed14289db8165b4f80b149835bcdc47b56fe59dd2d2c5ecb968a3a299f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:29 GMT
Last-Modified: Wed, 29 Mar 2023 02:50:38 GMT
Server: Apache
ETag: "1a2d-5f8010a7f4c2a"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 6701

GET
H/1.1 200
OK logo_y_n.svg
yesnic.com/templates/yesnic/images/ Frame 5CB3 7 KB
7 KB 1074ms
268ms Image
image/svg+xml 27.96.134.25
NBPAP-AS-AP NAVER...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yesnic.com/templates/yesnic/images/logo_y_n.svg
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 27.96.134.25 , Korea, Republic Of, ASN135354 (NBPAP-AS-AP NAVER BUSINESS PLATFORM ASIA PACIFIC PTE. LTD., SG),
Reverse DNS
Software: Apache /
Resource Hash: 66a3fe092264c1ba162aad79ff1f4b645bde1d74a6d231f8d7689e021857282f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:29 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:19 GMT
Server: Apache
ETag: "1ad3-5f15450d4e555"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 6867

GET
H/1.1 200
OK parking_mail_nc.png
www.yesnic.com/templates/yesnic/images/ Frame 5CB3 12 KB
12 KB 826ms
276ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/parking_mail_nc.png
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: b84cefa73073de242a7d90568b522924b3fc2694ac7dd44fc9d735f25d44d483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:29 GMT
Last-Modified: Wed, 18 Jan 2023 00:23:34 GMT
Server: Apache
ETag: "3032-5f27ed3a67ae3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 12338

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5CB3 150 KB
52 KB 124ms
97ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7963362dfce156aeac857d8da3752e804802bbc5744c6abadf0b7bcb634e7ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52755
x-xss-protection: 0
server: cafe
etag: 10769544586242826121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 05:16:30 GMT

GET
H/1.1 200
OK bulk_check_domain_types_utf.php Show response
www.yesnic.com/js/ Frame 5CB3 8 KB
8 KB 269ms
268ms Script
text/html 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yesnic.com/js/bulk_check_domain_types_utf.php
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/js/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 53e65cdce3ae9e905997468d060db5123aa9ad218c435fd5ebafeaca368520e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/?_task=fp&_action=basic
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Content-Length: 7728
Content-Type: text/html; charset=UTF-8

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 5CB3 45 KB
17 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Nov 2023 03:20:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6968
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 30 Nov 2023 05:20:22 GMT

GET
H2 200 ajs.php Show response
cas.criteo.com/delivery/ Frame 5CB3 222 B
1 KB 71ms
16ms Script
text/javascript 2a02:2638:3::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.criteo.com/delivery/ajs.php?ptv=144&zoneid=806582&cb=29864714269&nodis=1&charset=UTF-8&dc=2&loc=http%3A%2F%2Fhomeup.co.kr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d857f9d9f220f6213ce85327e5eee9226f11a4ebaf222ea5f2fe4050d9d04d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3821828
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ban_kr_event2306.png
www.yesnic.com/templates/yesnic/images/ Frame 5CB3 28 KB
29 KB 257ms
256ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/ban_kr_event2306.png
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 3f54c548197c187e9b199b96e441a4a5abc0cd00417780b9bd415113c4cbafa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:30 GMT
Last-Modified: Fri, 02 Jun 2023 01:44:20 GMT
Server: Apache
ETag: "70fe-5fd1bb1118a86"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 28926

GET
H/1.1 200
OK icon_arrow3.png
www.yesnic.com/templates/yesnic/images/ Frame 5CB3 1 KB
2 KB 247ms
247ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/icon_arrow3.png
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: 1edeb8f7974a9cc4d5a16ea479ce777e92e51f5dcd9ad8cb477be8b6fa1cbfdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:30 GMT
Last-Modified: Tue, 03 Jan 2023 04:15:18 GMT
Server: Apache
ETag: "5c9-5f15450d1572e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 1481

GET
H/1.1 200
OK parking_mail_banner_bg3.png
www.yesnic.com/templates/yesnic/images/ Frame 5CB3 297 KB
297 KB 276ms
276ms Image
image/png 220.230.126.70
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yesnic.com/templates/yesnic/images/parking_mail_banner_bg3.png
Requested by: Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.230.126.70 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: Apache /
Resource Hash: a4e82cf2d5503a0cfda85745596dec97fe721685a98a4bed44dc8388e0cdc1a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 05:16:30 GMT
Last-Modified: Wed, 18 Jan 2023 00:23:34 GMT
Server: Apache
ETag: "4a43e-5f27ed3a5dea4"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 304190

GET
H2 200 GmarketSansMedium.woff
cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/ Frame 5CB3 596 KB
598 KB 32ms
15ms Font
font/woff 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/GmarketSansMedium.woff

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/templates/yesnic/css/style_forward_2021.css?202322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

747b8386133b10bffede3cedeb994fc681ad9dc424879a248d7cadf6749b2f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yesnic.com/
Origin: https://www.yesnic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1643172
x-jsd-version: 1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 610480
x-served-by: cache-fra-eddf8230096-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"950b0-lZxjrSk7X3rBZyjq4AMXERjnOE8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN%2Bn6jQluLMGY%2Ftw2cwKe6JUXYQ0h19dHYJI1ghm556H9CVjf9wahF4STdT%2BYSKNAs50Ia8LSMmv5Ai0KR72YMiZcqTac%2FxHiOzuJwY0Rwp6%2Fo%2FmZ%2Bfb1I4%2FN8tR47b1TLJHzEJB3o9b%2BPGbVos%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82e09e626d985b5c-FRA

