shopper-wages-army-like.trycloudflare.com Open in urlscan Pro
104.17.123.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shopper-wages-army-like.trycloudflare.com/
Submission: On March 01 via api (March 1st 2024, 12:08:03 am UTC) from US — Scanned from US

Summary HTTP 132 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 35 domains to perform 132 HTTP transactions. The main IP is 104.17.123.55, located in and belongs to CLOUDFLARENET, US. The main domain is shopper-wages-army-like.trycloudflare.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2023. Valid for: a year.

This is the only time shopper-wages-army-like.trycloudflare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.17.123.55 104.17.123.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:251... 2600:9000:2514:9c00:16:c2fc:5a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	116.203.183.219 116.203.183.219	24940 (HETZNER-AS) (HETZNER-AS)
23	116.203.242.198 116.203.242.198	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:220... 2600:9000:2209:5000:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	46.4.104.8 46.4.104.8	24940 (HETZNER-AS) (HETZNER-AS)
4	2a01:4f8:272:... 2a01:4f8:272:50e8::1	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:24f... 2600:9000:24f1:8400:1f:af3f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.31.96.185 52.31.96.185	16509 (AMAZON-02) (AMAZON-02)
12 12	142.251.40.166 142.251.40.166	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
4 10	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 2	212.83.50.108 212.83.50.108	47447 (TTM) (TTM)
4 4	85.114.159.112 85.114.159.112	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2 2	18.193.137.7 18.193.137.7	16509 (AMAZON-02) (AMAZON-02)
1 1	23.83.76.57 23.83.76.57	395954 (LEASEWEB-...) (LEASEWEB-USA-LAX)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
3	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:5... 2600:1901:0:5987::	15169 (GOOGLE) (GOOGLE)
8	2600:1901:0:c... 2600:1901:0:c07c::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 6	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:1901:0:2... 2600:1901:0:256b::	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:1... 2600:1901:0:1e38::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
2	18.238.74.246 18.238.74.246	16509 (AMAZON-02) (AMAZON-02)
1	54.230.160.114 54.230.160.114	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
2	185.167.164.45 185.167.164.45	198622 (ADFORM) (ADFORM)
132	36

14 104.17.123.55 (None, )

ASN13335 (CLOUDFLARENET, US)

shopper-wages-army-like.trycloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:9c00:16:c2fc:5a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.livebuy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.183.219 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s42e39.meinserver.io

www.herthashop.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 116.203.242.198 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: os1.meinecloud.io

os1.meinecloud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:5000:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.4.104.8 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.8.104.4.46.clients.your-server.de

tm.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tm722.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:272:50e8::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

api.bounce-commerce.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:8400:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.96.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-96-185.eu-west-1.compute.amazonaws.com

lantern.roeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.40.166 (Queens, United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.157.6.233 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.83.50.108 (Germany) 2 redirects

ASN47447 (TTM, DE)

r.adserver01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.114.159.112 (Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad11.adfarm1.adition.com

ad11.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.137.7 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-137-7.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.83.76.57 (Los Angeles, United States) 1 redirects

ASN395954 (LEASEWEB-USA-LAX, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany) 1 redirects

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1901:0:c07c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 116.202.48.214 (Krefeld, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:256b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

aggregator.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:1e38:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

consent-api.service.consent.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.74.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-74-246.jfk52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.160.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-160-114.ewr53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.91 (United States)

ASN54113 (FASTLY, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.45 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	meinecloud.io os1.meinecloud.io — Cisco Umbrella Rank: 755446	4 MB
16	doubleclick.net 13 redirects ad.doubleclick.net — Cisco Umbrella Rank: 157 cm.g.doubleclick.net — Cisco Umbrella Rank: 264 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	14 KB
15	usercentrics.eu app.usercentrics.eu — Cisco Umbrella Rank: 8590 api.usercentrics.eu — Cisco Umbrella Rank: 7703 aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 9911 consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 12951	287 KB
14	trycloudflare.com shopper-wages-army-like.trycloudflare.com	508 KB
12	adform.net 4 redirects track.adform.net — Cisco Umbrella Rank: 4605 s2.adform.net — Cisco Umbrella Rank: 7094	68 KB
12	ad-srv.net 2 redirects tm.ad-srv.net — Cisco Umbrella Rank: 80110 tm722.ad-srv.net — Cisco Umbrella Rank: 482516 ad.ad-srv.net — Cisco Umbrella Rank: 43611	14 KB
11	ad4m.at ad4m.at — Cisco Umbrella Rank: 11989 as.ad4m.at — Cisco Umbrella Rank: 31126	28 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 99 analytics.google.com — Cisco Umbrella Rank: 159 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	adition.com 4 redirects ad11.adfarm1.adition.com — Cisco Umbrella Rank: 28952 imagesrv.adition.com — Cisco Umbrella Rank: 17720	2 KB
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 851 tr6.snapchat.com — Cisco Umbrella Rank: 1325	2 KB
4	bounce-commerce.de api.bounce-commerce.de — Cisco Umbrella Rank: 283915	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	267 KB
2	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 2105	817 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 515	1 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1150	38 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 628	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 4300	811 B
2	adserver01.de 2 redirects r.adserver01.de — Cisco Umbrella Rank: 110066	642 B
2	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4447	29 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 802	394 B
1	t.co t.co — Cisco Umbrella Rank: 660	375 B
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1490	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 783	15 KB
1	twiago.com 1 redirects a.twiago.com — Cisco Umbrella Rank: 34864	662 B
1	pubmatic.com 1 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 916	244 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 676	715 B
1	roeye.com lantern.roeye.com — Cisco Umbrella Rank: 8857	128 B
1	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 9059	2 KB
1	herthashop.de www.herthashop.de	622 B
1	livebuy.io sdk.livebuy.io — Cisco Umbrella Rank: 142840	12 KB
0	betweendigital.com Failed ads.betweendigital.com Failed
0	zanox.com Failed static.zanox.com Failed
132	35

	Domain	Requested by
23	os1.meinecloud.io	shopper-wages-army-like.trycloudflare.com
14	shopper-wages-army-like.trycloudflare.com	shopper-wages-army-like.trycloudflare.com
12	ad.doubleclick.net	12 redirects
10	track.adform.net	4 redirects shopper-wages-army-like.trycloudflare.com track.adform.net
8	api.usercentrics.eu	app.usercentrics.eu
7	as.ad4m.at	shopper-wages-army-like.trycloudflare.com
6	tr.snapchat.com	1 redirects sc-static.net
6	ad.ad-srv.net	2 redirects tm722.ad-srv.net ad.ad-srv.net
6	adservice.google.com	shopper-wages-army-like.trycloudflare.com
4	tm722.ad-srv.net	tm.ad-srv.net
4	imagesrv.adition.com	shopper-wages-army-like.trycloudflare.com
4	ad11.adfarm1.adition.com	4 redirects
4	api.bounce-commerce.de	www.dwin1.com api.bounce-commerce.de
4	ad4m.at	www.dwin1.com ad4m.at
3	app.usercentrics.eu	www.googletagmanager.com app.usercentrics.eu shopper-wages-army-like.trycloudflare.com
3	www.googletagmanager.com	shopper-wages-army-like.trycloudflare.com www.googletagmanager.com
2	s2.adform.net	ad.ad-srv.net
2	pixel.mathtag.com	ad.ad-srv.net
2	pixel.tapad.com	2 redirects
2	www.google.com	shopper-wages-army-like.trycloudflare.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	sc-static.net	www.googletagmanager.com tr.snapchat.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	consent-api.service.consent.usercentrics.eu	app.usercentrics.eu
2	aggregator.service.usercentrics.eu	app.usercentrics.eu
2	dsum-sec.casalemedia.com	1 redirects shopper-wages-army-like.trycloudflare.com
2	ih.adscale.de	2 redirects
2	r.adserver01.de	2 redirects
2	tm.ad-srv.net	www.dwin1.com
2	www.dwin1.com	shopper-wages-army-like.trycloudflare.com www.googletagmanager.com
1	tr6.snapchat.com	sc-static.net
1	www.facebook.com	shopper-wages-army-like.trycloudflare.com
1	analytics.twitter.com	shopper-wages-army-like.trycloudflare.com
1	t.co	shopper-wages-army-like.trycloudflare.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	a.twiago.com	1 redirects
1	simage2.pubmatic.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	lantern.roeye.com	shopper-wages-army-like.trycloudflare.com
1	lantern.roeyecdn.com	www.dwin1.com
1	www.herthashop.de	shopper-wages-army-like.trycloudflare.com
1	sdk.livebuy.io	shopper-wages-army-like.trycloudflare.com
0	ads.betweendigital.com Failed	ad.ad-srv.net
0	static.zanox.com Failed	shopper-wages-army-like.trycloudflare.com
132	49

This site contains links to these domains. Also see Links.

Domain
www.herthabsc.com
www.eventimsports.de
www.herthashop.de
www.sky.de
www.dazn.com
www.crazybuzzer.de
store.nike.com
cg-elementum.de
www.berliner-kindl.de
www.cocacola.de
www.jes.ag
www.rs2.de
www.facebook.com
www.herthabsc.de
www.instagram.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.livebuy.io Amazon RSA 2048 M01	`2023-09-27` - `2024-10-25`	a year	crt.sh
herthashop.de R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
os1.meinecloud.io R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
ad-srv.net R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
api.bounce-commerce.de R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.roeyecdn.com Amazon RSA 2048 M01	`2023-10-04` - `2024-10-30`	a year	crt.sh
*.roeye.com Amazon RSA 2048 M03	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
app.usercentrics.eu GTS CA 1D4	`2024-02-05` - `2024-05-05`	3 months	crt.sh
api.usercentrics.eu GTS CA 1D4	`2024-02-03` - `2024-05-03`	3 months	crt.sh
aggregator.service.usercentrics.eu GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
consent-api.service.consent.usercentrics.eu GTS CA 1D4	`2024-02-08` - `2024-05-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-09` - `2024-03-08`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-04` - `2025-01-02`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.mediamath.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://shopper-wages-army-like.trycloudflare.com/
Frame ID: 7706184A3291EAC090FC456F86A744C8
Requests: 107 HTTP requests in this frame

Frame: https://shopper-wages-army-like.trycloudflare.com/widgets/index/refreshStatistic?requestPage=%2F&requestController=index
Frame ID: B1E25B35BC40DF5D1C4BF30282018EEC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 1C57EB876BD41832DFE2B7E88A4FCEDF
Requests: 1 HTTP requests in this frame

Frame: https://tm722.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=b48hf41c56m0oesfsaov53nkhm
Frame ID: 01F0E025DDC263CDB18DB4F5DB080E59
Requests: 1 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.33.1/cross-domain-bridge.html
Frame ID: 51C83BC23624D10B8B7DA4E55D94FD1D
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1
Frame ID: E207723CB17120B92301A7D6A6E5B56A
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 36F58AA91740EEAD5B2A812C2CEC7FFC
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=d13aed06-63ab-44a0-9e79-e07f11ad396d&u_scsid=771f3bb4-730f-4aaa-a2c6-ada2dadc8c3e&u_sclid=347ae1cc-fabb-47ad-bcda-28ddec8ad6e8
Frame ID: 6C36E6A4C5F5FEF4BE09C968A89820AF
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1709096854517&pnid=140&pcid=91085395-a317-4cf3-80bc-5525795d9e23
Frame ID: 51B09A80DE8DCC2F28EDD9F320D12066
Requests: 1 HTTP requests in this frame