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame 5CB3 397 KB
134 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4007715589170015&plah=www.yesnic.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f92cd4d8667ef1518999d237d8e15d21bf3a40de35ab8f9e5bc9559ef0a9cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137286
x-xss-protection: 0
server: cafe
etag: 12861425861461004309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 05:16:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame 8537 9 KB
4 KB 29ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 00:27:01 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 00:27:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GmarketSansLight.woff
cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/ Frame 5CB3 547 KB
548 KB 15ms
14ms Font
font/woff 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/projectnoonnu/noonfonts_2001@1.1/GmarketSansLight.woff

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35dbd7fb0ee986ebaefae727cab6c12b35782ea1663e79f3db7f8f145ca5e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yesnic.com/
Origin: https://www.yesnic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11939
x-jsd-version: 1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 559744
x-served-by: cache-fra-eddf8230022-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"88a80-9pAnPDJmyd70cVlA3j4DRVtXc+Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHjFu25USILDNkNY5jQqVjgW8SkkzpE95Iv%2FnhP0BF7741NCG8kCzctSQfVkncVFVxJWZXkKlNgXb18rd3VZzp9nWIhNqE73Ul69jXHvhcae3quRUJGv7XeOY0ohTo4r2JIZG38xsAAHOK8nD%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82e09e62edcc5b5c-FRA

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7B10 15 KB
6 KB 42ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=homeup.co.kr

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 05:16:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 791829
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71A1 36 KB
15 KB 386ms
386ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1701321390&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&ea=0&wgl=1&dt=1701321390473&bpp=2&bdt=2084&idt=85&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&correlator=5911806939673&frm=22&ife=1&pv=2&ga_vid=131802967.1701321391&ga_sid=1701321391&ga_hid=562711550&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44809317%2C31078301%2C31079721%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=2839378564638026&tmod=155673268&uas=0&nvt=1&top=http%3A%2F%2Fhomeup.co.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lhf01hn7ijm2&fsb=1&dtd=93

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4007715589170015&plah=www.yesnic.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebf4612860fcecc702c9da29bc3354af8345e125aed4681ee54a9e9a3bb989ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14717
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 05:16:30 GMT
expires: Thu, 30 Nov 2023 05:16:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7B10
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=www.yesnic.com&sn=ChromeSyncframe&so=0&topUrl=homeup.co.kr&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=F62jvHxYYnpRVzlBSkFuTWZIc0NCb0E1TG5qSUdwN251dzRscFFRZnVYM1l2alNUcUw2N082a2gzYVFuZEt1cTFJNW55aUk2R2M2S1Z2Qm5Wdkl0cURGVDNFbXExRjgrTVRNcjBKcms1a3F6dTFBYUlnUDlYN3dpWTNrYy...

425 B
654 B

14ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=F62jvHxYYnpRVzlBSkFuTWZIc0NCb0E1TG5qSUdwN251dzRscFFRZnVYM1l2alNUcUw2N082a2gzYVFuZEt1cTFJNW55aUk2R2M2S1Z2Qm5Wdkl0cURGVDNFbXExRjgrTVRNcjBKcms1a3F6dTFBYUlnUDlYN3dpWTNrYy94TnZqaVlRSnpLMFhVcGpJMllOMUFKRzJQc2JacE1HcmhybEJVcnpySURaMk9SdWR2dk5IbHZCamdWUVZ3QnlncWd1RDAxMTd1WlJQZ3lDTVZ5QXRuZ1RYTXBHeUxGckpkM3Y4NmxNQStLZytuUHZ4SnhxeEJnRG5PU2lvbUU5LzkrK1hmMmFmZUNIc0xwejdvOHl0MmF0RVVld2Ywb2VmRURqeHEvL1cwSDBnZkFZTTNLOD18&cppv=2