Frame: https://tm722.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=3k7ppddrbno16dtsaeovruot00
Frame ID: C2946F0055A1A1AA770C7CC8BAA72B01
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1&
Frame ID: FD639DE8DDB542E065B3DB7D2D8629AA
Requests: 2 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=61152&version=1
Frame ID: 8194CD558A9CAD1DC12800379987A56C
Requests: 4 HTTP requests in this frame

Frame: https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=
Frame ID: 354BAC20EAFE83DEC8FAF6BA12FA0DBA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offizieller Hertha BSC Online-Shop | herthashop.de | Hertha BSC - Offizieller Online-Shop

Detected technologies

Shopware (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

(?:(shopware)|/web/cache/[0-9]{10}_.+)\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

132
Requests

83 %
HTTPS

41 %
IPv6

35
Domains

49
Subdomains

36
IPs

5
Countries

5288 kB
Transfer

8691 kB
Size

44
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: https://www.herthabsc.com/de/
Title: herthabsc.com

Search URL Search Domain Scan URL

URL: https://www.eventimsports.de/ols/hbsctk/de/tk/channel/shop/index
Title: Ticketshop

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/neuheiten/
Title: Neuheiten

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/
Title: Herren

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/frauen/
Title: Frauen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kiddies/
Title: Kiddies

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/
Title: Fanwelt

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/themenwelten/
Title: Themenwelten

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/account

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/account#hide-registration
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/account#show-registration
Title: registrieren

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/account/profile
Title: Persönliche Daten

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/address/index/sidebar/
Title: Adressen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/account/payment
Title: Zahlungsarten

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/account/orders
Title: Bestellungen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/account/downloads
Title: Sofortdownloads

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/checkout/cart
Title: 0

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/trikots/
Title: Trikots

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/nike/
Title: Nike

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/bekleidung/
Title: Bekleidung

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/accessoires/
Title: Accessoires

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/taschen-geldboersen/
Title: Taschen // Geldbörsen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/nike/profikollektion/
Title: Profikollektion

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/nike/trainingskollektion/
Title: Trainingskollektion

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/nike/lifestyle/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/bekleidung/t-shirts-polos/
Title: T-Shirts // Polos

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/bekleidung/sweatshirts-jacken/
Title: Sweatshirts // Jacken

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/bekleidung/sonstige-mode/
Title: sonstige Mode

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/frauen/trikots/
Title: Trikots

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/frauen/nike/
Title: Nike

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/frauen/bekleidung/
Title: Bekleidung

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/frauen/accessoires/
Title: Accessoires

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/frauen/taschen-geldboersen/
Title: Taschen // Geldbörsen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/frauen/nike/trainingskollektion/
Title: Trainingskollektion

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/frauen/nike/lifestyle/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kiddies/trikots/
Title: Trikots

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kiddies/bekleidung/
Title: Bekleidung

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kiddies/accessoires/
Title: Accessoires

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kiddies/schule/
Title: Schule

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kiddies/babys/
Title: Babys

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kiddies/herthinho/
Title: Herthinho

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/esport/
Title: esport

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/caps-muetzen/
Title: Caps // Mützen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/schals/
Title: Schals

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/ostkurve/
Title: Ostkurve

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/zuhause/
Title: Zuhause

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/zuhause/kueche/
Title: Küche

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/zuhause/bad/
Title: Bad

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/zuhause/wohnen/
Title: Wohnen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanwelt/zuhause/garten-garage/
Title: Garten // Garage

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/themenwelten/darts/
Title: Darts

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/themenwelten/kollektionen/
Title: Kollektionen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/themenwelten/nachhaltigkeit/
Title: Nachhaltigkeit

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/themenwelten/poster-download/
Title: Poster // Download

Search URL Search Domain Scan URL

URL: http://www.sky.de/bestellung/fanreceiver-bei-sky/hertha-fanreceiver-26309?wkz=WESO15

Search URL Search Domain Scan URL

URL: http://www.dazn.com/de-de/l/bundesliga-live-stream?utm_source=Buli_activation&utm_medium=referral&utm_campaign=HerthaBSC
Title: DAZN

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/themenwelten/kollektionen/college-kollektion/
Title: College Kollektion

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/themenwelten/kollektionen/bezirke/
Title: Bezirke

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/themenwelten/kollektionen/basic-kollektion/
Title: Basic Kollektion

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/detail/index/sArticle/4949/number/230143

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/detail/index/sArticle/4974/number/230092

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kiddies/babys/4761/heimtrikot-kit-baby-23/24

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/neuheiten/4806/hoodie-logo-blau

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/nike/profikollektion/4749/winterjacke-profi-23/24

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/taschen-geldboersen/4954/stadiontasche-graffiti

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/taschen-geldboersen/4955/bauchtasche-graffiti

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/herren/bekleidung/sweatshirts-jacken/4782/steppjacke-logo-navy

Search URL Search Domain Scan URL

URL: https://www.herthabsc.com/de/newsletter
Title: Zur Anmeldung

Search URL Search Domain Scan URL

URL: https://www.crazybuzzer.de/

Search URL Search Domain Scan URL

URL: https://store.nike.com/de/de_de/

Search URL Search Domain Scan URL

URL: https://cg-elementum.de/

Search URL Search Domain Scan URL

URL: https://www.berliner-kindl.de/

Search URL Search Domain Scan URL

URL: https://www.cocacola.de/de/home/

Search URL Search Domain Scan URL

URL: https://www.jes.ag/

Search URL Search Domain Scan URL

URL: https://www.rs2.de/

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/fanshops
Title: Fanshops

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/%20https://www.sky.de/bestellung/exklusives-angebot-255083?wkz=WESK15
Title: Sky

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/groessentabelle
Title: Größentabelle

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/haendler-werden
Title: Händler werden

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/haeufige-fragen
Title: Häufige Fragen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/zahlungsarten
Title: Zahlungsarten

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/hilfe/support
Title: Hilfe / Support

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/kontaktformular
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/impressum
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/teilnahmebedingungen
Title: Teilnahmebedingungen

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/widerrufsbelehrung
Title: Widerrufsbelehrung

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/widerrufsformular
Title: Widerrufsformular

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/agb
Title: AGB

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/versand-und-ruecksendung
Title: Versand und Rücksendung

Search URL Search Domain Scan URL

URL: https://www.herthashop.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.facebook.com/herthabsc/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.herthabsc.de/splashscreen/index.html
Title: HerthaBSC.com

Search URL Search Domain Scan URL

URL: https://www.instagram.com/herthabsc
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/herthabsc
Title: X (Twitter)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/herthatv
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CLfBt9fi0YQDFRka-QAdLaAOKA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CLfBt9fi0YQDFRka-QAdLaAOKA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 46

https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=|

Request Chain 47

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CJa_t9fi0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CJa_t9fi0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 48

https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10716248;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10716248;dc_pre=CPL21Nfi0YQDFRgt-QAdNWYCLA;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CPL21Nfi0YQDFRgt-QAdNWYCLA;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 49

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 50

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 51

https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=| HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=|

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=1 HTTP 302
https://as.ad4m.at/ad/dpe?b=CAESEIxCdV3gKjUk9vJ8fUSEckc&a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=1&google_cver=1

Request Chain 54

https://ih.adscale.de/tpui?tpid=25&tpuid=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt68odbLBoyTKQL0s%26b%3D__ADSCALE_USER_ID__%26c%3D6 HTTP 302
https://ih.adscale.de/tpui?tpid=25&tpuid=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt68odbLBoyTKQL0s%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&uu=d90d44362d1947fc86b083b088f5f4a0 HTTP 307
https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=6ee9ddac899471ea0da735cd9c5fef18ce318fd772a0acde580c5e959cf0b11b&c=6

Request Chain 55

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt68odbLBoyTKQL0s%26c%3D9%26b%3DSMART_USER_ID HTTP 302
https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=9&b=2158654252907210650&gdpr=0&gdpr_consent=

Request Chain 56

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&C=1

Request Chain 57

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt68odbLBoyTKQL0s%26b%3D%24%7BPUBMATIC%5FUID%7D%26c%3D5 HTTP 302
https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=${PUBMATIC_UID}&c=5

Request Chain 58

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt68odbLBoyTKQL0s%26b%3D%25userid%25%26c%3D7 HTTP 302
https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=f53468fce3a6f84564369b30f8083e0688c0e0d0a0f9342c4d35914637a4b&c=7

Request Chain 72

https://ad.ad-srv.net/retarget?a=61152&version=1 HTTP 302
https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1

Request Chain 107

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CKqD_dni0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CKqD_dni0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 109

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CL_J_dni0YQDFcUC-QAdFCEBLQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CL_J_dni0YQDFcUC-QAdFCEBLQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 110

https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10716248;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=10716248;dc_pre=CJP2hNri0YQDFWMj-QAdsKMKDg;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CJP2hNri0YQDFWMj-QAdsKMKDg;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 111

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 112

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 117

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1709251680553&u_scsid=569650c5-b37b-4c25-b8ba-af0108bc46dd&u_sclid=e8938c3e-4422-4775-a0ce-a8e68583b6fd HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1709096854517%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1709096854517%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1709096854517&pnid=140&pcid=91085395-a317-4cf3-80bc-5525795d9e23

Request Chain 122

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 123

https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent= HTTP 302
https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1&

Request Chain 126

https://x.bidswitch.net/sync?dsp_id=305&user_id=cc9aa93f86316862&expires=90&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=305&user_id=cc9aa93f86316862&expires=90&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=06c134ca-da44-47ea-9f70-eb6134763084

Request Chain 128

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
shopper-wages-army-like.trycloudflare.com/ 379 KB
65 KB 952ms
838ms Document
text/html 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa101d8248eeab254876f553941bbc3edc4324b0b88781b80eec58e5402354d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3980
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 85d4e8c94f23c43b-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 00:07:53 GMT
link: </web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css>; rel="preload"; as="style",</web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.js>; rel="preload"; as="script"
server: cloudflare
vary: Accept-Encoding
x-content-digest: en44cd3daff9d1b99694285eb600764c920931eff539ff25f9ecd49afa4e3cbdda

GET
H2 200 1692796603_bcbf665a891bf5233d29d502c460619c.css
shopper-wages-army-like.trycloudflare.com/web/cache/ 459 KB
63 KB 305ms
301ms Stylesheet
text/css 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17760a0cd51b8367ec3b19f97c917f73909962d1580beb0e1a1e33cdc001d878

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: W/"64e60698-72d66"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31104000, public
cf-ray: 85d4e8cebe23c43b-EWR
expires: Mon, 24 Feb 2025 00:07:53 GMT