Requested by

Host: www.yesnic.com
URL: https://www.yesnic.com/?_task=fp&_action=basic

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

906f9886b7bb6ab67da949461240e8cc376781cb40895576aedf6456441361b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1000739
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=F62jvHxYYnpRVzlBSkFuTWZIc0NCb0E1TG5qSUdwN251dzRscFFRZnVYM1l2alNUcUw2N082a2gzYVFuZEt1cTFJNW55aUk2R2M2S1Z2Qm5Wdkl0cURGVDNFbXExRjgrTVRNcjBKcms1a3F6dTFBYUlnUDlYN3dpWTNrYy94TnZqaVlRSnpLMFhVcGpJMllOMUFKRzJQc2JacE1HcmhybEJVcnpySURaMk9SdWR2dk5IbHZCamdWUVZ3QnlncWd1RDAxMTd1WlJQZ3lDTVZ5QXRuZ1RYTXBHeUxGckpkM3Y4NmxNQStLZytuUHZ4SnhxeEJnRG5PU2lvbUU5LzkrK1hmMmFmZUNIc0xwejdvOHl0MmF0RVVld2Ywb2VmRURqeHEvL1cwSDBnZkFZTTNLOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 276520
content-length: 0
expires: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 71A1 3 KB
1 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1701321390&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&ea=0&wgl=1&dt=1701321390473&bpp=2&bdt=2084&idt=85&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&correlator=5911806939673&frm=22&ife=1&pv=2&ga_vid=131802967.1701321391&ga_sid=1701321391&ga_hid=562711550&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44809317%2C31078301%2C31079721%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=2839378564638026&tmod=155673268&uas=0&nvt=1&top=http%3A%2F%2Fhomeup.co.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lhf01hn7ijm2&fsb=1&dtd=93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:49:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 71A1 20 KB
9 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:49:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 21:49:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71A1 202 KB
64 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 05:16:30 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A0E5 281 KB
69 KB 117ms
85ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWgargAI7QIHg6CMAABZYDOWLQ1tMSnqyze6wA&u=%7CV7XG8NTWto0ItVF8u4svFfi9g%2F4U0eerzmPQwlrVsNk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC862S7AWvTrIfESCuNce8VR2LuywgVT530Q0QBh-g09SclGRUA1rpO2WAW5xu_ei6a1WHq3O8YZkhU0VwTJWWE9yUZkTl-oswuQ8toGSH8yFW6IIVMV5VK7PufJQUqNXD4XRzy07jwMsLdsm_aMFL8lASR02AHOcMmPIOv_evsCx2yMQjyvISLo0xRLFu2mWyrfcVxJpCvTQr3eqF5CkMCFbZYKeAfIXJZVSib3mO2QaKa-ZTJmV486QVTejTZTkMxmXZLRpTDIp4SlXyjkSPlbZ51_lKE8dBwQAjClP6sTNgwnVjQeEpDRprD2sfFQskFfGMmXb072OiP5m0I2LIdVD18RPCexDqbZvFMugk9i2GUsgPhTBzYsrtZh9THAV69KdGQnOKL3t1c1pxPpPGNPfxsBZ7HzchQHmANRJmxlJq1DxM_T3s9So6FZ37Wg2xk6lIYi4q8pm1dck-kJp-R2lhmAXeJszEY5gvs3qKEf2QJFhVvrm-FMoBiIFnC-Df33Qld38mJa1J1V0cN3SdU6-eAnG8_G70DLa_9JdlQm6vGIZCw8KWkAhc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDg3grhpoZYLaI4zBjuwP4LKBOMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDAwNzcxNTU4OTE3MDAxNcgBCakCgMtUH0Vpsj6oAwHIAwKqBPABT9B_RjvEdiyEZJGeWOUKg2FMpzbQz3jNA53rseujp0cBjMeU3ix9anzcr_lO6AZ7nchlhkz2BBZK7qwvMXI3jWmj7__lgeJupqsrdxqrv5nlMfvE0WrX2buVl4f4HiX0D12had0woJaiquEFUSWeyH7Xz4ejMBEPgtBf0lXxXJazDhkVcJzeVYtDEzQAYHaDPIO70XqItwUnSqitUZ97S0IctBSeGzoORfrFQlts8v4S-wwzl-WZ8wM1PS1WmoVxM4AzMmOq12TFcOYBu3-rV4b1o6JPrYghTQYjqXKR3zsc-bwoYaod5VKy41F3LwB2gAarmP6p1ruF4XegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1cKJifzqggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iZb-69rqnDpY0ovMMUoT-CbZKIA%26client%3Dca-pub-4007715589170015%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cb14267a194190efe4d36ba953bd26cdc50a427bfceb2bccb93288a050c1b0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 05:16:30 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ESlMjNTko3wkO5ddKaeV2q4vNLzjc6NNEkTPMWwW_KVynbx6a-Wg-mbYhePiPf7jnurG_EfBgEQLATGerSoY3osVI28MkTH_hIumoFodhusFqPdkZMI4PGiINr6wRcKV-cOrIKhiEBqRmFLTqUvLqaxBs-iZmFAr8921T-CjH-0QPDVGy9Zt7g7bf6MJ9CVfqCls6tWxLO9gGrwkJKAy9jxuFIZi_ndZ7LAnchbSv2ftbJ8BCmrM64dhCQr_qzApaZqlLw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65065094
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 71A1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57bc3b2156adb4b160d7ff1b6f1af633ff24c8b3e165bdd1a5754a5292dbf0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 71A1 0
23 B 57ms
56ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_kuwrhpoZYLaI4zBjuwP4LKBOMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDAwNzcxNTU4OTE3MDAxNcgBCakCgMtUH0Vpsj6oAwHIAwKqBO0BT9B_RjvEdiyEZJGeWOUKg2FMpzbQz3jNA53rseujp0cBjMeU3ix9anzcr_lO6AZ7nchlhkz2BBZK7qwvMXI3jWmj7__lgeJupqsrdxqrv5nlMfvE0WrX2buVl4f4HiX0D12had0woJaiquEFUSWeyH7Xz4ejMBEPgtBf0lXxXJazDhkVcJzeVYtDEzQAYHaDPIO70XqItwUnSqitUZ97S0IctBSeGzoORfrFQlts8v4S-wwzl-WZ8wM1PS1WmoVxM4AzMmOq1ybHUXSBKK-W8VbSeS5vRCwvagyVo1yJXY_UxBra3rQx_cp4d3GegAarmP6p1ruF4XegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1cKJifzqggOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDAwNzcxNTU4OTE3MDAxNRgA&sigh=1lP4Zkf4dqg&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNrtPhY7JvhL4eHswUtGijiOx_vvCsV2h9hDlubfJvdslUC8wgZCfQ97M_4DktR1w-unTeTdDnOAdtIWrZ_EJmfX2c3jqMVnSpphgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1701321390&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&ea=0&wgl=1&dt=1701321390473&bpp=2&bdt=2084&idt=85&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&correlator=5911806939673&frm=22&ife=1&pv=2&ga_vid=131802967.1701321391&ga_sid=1701321391&ga_hid=562711550&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44809317%2C31078301%2C31079721%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=2839378564638026&tmod=155673268&uas=0&nvt=1&top=http%3A%2F%2Fhomeup.co.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lhf01hn7ijm2&fsb=1&dtd=93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 30 Nov 2023 05:16:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Nov 2023 05:16:31 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 71A1 0
126 B 61ms
12ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=koiWGd6BMNgFWp2DYgICAAAAQL9GQTZtz8dIjRtjEK0aaGUfjRKsoiDfAlAcAAASAAAKCkFRVURBUUVCQVE&wp=ZWgargAI7QIHg6CMAABZYDOWLQ1tMSnqyze6wA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 160439
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A0E5 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWgargAI7QIHg6CMAABZYDOWLQ1tMSnqyze6wA&u=%7CV7XG8NTWto0ItVF8u4svFfi9g%2F4U0eerzmPQwlrVsNk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC862S7AWvTrIfESCuNce8VR2LuywgVT530Q0QBh-g09SclGRUA1rpO2WAW5xu_ei6a1WHq3O8YZkhU0VwTJWWE9yUZkTl-oswuQ8toGSH8yFW6IIVMV5VK7PufJQUqNXD4XRzy07jwMsLdsm_aMFL8lASR02AHOcMmPIOv_evsCx2yMQjyvISLo0xRLFu2mWyrfcVxJpCvTQr3eqF5CkMCFbZYKeAfIXJZVSib3mO2QaKa-ZTJmV486QVTejTZTkMxmXZLRpTDIp4SlXyjkSPlbZ51_lKE8dBwQAjClP6sTNgwnVjQeEpDRprD2sfFQskFfGMmXb072OiP5m0I2LIdVD18RPCexDqbZvFMugk9i2GUsgPhTBzYsrtZh9THAV69KdGQnOKL3t1c1pxPpPGNPfxsBZ7HzchQHmANRJmxlJq1DxM_T3s9So6FZ37Wg2xk6lIYi4q8pm1dck-kJp-R2lhmAXeJszEY5gvs3qKEf2QJFhVvrm-FMoBiIFnC-Df33Qld38mJa1J1V0cN3SdU6-eAnG8_G70DLa_9JdlQm6vGIZCw8KWkAhc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDg3grhpoZYLaI4zBjuwP4LKBOMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDAwNzcxNTU4OTE3MDAxNcgBCakCgMtUH0Vpsj6oAwHIAwKqBPABT9B_RjvEdiyEZJGeWOUKg2FMpzbQz3jNA53rseujp0cBjMeU3ix9anzcr_lO6AZ7nchlhkz2BBZK7qwvMXI3jWmj7__lgeJupqsrdxqrv5nlMfvE0WrX2buVl4f4HiX0D12had0woJaiquEFUSWeyH7Xz4ejMBEPgtBf0lXxXJazDhkVcJzeVYtDEzQAYHaDPIO70XqItwUnSqitUZ97S0IctBSeGzoORfrFQlts8v4S-wwzl-WZ8wM1PS1WmoVxM4AzMmOq12TFcOYBu3-rV4b1o6JPrYghTQYjqXKR3zsc-bwoYaod5VKy41F3LwB2gAarmP6p1ruF4XegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1cKJifzqggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iZb-69rqnDpY0ovMMUoT-CbZKIA%26client%3Dca-pub-4007715589170015%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A0E5 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A0E5 308 B
636 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A0E5 293 B
621 B 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A0E5 43 B
348 B 49ms
17ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DVv_47YFo_f1bCdXxPIl5M4ngxG9eWLPaweE_mBzMHuThgFuTMXeNyir9RuYKNFmLhTue8FnNuFQWk73QOoq1Thhz1-Jx_M8k0WYigEJvNqdaistgSonpB9Py5Rs_D5IUDZsg6eVAd1rSl4PnLudnqJ7Eutzfxkod_mbpKiy1_frlADG3Fw-kOiG2h3lD79QJrRViaFsqr6pfmX1YO3TbaZ25uwibaWctGFZuErH9hLbf8XtbnxsYBCqh0trxnnBw5-lyp93SmL0bQCUXQJWySWsPxyy9G7rOg7BZ-nYiewJ32yqnwuIpdU7o7SWipJt2EM6Brgagnw_ZQDud-ZsXXFeQAGnzfeidNeAvgKzVI5VNxoJxNVpTy5bJp5gRZwPf2oieEInV0IReLgH93Hd64y90abqA3zSbSOePB7s-68JgIvH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2498843
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i
ipds.adrta.com/ Frame A0E5
Redirect Chain

https://adrta.com/i?cb=65681aae884117570f5e3a74ea523cf7&clid=co&paid=co&avid=89430&caid=412424&plid=11448653&publisherId=141479&kv1=728X90&kv2=https://googleads.g.doubleclick.net/&kv3=9c8d9751-7a3d...
https://ipds.adrta.com/i?__x=JJCIKFEIKHCLLBEBOKHGNKONHIOLLHLHHOPAGLEIJGHKOGHIMBFOMMKJKIGLJIOMNNJMKBIMFFHJHHPIIJJ@KPHLHONEJHJLMKFHGINBFNHGIGFKPFJLKAE@HBE&cb=65681aae884117570f5e3a74ea523cf7&clid=co&...

43 B
183 B

317ms
100ms

Image
image/gif

2600:1f18:26d4:7e06:3a24:a9df:107e:9faa

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipds.adrta.com/i?__x=JJCIKFEIKHCLLBEBOKHGNKONHIOLLHLHHOPAGLEIJGHKOGHIMBFOMMKJKIGLJIOMNNJMKBIMFFHJHHPIIJJ@KPHLHONEJHJLMKFHGINBFNHGIGFKPFJLKAE@HBE&cb=65681aae884117570f5e3a74ea523cf7&clid=co&paid=co&avid=89430&caid=412424&plid=11448653&publisherId=141479&kv1=728X90&kv2=https://googleads.g.doubleclick.net/&kv3=9c8d9751-7a3d-48c7-a509-a72456622b5e&kv4=2001:ac8:20::&kv7=317&kv11=65681aae884117570f5e3a74ea523cf7&kv12=786654&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.199%20Safari/537.36&kv24=Windows_Web
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWgargAI7QIHg6CMAABZYDOWLQ1tMSnqyze6wA&u=%7CV7XG8NTWto0ItVF8u4svFfi9g%2F4U0eerzmPQwlrVsNk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC862S7AWvTrIfESCuNce8VR2LuywgVT530Q0QBh-g09SclGRUA1rpO2WAW5xu_ei6a1WHq3O8YZkhU0VwTJWWE9yUZkTl-oswuQ8toGSH8yFW6IIVMV5VK7PufJQUqNXD4XRzy07jwMsLdsm_aMFL8lASR02AHOcMmPIOv_evsCx2yMQjyvISLo0xRLFu2mWyrfcVxJpCvTQr3eqF5CkMCFbZYKeAfIXJZVSib3mO2QaKa-ZTJmV486QVTejTZTkMxmXZLRpTDIp4SlXyjkSPlbZ51_lKE8dBwQAjClP6sTNgwnVjQeEpDRprD2sfFQskFfGMmXb072OiP5m0I2LIdVD18RPCexDqbZvFMugk9i2GUsgPhTBzYsrtZh9THAV69KdGQnOKL3t1c1pxPpPGNPfxsBZ7HzchQHmANRJmxlJq1DxM_T3s9So6FZ37Wg2xk6lIYi4q8pm1dck-kJp-R2lhmAXeJszEY5gvs3qKEf2QJFhVvrm-FMoBiIFnC-Df33Qld38mJa1J1V0cN3SdU6-eAnG8_G70DLa_9JdlQm6vGIZCw8KWkAhc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDg3grhpoZYLaI4zBjuwP4LKBOMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDAwNzcxNTU4OTE3MDAxNcgBCakCgMtUH0Vpsj6oAwHIAwKqBPABT9B_RjvEdiyEZJGeWOUKg2FMpzbQz3jNA53rseujp0cBjMeU3ix9anzcr_lO6AZ7nchlhkz2BBZK7qwvMXI3jWmj7__lgeJupqsrdxqrv5nlMfvE0WrX2buVl4f4HiX0D12had0woJaiquEFUSWeyH7Xz4ejMBEPgtBf0lXxXJazDhkVcJzeVYtDEzQAYHaDPIO70XqItwUnSqitUZ97S0IctBSeGzoORfrFQlts8v4S-wwzl-WZ8wM1PS1WmoVxM4AzMmOq12TFcOYBu3-rV4b1o6JPrYghTQYjqXKR3zsc-bwoYaod5VKy41F3LwB2gAarmP6p1ruF4XegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY1cKJifzqggP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1iZb-69rqnDpY0ovMMUoT-CbZKIA%26client%3Dca-pub-4007715589170015%26adurl%3D
Protocol: H2
Server: 2600:1f18:26d4:7e06:3a24:a9df:107e:9faa -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 30 Nov 2023 05:16:31 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=JJCIKFEIKHCLLBEBOKHGNKONHIOLLHLHHOPAGLEIJGHKOGHIMBFOMMKJKIGLJIOMNNJMKBIMFFHJHHPIIJJ@KPHLHONEJHJLMKFHGINBFNHGIGFKPFJLKAE@HBE&cb=65681aae884117570f5e3a74ea523cf7&clid=co&paid=co&avid=89430&caid=412424&plid=11448653&publisherId=141479&kv1=728X90&kv2=https://googleads.g.doubleclick.net/&kv3=9c8d9751-7a3d-48c7-a509-a72456622b5e&kv4=2001:ac8:20::&kv7=317&kv11=65681aae884117570f5e3a74ea523cf7&kv12=786654&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/119.0.6045.199%20Safari/537.36&kv24=Windows_Web
date: Thu, 30 Nov 2023 05:16:31 GMT
server: nginx
content-length: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A0E5 12 KB
5 KB 31ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1730966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hJYHPYpaBuvmSUgRADcdvRk%2FHhBqbS2G0VeGbcuY7b9d%2BRm3TNg6DGsuGadssIWJ%2BzHDqxiaSK8cuLlrMYc77q%2B0u2usx0jMy%2FfK%2BmCfkMdZ7L052EBhwli55ChuCZ1wUsLIuAe3vWj9xM%2FWdWdqkFm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82e09e66884e9bdc-FRA
expires: Tue, 19 Nov 2024 05:16:31 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A0E5 12 KB
6 KB 13ms
13ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 17 KB
17 KB 62ms
29ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F96487%2F5142587%2F1cf8e1e982294ec8b80aa57a7f975235_square.png&v=3&w=412&rid=4&s=fJnxWNVSL5HWgRbxkTtGoU0K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e580ee4b699ba551feeafa15f1cfe67492c9efe509f8c29067e33e90750b7ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17275
expires: Thu, 21 Nov 2024 18:35:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 9 KB
9 KB 71ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2F0v%2Fx7%2Fcx3nvvfqg9e9f07ecfd71cfwc1y3_original.jpeg&v=3&w=800&rid=4&s=8xCRWcd--CmZN_38hna_qXZs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44fb23b211a6d42b3594efb493871f9474eb4e5e9904f7724128dd05e9c5538c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9414
expires: Thu, 21 Nov 2024 18:40:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 10 KB
10 KB 70ms
37ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fhd%2Fkz%2Fh5vjgdmk4wfs5gh0xx00v43rpppc_original.jpeg&v=3&w=800&rid=4&s=3cbt1P-gJ1WoYo8OQaYtDEc9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f8c6b5388223f052abe69a78846c0a6084a30a40c2dfe05980cb7ea1c986c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9962
expires: Thu, 21 Nov 2024 18:35:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 14 KB
14 KB 56ms
23ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2F5z%2Fq5%2Fq0vpfrmcpvq3zbsj4fn8n0tmefpx_original.jpeg&v=3&w=800&rid=4&s=ywi3T3MfmZF6Y_sxoYrjYW9v&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