GET
H2 200 1692796603_bcbf665a891bf5233d29d502c460619c.js Show response
shopper-wages-army-like.trycloudflare.com/web/cache/ 697 KB
193 KB 299ms
297ms Script
application/javascript 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e600b32edaf67e8eff8248600b067b5c3883a66b6d3b4e307a63db27a6d40d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:21 GMT
server: cloudflare
etag: W/"64e606a5-ae346"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31104000, public
cf-ray: 85d4e8cece32c43b-EWR
expires: Mon, 24 Feb 2025 00:07:53 GMT

GET
H2 200 livebuy-sdk.js Show response
sdk.livebuy.io/ 37 KB
12 KB 336ms
60ms Script
text/javascript 2600:9000:2514:9c00:16:c2fc:5a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.livebuy.io/livebuy-sdk.js
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2514:9c00:16:c2fc:5a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c84c8d44a5204db43f8cf26185edd7c816a1a1f10f9e15265c9b5ef5f49bf8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:44 GMT
content-encoding: br
via: 1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
last-modified: Thu, 15 Feb 2024 09:23:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 17
x-amz-server-side-encryption: AES256
etag: W/"270e3d1ebde2fe44c06842527d1f88e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-cf-id: 6dnh21Nr25xZfkHIQm-q9fbruWTkPXbf4rAVCejRcXDn3PM5zYdUVQ==

GET
H2 200 arrow-right-white.svg
www.herthashop.de/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/ 1 KB
622 B 1204ms
279ms Image
image/svg+xml 116.203.183.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herthashop.de/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/arrow-right-white.svg
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.203.183.219 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s42e39.meinserver.io
Software: nginx /
Resource Hash: b4365977c5e2a1b441c86ccd1e708d6915adde68c9bc6a79bbd6cdae2797da3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:54 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: nginx
etag: W/"64e60698-400"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
expires: Mon, 24 Feb 2025 00:07:54 GMT

GET
H2 200 header-logo2021.svg
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/logos/ 11 KB
4 KB 284ms
283ms Image
image/svg+xml 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/logos/header-logo2021.svg
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83308794097fbcd7f4421871a8bbf24ac06c5d682d7197a5a2ea6fe509e7a19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: W/"64e60698-2ab7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
cf-ray: 85d4e8cece34c43b-EWR
expires: Mon, 24 Feb 2025 00:07:53 GMT

GET
H/1.1 200
OK Sky_4C.png
os1.meinecloud.io/b10088/media/image/ac/37/1d/ 177 KB
178 KB 781ms
278ms Image
image/png 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/ac/37/1d/Sky_4C.png

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

ed09a0e4d038db97f15530255fbefcc75d593bebdae50926f65b5f06ffa8b7a2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:54 GMT
Last-Modified: Mon, 12 Oct 2020 11:57:06 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B579137CD23
ETag: "08e372c9b40fe79fd404ae962db798a8"
Vary: Origin
Content-Type: image/png
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 181197
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1602451016#152470586/gid:5005/gname:client1/mode:33188/mtime:1565766823#274995463/uid:5005/uname:web2

GET
H2 200 12811.js Show response
www.dwin1.com/ 53 KB
15 KB 731ms
477ms Script
application/javascript 2600:9000:2209:5000:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/12811.js
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:5000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f91c8a7d3343c9421f1dcd7ef3189b1857de5a75dc1843072a4a91f65b50ece

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: k_L.V9iVc0Yz6eA_r3BzQWoqHAz6gdI1
content-encoding: gzip
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
date: Fri, 01 Mar 2024 00:07:55 GMT
x-amz-cf-pop: EWR53-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Feb 2024 12:15:38 GMT
server: AmazonS3
etag: W/"ab445274e6b87c95ce5c97ff01c564cc"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: mq9xW1XsXK5MB0BRabXoMQfM3llwsy1PZ30gjLtaIhx7seX_4d5Gmg==

GET
H2 200 Hertha-Regular.woff2
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/Main/ 47 KB
47 KB 266ms
262ms Font
font/woff2 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/Main/Hertha-Regular.woff2
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2210032d52924e367f3a5f5353ab2946b1c1401cf255ab95a21ce31ae7c9a8

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Origin: https://shopper-wages-army-like.trycloudflare.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:54 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: "64e60698-bc5c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 85d4e8d22aadc43b-EWR
content-length: 48220
expires: Mon, 24 Feb 2025 00:07:54 GMT

GET
H2 200 shopware.woff
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/ 69 KB
69 KB 332ms
329ms Font
font/woff 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/shopware.woff
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499e8db4de7463aade473f0c529c839547c9679e9b483e76944a39b4d922dcfe

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Origin: https://shopper-wages-army-like.trycloudflare.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:54 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: "64e60698-113d0"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 85d4e8d22aafc43b-EWR
content-length: 70608
expires: Mon, 24 Feb 2025 00:07:54 GMT

GET
H2 200 Hertha-Black.woff2
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/Main/ 50 KB
50 KB 774ms
771ms Font
font/woff2 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/fonts/Main/Hertha-Black.woff2
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789c9865060b0970be7f897767b0f2c32254c8ed3724394bd05035eb523cd255

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Origin: https://shopper-wages-army-like.trycloudflare.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:54 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: "64e60698-c734"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 85d4e8d22ab0c43b-EWR
content-length: 50996
expires: Mon, 24 Feb 2025 00:07:54 GMT

GET
H2 200 refreshStatistic Show response
shopper-wages-army-like.trycloudflare.com/widgets/index/ Frame B1E2 0
311 B 468ms
468ms Document
text/html 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper-wages-army-like.trycloudflare.com/widgets/index/refreshStatistic?requestPage=%2F&requestController=index
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 85d4e8d2cb5dc43b-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 00:07:54 GMT
expires: -1
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-body-eval: ESI
x-robots-tag: noindex

GET zanox.js
static.zanox.com/scripts/ 0
0

GET
H2 200 nl-grafik.png
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/newsletter/ 14 KB
14 KB 323ms
322ms Image
image/png 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/newsletter/nl-grafik.png
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d09124716d088f15fa8383e2c1b58e07f4705e2997ca5869ba32b06ee7ee83c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:54 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: "64e60698-3839"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 85d4e8d32bbbc43b-EWR
content-length: 14393
expires: Mon, 24 Feb 2025 00:07:54 GMT

GET
H2 200 m8f5fech.js Show response
ad4m.at/ 27 KB
11 KB 194ms
67ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/m8f5fech.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12811.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 601a009aea5454d6bd14ea7f92c7e0e663054a9c3c16b5e0190e8d16bfe902ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:47:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 383733
etag: W/"d64cbfe42c21cb4689f9bb2032acc83b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEiXSnURjqgW3Hh278dTWnhOFpL07kyZxfCWKRHOSFjuiWYe69pLiQjH2S5AfxZBGg8w4JXl71dfQmvDsKOXnAS73WVT4HS8%2FZTlhl2RjhU0IUi%2FcrHA5fcob9H3QdyoXuIAOp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 85d4e8d77b980f74-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 19 Feb 2024 10:51:28 GMT

GET
H/1.1 200
OK d65a51381a.js Show response
tm.ad-srv.net/tm/a/container/init/ 12 KB
3 KB 767ms
245ms Script
application/javascript 46.4.104.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData3569707617950&rnd=85747449
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.104.8 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.8.104.4.46.clients.your-server.de
Software: nginx /
Resource Hash: aed02b66d978d680da0dfbcb2ebcd62260ee37f97f67bfcc86cdd53ae6d3dd80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Mar 2024 00:07:55 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Expires: 0

GET
H2 200 bounce.min.js Show response
api.bounce-commerce.de/ 2 KB
1 KB 703ms
221ms Script
application/javascript 2a01:4f8:272:50e8::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounce-commerce.de/bounce.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12811.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:272:50e8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 529719c177311bb9f345c442bf5b3039567392929670474949689f242beda4b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
content-encoding: gzip
last-modified: Sun, 08 Oct 2023 11:48:43 GMT
server: nginx/1.24.0
etag: W/"6522971b-932"
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800, public
expires: Fri, 08 Mar 2024 00:07:55 GMT

GET
H2 200 lantern_global_12811.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 197ms
61ms Script
application/octet-stream 2600:9000:24f1:8400:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_12811.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12811.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:8400:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2ebb3c55d0f8bc1b36c90cbd3ed0b9c3ccef79fd248057353af43aaebc6651e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 20:11:13 GMT
x-amz-version-id: pLifxHyHj2xZqbEwwo_mnLHaSmjsS.y9
via: 1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront)
last-modified: Tue, 10 Oct 2023 12:17:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 14202
etag: "6cc07e76ec9b99d1bea2f430101b99b1"
x-cache: Hit from cloudfront
content-type: application/octet-stream
content-length: 1810
x-amz-cf-id: gY__PMRAWyiJq7H6LdLVkGIXJ8AMgCK1GtP-_rxtUQ-M8yKLJWqScg==

GET
H2 200 csrftoken Show response
shopper-wages-army-like.trycloudflare.com/ 0
261 B 754ms
752ms XHR
text/html 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper-wages-army-like.trycloudflare.com/csrftoken
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://shopper-wages-army-like.trycloudflare.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-csrf-token: jmDNKBDt2VToUfGe9d8zRU8TLZ4yWC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 85d4e8d6f88bc43b-EWR
expires: -1

GET
H2 200 arrow-right-blue.svg
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/ 1 KB
542 B 271ms
271ms Image
image/svg+xml 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/arrow-right-blue.svg
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9b3a05653917e7127e0cf6c135b8b4a4c6982e5a56007ae77923585f85c3c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: W/"64e60698-403"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
cf-ray: 85d4e8d748e0c43b-EWR
expires: Mon, 24 Feb 2025 00:07:54 GMT

GET
H2 200 arrow-left-white.svg
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/ 1015 B
511 B 312ms
311ms Image
image/svg+xml 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/arrow-left-white.svg
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba9a6e89c840085bbe46a1427b2dfbf79ba7db337aaa7f4079b950c23d871fc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: W/"64e60698-3f7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
cf-ray: 85d4e8d7690fc43b-EWR
expires: Mon, 24 Feb 2025 00:07:54 GMT

GET
H2 200 arrow-right-white.svg
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/ 1 KB
517 B 312ms
312ms Image
image/svg+xml 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/arrow-right-white.svg
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4365977c5e2a1b441c86ccd1e708d6915adde68c9bc6a79bbd6cdae2797da3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: W/"64e60698-400"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
cf-ray: 85d4e8d75901c43b-EWR
expires: Mon, 24 Feb 2025 00:07:54 GMT

GET
H/1.1 200
OK Neu_BasicKollektion_1zu1_800x800.webp
os1.meinecloud.io/b10088/media/image/e0/3b/39/ 75 KB
76 KB 1120ms
343ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/e0/3b/39/Neu_BasicKollektion_1zu1_800x800.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

e6c982dd88cde2821f1b7f417edbfe5fe4cf23fd672d4f0014c5900fa87abca1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Wed, 14 Feb 2024 14:43:03 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57CD19282F
ETag: "016764b00eb62792a01a34b4f537711c"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 77256
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK BabyKit_1zu1_800x800.webp
os1.meinecloud.io/b10088/media/image/30/21/6e/ 61 KB
61 KB 1134ms
329ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/30/21/6e/BabyKit_1zu1_800x800.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