07d64c4bd8d62d9b4d1da2acd3754b38c369f998e65cb5dcb84d2d1ac06bd4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 14540
expires: Thu, 21 Nov 2024 18:35:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 13 KB
13 KB 61ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fuq%2Fzv%2Ftmxrxwsfp81mnv4fju0bm9uxj49t_original.jpeg&v=3&w=800&rid=4&s=wBJa1LLdxGWoc_Yy0YtMKCVZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

039f36f4e911155b4c737525aef21c23412b49dd7050fe7d4cbd141dfa712309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12916
expires: Thu, 21 Nov 2024 18:35:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 5 KB
6 KB 72ms
39ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fnj%2Fw0%2Fjg4spz1dbzervghtvgnf8btdp36k_original.jpeg&v=3&w=800&rid=4&s=MSpaSKQijiloDNiYa4BGSXnh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6474a81607827e5048a932311a6be5c1d1ce87e7cd7a5f392e025dc9a61e6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5580
expires: Thu, 21 Nov 2024 18:40:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 7 KB
7 KB 17ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fxf%2F03%2F2bktxfzhj5rheu8jmvu6nqcnxp77_original.jpeg&v=3&w=800&rid=4&s=MCjRVYmzxqQ5Be70o_-ZlDiD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5f55972900a6240345fde22022ca553b756ef91c64506b895948f46206f444f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7442
expires: Thu, 21 Nov 2024 18:35:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 18 KB
18 KB 21ms
20ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fw6%2Frh%2F8x2fdc8cmfe4wx8b0t7yvd01beu1_original.jpeg&v=3&w=800&rid=4&s=4DxEXcV3im30GD6QOmwMhb8y&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

35d5374bded52d5ad14cb6f315bb433ae5421d1c61eb1191c1d04b1f9f5db37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 18556
expires: Thu, 21 Nov 2024 18:51:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 12 KB
12 KB 24ms
23ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fx1%2Fbu%2Fk4zdmgrh7n8wbud6rj2u4nnn8d7q_original.jpeg&v=3&w=800&rid=4&s=Nx6KgPgphoN-QK-PIFLrqaUd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

497effb27e4d02e527a2562a65d0d03a4af35f19f02bf67840edd663e469e7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11946
expires: Thu, 21 Nov 2024 18:54:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 15 KB
15 KB 23ms
23ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fy5%2Fyj%2Fvsx8vb93q08prg81wy2ghzwnpc9h_original.jpeg&v=3&w=800&rid=4&s=Ff1S_M3iGCCoHbrmlZrA5XHT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

43beb0a8d6f07050baa14ebbf10177a58b7b567b00531d8b7f68525f2114ec41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 15640
expires: Thu, 21 Nov 2024 18:35:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 13 KB
13 KB 26ms
26ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fb7%2Fcu%2Fpsxy7b4k3hy18p5pg0jbnp09844z_original.jpeg&v=3&w=800&rid=4&s=2YnxMFzswayc-uOwOsZemej8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

994a3d11c42740b7626553e9c05e8b68ba6612a3d0e3938899c53c5ac1109e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13200
expires: Thu, 21 Nov 2024 18:49:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 9 KB
9 KB 25ms
24ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fhw%2Fds%2Fmbjn19vttcuv74ck7kh66w3yvm8t_original.jpeg&v=3&w=800&rid=4&s=_fHScxx5JFU1ExYxAgdpVvVQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

baefa091c36af1c788aa829af2954bfd29f734a6023fc62d706c8ffeff14939b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9260
expires: Thu, 21 Nov 2024 18:40:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 8 KB
8 KB 32ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fjn%2F9k%2Fh365kgsgfnpb7rd632g0gdf31uhh_original.jpeg&v=3&w=800&rid=4&s=ll8ZYnyG5u-RbTpkoaMilmvY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1b67851565016789b4bb1c1f3d37772cfe013b27b23a8a4e081f0d05c8eae983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8388
expires: Thu, 21 Nov 2024 18:40:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 12 KB
12 KB 29ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fh7%2F6f%2F9mrb6z0vzhnu4nfkxc9h4ep396bv_original.jpeg&v=3&w=800&rid=4&s=47mM9sXqN6jViXmmLVRlGERe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

952e010150896218b5aa9427461f6bbaea5189c2a0fe1694a90d4d86fd8c8558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11868
expires: Thu, 21 Nov 2024 18:40:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 5 KB
5 KB 36ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fbr%2Fdq%2Fp0y53rx8nwks6yvjctnrfstx6pse_original.jpeg&v=3&w=800&rid=4&s=bAkz8LXQDCqlQm7OfOYJ2zXu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

295741ad304b3cd34381a8536d8db5398f1639f730e40da3a4d6c910e72e7e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5056
expires: Sun, 24 Nov 2024 04:40:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 18 KB
18 KB 30ms
30ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fj8%2F3z%2Fy7j82x34g9ej4rz12s7fz30yxscz_original.jpeg&v=3&w=800&rid=4&s=IixkMDZJasZriKPeWJUg1ncY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