532982fd02277343b04584681b645a81108e62cdf17fd83cecc9d7d9ba6cb374

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Wed, 14 Feb 2024 14:50:26 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57CEB64CDE
ETag: "6b689da031b6ea06d54c04cadbb6500c"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 62462
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 230125-1mM1vIqEl3YBsS_400x400.webp
os1.meinecloud.io/b10088/media/image/53/12/58/ 16 KB
17 KB 1277ms
433ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/53/12/58/230125-1mM1vIqEl3YBsS_400x400.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

764009519b1c7b7d83c84cdc09d8050c02737ecb5733657395816f1d34eba0e1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Wed, 31 Jan 2024 10:51:04 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57D20B0F9D
ETag: "30281741544066c7a16b3aeb33b2f899"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 16726
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 230125-3sbvpEs6isMCqZ5_400x400.webp
os1.meinecloud.io/b10088/media/image/b3/a4/0f/ 15 KB
15 KB 1347ms
459ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/b3/a4/0f/230125-3sbvpEs6isMCqZ5_400x400.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

f185ccece80e456068a42622ceb9e695a4c45ed1039f7e66f0c6687f45df100b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Wed, 31 Jan 2024 10:51:22 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57D58B6746
ETag: "becaf854a8856f42053ea9029747d1f5"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 14876
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 230528-1_400x400.webp
os1.meinecloud.io/b10088/media/image/79/7d/59/ 13 KB
14 KB 706ms
503ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/79/7d/59/230528-1_400x400.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

186d5bb4b742480958249ad3f0feca66ff6dfc77b56c0ff16cc960f57945885f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Mon, 14 Aug 2023 07:56:38 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57AC95B413
ETag: "de2e99b2d1884699d4265ceb08949ac9"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 13666
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 230528-3s_400x400.webp
os1.meinecloud.io/b10088/media/image/84/91/f0/ 13 KB
13 KB 718ms
450ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/84/91/f0/230528-3s_400x400.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

e82a840a174e8f63756f04eafb54d13d9ec9a5582a572c4185364adebe5d5bd2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Mon, 14 Aug 2023 07:56:25 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57B0BC8A01
ETag: "f8f12e623b3bb97a48c4e40af54a991b"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 12986
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK hbsc_graffiti_stadiontasche_400x400.webp
os1.meinecloud.io/b10088/media/image/c3/51/28/ 15 KB
15 KB 647ms
348ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/c3/51/28/hbsc_graffiti_stadiontasche_400x400.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

0fc00b376a1e3ca0c405f969b1b8bc20d52ff7aad57a89788d53a623d26359c6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Wed, 24 Jan 2024 12:45:46 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57B2612002
ETag: "3d262b77fc23a03f4b17d4dbf25a69e8"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 14854
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK hbsc_graffitti_bauchtasche_400x400.webp
os1.meinecloud.io/b10088/media/image/88/bb/2b/ 16 KB
16 KB 744ms
460ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/88/bb/2b/hbsc_graffitti_bauchtasche_400x400.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

79834a27024cae65a005d3406236e46858d2c3f0b921ed5c82fb6f2eacbba55b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Wed, 24 Jan 2024 12:46:45 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57B2919A0D
ETag: "b4ce7ee07acc35c0d3652ec1ea6732a5"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 16320
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 230111-1_400x400.webp
os1.meinecloud.io/b10088/media/image/5e/ab/01/ 18 KB
18 KB 846ms
509ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/5e/ab/01/230111-1_400x400.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

eb043460025cd1d5204c272941ebbcf83209aef59442c0c232cc178d18d7e6dd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Fri, 10 Nov 2023 12:58:48 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57BF81959F
ETag: "bff1b52f7ea57f304cb658b2b0606521"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 18274
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 230111-2_400x400.webp
os1.meinecloud.io/b10088/media/image/42/a7/b5/ 17 KB
17 KB 652ms
344ms Image
image/webp 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/42/a7/b5/230111-2_400x400.webp

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

b1cb2c8bf4cbdc764c96b68954a23c2f55b38070269f467efd3f16f3c8d8d3f8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Fri, 10 Nov 2023 12:58:58 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57B3163D56
ETag: "b5a132182f4fe528b85fceb53b79d6c1"
Vary: Origin
Content-Type: image/webp
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 17362
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK T-Shirt_Ba-r_Shopslider_1920x860.jpg
os1.meinecloud.io/b10088/media/image/e6/87/f9/ 354 KB
354 KB 849ms
143ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/e6/87/f9/T-Shirt_Ba-r_Shopslider_1920x860.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

9e1623bbe7fe1391569078b4ae7b6cd1951e5b57dca10f12934bf5c3be5021f1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:55 GMT
Last-Modified: Thu, 29 Feb 2024 08:02:13 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57CAC9DC82
ETag: "3bd80fae0ed8e66b00d73e1fa246f98e"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 362258
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Bademantel_Shopslider_1920x860.jpg
os1.meinecloud.io/b10088/media/image/a1/a8/8d/ 500 KB
501 KB 381ms
381ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/a1/a8/8d/Bademantel_Shopslider_1920x860.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