550e7e9989086e31da6f2add538d2069ff300c8950dbdc188f366d10b5979611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 18346
expires: Sun, 24 Nov 2024 04:40:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 9 KB
9 KB 33ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fkg%2F5c%2Fg1jknpxsn5p9sqbus31x35g6erfd_original.jpeg&v=3&w=800&rid=4&s=ropgKxzSmv_UQ01zYr4N4qIE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb5e92aef3fb3d76865ce518be305742d73a0bb86e6a2343818cb764794fd9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8984
expires: Sun, 24 Nov 2024 04:40:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 11 KB
11 KB 35ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2Fq4%2F4q%2Fjhtu9knfgp2qyvfvr35q33cs2jpw_original.jpeg&v=3&w=800&rid=4&s=VPTTyAP_Sf9lPoW0GdYkdHti&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c015fedf289ed3f20cd228eb59fc05df70edd4898375b0cd8c1803320241d3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11360
expires: Sun, 24 Nov 2024 04:40:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A0E5 10 KB
10 KB 34ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96487&q=80&r=0&u=https%3A%2F%2Fimg.jpharmcdn.net%2F1d%2Fhk%2Fmxsm6qu1jhzts7hpc1sd998fuftc_original.jpeg&v=3&w=800&rid=4&s=ZE33SYDPXgc108GIpJjY2a13&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

62c4ce487a99813442498e99419e5a6902863cba84a5b4f0318e62e218aa6c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10350
expires: Sun, 24 Nov 2024 04:40:26 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A0E5 0
128 B 56ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ESlMjNTko3wkO5ddKaeV2q4vNLzjc6NNEkTPMWwW_KVynbx6a-Wg-mbYhePiPf7jnurG_EfBgEQLATGerSoY3osVI28MkTH_hIumoFodhusFqPdkZMI4PGiINr6wRcKV-cOrIKhiEBqRmFLTqUvLqaxBs-iZmFAr8921T-CjH-0QPDVGy9Zt7g7bf6MJ9CVfqCls6tWxLO9gGrwkJKAy9jxuFIZi_ndZ7LAnchbSv2ftbJ8BCmrM64dhCQr_qzApaZqlLw&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 30 Nov 2023 05:16:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A0E5 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A0E5 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H2 200 baloothambi-400.css
static.criteo.net/design/googlefont/baloothambi/ Frame A0E5 1 KB
757 B 13ms
13ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/baloothambi/baloothambi-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

de287c681d97861263d2aba8c5964cb8a3ea730157687af058bd266dc48fb117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 13:54:42 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eca2-546"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H2 200 baloothambi-400-latin.woff2
static.criteo.net/design/googlefont/baloothambi/ Frame A0E5 25 KB
25 KB 50ms
25ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/baloothambi/baloothambi-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/baloothambi/baloothambi-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

08972b0148e40d227362e3a19fcdb008b9ea2856dd21dd3335f9351c3da87139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/baloothambi/baloothambi-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 13:54:42 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eca2-641c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Nov 2024 05:16:31 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71A1 42 B
64 B 56ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudKtDGctC3uicxznyyy-wnWCjhuAXORl_9BFTdXeY3DLPeBytWfTAr6Bucvdtqofc9HghvvHZk8zUkJ1DLTs9kd9g1lSOUWZ7aK02kFyLXwzS6468e&sig=Cg0ArKJSzMVXkhEjpIEXEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1572267553&rs=2&la=0&cr=0&vs=4&r=v&rst=1701321390567&rpt=475&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 05:16:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A0E5 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 30 Nov 2023 05:16:31 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5CB3 16 KB
12 KB 25ms
25ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231128&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b18804ece7017e295f67fc072e55e87c32de8828705bee7b1f376fb8f85814d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12353
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5CB3 17 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yesnic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 05:16:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B00 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46601
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 16:19:51 GMT
expires: Thu, 28 Nov 2024 16:19:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 92E7 829 B
1 KB 37ms
17ms Document
text/html 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

f130789010c788266ef7705e428e3e4182a99a698db90ece8bb8852da33919f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mF2DBwwAHZtLuI6h0niSxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yesnic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mF2DBwwAHZtLuI6h0niSxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 05:16:32 GMT
expires: Thu, 30 Nov 2023 05:16:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B00 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:14:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 03:14:50 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 92E7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231128&jk=2839378564638026&rc=

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/	1970-01-20 16:35:24	Name: zdi Value: %2A1bEkekFmZGU29TFudjkcurQ%253d%253d
.criteo.com/	1970-01-21 01:56:57	Name: uid Value: 9963ff62-9f06-4df9-9b67-1c9950b18590
.criteo.com/	1970-01-21 01:56:57	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 01:56:57	Name: IDE Value: AHWqTUkzdY_6pPIPeUtn9zxpVBhWbDS5Q8-5Bb7zVjWfOpt3S7zaRX_yr0qpXG_YWCQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://homeup.co.kr/(Line 3) Message: The key "target-densitydpi" is not supported.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4007715589170015&output=html&h=90&slotname=2162713512&adk=1572267553&adf=3776779711&pi=t.ma~as.2162713512&w=728&lmt=1701321390&format=728x90&url=https%3A%2F%2Fwww.yesnic.com%2F%3F_task%3Dfp%26_action%3Dbasic&ea=0&wgl=1&dt=1701321390473&bpp=2&bdt=2084&idt=85&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&correlator=5911806939673&frm=22&ife=1&pv=2&ga_vid=131802967.1701321391&ga_sid=1701321391&ga_hid=562711550&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2991944913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44809317%2C31078301%2C31079721%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=2839378564638026&tmod=155673268&uas=0&nvt=1&top=http%3A%2F%2Fhomeup.co.kr%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.lhf01hn7ijm2&fsb=1&dtd=93 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
ads.eu.criteo.com
cas.criteo.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
csm.eu.criteo.net
googleads.g.doubleclick.net
gum.criteo.com
homeup.co.kr
imageproxy.eu.criteo.net
ipds.adrta.com
mug.criteo.com
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
ssl.google-analytics.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.yesnic.com
yesnic.com
pagead2.googlesyndication.com
118.67.131.217
178.250.1.6
220.230.126.70
2600:1f18:26d4:7e06:3a24:a9df:107e:9faa
2606:4700::6810:5614
2606:4700::6811:180e
27.96.134.25
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::a
2a02:2638:3::c
34.235.200.9
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
039f36f4e911155b4c737525aef21c23412b49dd7050fe7d4cbd141dfa712309
07d64c4bd8d62d9b4d1da2acd3754b38c369f998e65cb5dcb84d2d1ac06bd4c8
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08972b0148e40d227362e3a19fcdb008b9ea2856dd21dd3335f9351c3da87139
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0f92cd4d8667ef1518999d237d8e15d21bf3a40de35ab8f9e5bc9559ef0a9cd4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b67851565016789b4bb1c1f3d37772cfe013b27b23a8a4e081f0d05c8eae983
1edeb8f7974a9cc4d5a16ea479ce777e92e51f5dcd9ad8cb477be8b6fa1cbfdf
24fe66dfcc1e4089a66b758e679dd49b90b1c185851e35b30e73fd0ee6b542e2
295741ad304b3cd34381a8536d8db5398f1639f730e40da3a4d6c910e72e7e70
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35d5374bded52d5ad14cb6f315bb433ae5421d1c61eb1191c1d04b1f9f5db37f
35dbd7fb0ee986ebaefae727cab6c12b35782ea1663e79f3db7f8f145ca5e82d
3f54c548197c187e9b199b96e441a4a5abc0cd00417780b9bd415113c4cbafa4
43beb0a8d6f07050baa14ebbf10177a58b7b567b00531d8b7f68525f2114ec41
44fb23b211a6d42b3594efb493871f9474eb4e5e9904f7724128dd05e9c5538c
497effb27e4d02e527a2562a65d0d03a4af35f19f02bf67840edd663e469e7a9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53e65cdce3ae9e905997468d060db5123aa9ad218c435fd5ebafeaca368520e1
550e7e9989086e31da6f2add538d2069ff300c8950dbdc188f366d10b5979611
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57bc3b2156adb4b160d7ff1b6f1af633ff24c8b3e165bdd1a5754a5292dbf0b4
5f55972900a6240345fde22022ca553b756ef91c64506b895948f46206f444f4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c4ce487a99813442498e99419e5a6902863cba84a5b4f0318e62e218aa6c5f
66a3fe092264c1ba162aad79ff1f4b645bde1d74a6d231f8d7689e021857282f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
747b8386133b10bffede3cedeb994fc681ad9dc424879a248d7cadf6749b2f97
7963362dfce156aeac857d8da3752e804802bbc5744c6abadf0b7bcb634e7ac1
7f8c6b5388223f052abe69a78846c0a6084a30a40c2dfe05980cb7ea1c986c4b
805c5aab782ff4853b51cd3a0bca99ff03b141b5f9f14736479460db21ae2845
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
906f9886b7bb6ab67da949461240e8cc376781cb40895576aedf6456441361b4
952e010150896218b5aa9427461f6bbaea5189c2a0fe1694a90d4d86fd8c8558
98a1e2b916326a471dff04d4141dbdbcac0ffd60ed35b7e151c02086f8728f51
994a3d11c42740b7626553e9c05e8b68ba6612a3d0e3938899c53c5ac1109e57
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4e82cf2d5503a0cfda85745596dec97fe721685a98a4bed44dc8388e0cdc1a7
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b18804ece7017e295f67fc072e55e87c32de8828705bee7b1f376fb8f85814d3
b23bb9ed14289db8165b4f80b149835bcdc47b56fe59dd2d2c5ecb968a3a299f
b6474a81607827e5048a932311a6be5c1d1ce87e7cd7a5f392e025dc9a61e6ea
b84cefa73073de242a7d90568b522924b3fc2694ac7dd44fc9d735f25d44d483
b8f32ce5d6e08fad5854ae7bab81127ce5a0b3031f6a62b62700f77add7dfa86
baefa091c36af1c788aa829af2954bfd29f734a6023fc62d706c8ffeff14939b
c015fedf289ed3f20cd228eb59fc05df70edd4898375b0cd8c1803320241d3ff
cb14267a194190efe4d36ba953bd26cdc50a427bfceb2bccb93288a050c1b0d7
d6c5ee567fc259b1e6a5aaf4e1de177ebfec611be8dd32ec933ba6b0cf2b9e74
d857f9d9f220f6213ce85327e5eee9226f11a4ebaf222ea5f2fe4050d9d04d00
de287c681d97861263d2aba8c5964cb8a3ea730157687af058bd266dc48fb117
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1dd6d68e00d98fe5bfbc6b196ff6b9538eb44dae9a7b386e9c4aea3e156d80e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580ee4b699ba551feeafa15f1cfe67492c9efe509f8c29067e33e90750b7ba2
ebf4612860fcecc702c9da29bc3354af8345e125aed4681ee54a9e9a3bb989ce
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f130789010c788266ef7705e428e3e4182a99a698db90ece8bb8852da33919f5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f90f7c136b9ef485a196ad3baf2073a544c93b49b4c59e88c35c5ecd2e90e055
fb5e92aef3fb3d76865ce518be305742d73a0bb86e6a2343818cb764794fd9b7

homeup.co.kr Open in urlscan Pro 118.67.131.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

71 Requests

94 %HTTPS

76 %IPv6

12 Domains

22 Subdomains

21 IPs

4 Countries

2403 kBTransfer

3326 kBSize

4 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

homeup.co.kr Open in urlscan Pro
118.67.131.217 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

94 %
HTTPS

76 %
IPv6

12
Domains

22
Subdomains

21
IPs

4
Countries

2403 kB
Transfer

3326 kB
Size

4
Cookies

71 HTTP transactions
1 data transactions