48268935cad40851758adadd88ab02cc3aae471449567fd996629c0eed45eb16

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Fri, 16 Feb 2024 15:13:15 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57DD444236
ETag: "5195ed529233790f41cd8e7ad7b76ec3"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 512193
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Ausweich_Shopslider_1920x860-2.jpg
os1.meinecloud.io/b10088/media/image/23/2d/46/ 525 KB
525 KB 329ms
329ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/23/2d/46/Ausweich_Shopslider_1920x860-2.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

409f1e2bf01d1be1eb2c8b4e84d33d88723f3fc4e10d8070d7d79673cb2d3bb9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Thu, 22 Feb 2024 17:46:37 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57E0955B26
ETag: "cfc304cc785ac0e12f9ed229a7c4f99e"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 537270
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Neu_BasicKollektion_Shopslider_1920x860.jpg
os1.meinecloud.io/b10088/media/image/de/4b/46/ 392 KB
392 KB 373ms
372ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/de/4b/46/Neu_BasicKollektion_Shopslider_1920x860.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

d34a85f623f5330a199fdc68ccd18ab0d4350342e672cf5486d6fe7f7dc0cf01

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Wed, 14 Feb 2024 14:38:04 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57EDCF5314
ETag: "6731a68361ff3af7202330b795bc4ad0"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 400930
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK T-Shirt_Ba-r_Slider_Mobile_750x1060.jpg
os1.meinecloud.io/b10088/media/image/f8/07/db/ 260 KB
261 KB 418ms
417ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/f8/07/db/T-Shirt_Ba-r_Slider_Mobile_750x1060.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

c34179845eed425101fe22e3bb4273d7bcad9e233189b660b41a050584cefb66

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Thu, 29 Feb 2024 08:00:31 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57EEBFE48E
ETag: "35085cd068d5511f99a669e63be3e5bd"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 266416
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Bademantel_Slider_Mobile_750x1060.jpg
os1.meinecloud.io/b10088/media/image/cc/46/56/ 387 KB
387 KB 436ms
436ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/cc/46/56/Bademantel_Slider_Mobile_750x1060.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

e406821af63fa0dabbf6f34a49e4eeb5126da475647725063c6535b0be2df2b3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Fri, 16 Feb 2024 15:13:12 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57F16AA4B8
ETag: "fb4e46e2afbeacc055765785eee8ec0a"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 395914
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Ausweich_Slider_Mobile_750x1060-2.jpg
os1.meinecloud.io/b10088/media/image/08/aa/de/ 301 KB
302 KB 420ms
419ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/08/aa/de/Ausweich_Slider_Mobile_750x1060-2.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

4b40a260b5ffc639db67efd2a3c0fedebe19fa7708a4e252c5965d5703f939d2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Thu, 22 Feb 2024 17:46:34 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57F2588631
ETag: "b49c89bf5c1f26c1785608ce8bdae301"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 308674
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Neu_BasicKollektion_Slider_Mobile_750x1060.jpg
os1.meinecloud.io/b10088/media/image/ee/47/82/ 277 KB
278 KB 448ms
446ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/ee/47/82/Neu_BasicKollektion_Slider_Mobile_750x1060.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

91af5d504c7b5623148454262c4b987a82f833a18bee73ceb420de613fc65d9e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:56 GMT
Last-Modified: Wed, 14 Feb 2024 14:38:02 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B57FEE9EF9A
ETag: "8d05a2e787436a397afd7fc0fa610309"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 283862
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK T-Shirt_Ba-r_Shop_Slider_Tablet.jpg
os1.meinecloud.io/b10088/media/image/81/6f/0e/ 96 KB
96 KB 478ms
477ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/81/6f/0e/T-Shirt_Ba-r_Shop_Slider_Tablet.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

9274150d83fb50b81d82471d1c8d74646f73cd7969def5494458cec9296db1c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:57 GMT
Last-Modified: Thu, 29 Feb 2024 08:02:15 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B582093436C
ETag: "ae11b5142a3c5423c7b10b23c6db919c"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 97924
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Bademantel_Shop_Slider_Tablet.jpg
os1.meinecloud.io/b10088/media/image/16/ff/31/ 136 KB
137 KB 560ms
559ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/16/ff/31/Bademantel_Shop_Slider_Tablet.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

b2a72282fbe8353bbf9b0bbdf21fd6196789f06a431f641f88f9267c44a52340

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:57 GMT
Last-Modified: Fri, 16 Feb 2024 15:13:17 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B5822BE7D8C
ETag: "a5bbc1142dd8786705e3cda6a8ad3a56"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 139617
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Ausweich_Shop_Slider_Tablet.jpg
os1.meinecloud.io/b10088/media/image/b1/04/72/ 134 KB
135 KB 512ms
512ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/b1/04/72/Ausweich_Shop_Slider_Tablet.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

324d189729bc3d44c78309768ed1d6b907ee7f8fe3beed6a5d424a2b98b686f3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:57 GMT
Last-Modified: Thu, 22 Feb 2024 17:46:39 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B5823853D3B
ETag: "b351e410f4a8ffbf3a454eb2f957917f"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 137328
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Neu_BasicKollektion_Shop_Slider_Tablet.jpg
os1.meinecloud.io/b10088/media/image/5b/c8/b5/ 107 KB
108 KB 567ms
566ms Image
image/jpeg 116.203.242.198
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://os1.meinecloud.io/b10088/media/image/5b/c8/b5/Neu_BasicKollektion_Shop_Slider_Tablet.jpg

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.203.242.198 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

os1.meinecloud.io

Software

MinIO /

Resource Hash

7494a0fdaebef09610ce45ac7e0c41ffdd5c97b578509accbb80e50e32d2bf43

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 01 Mar 2024 00:07:57 GMT
Last-Modified: Wed, 14 Feb 2024 14:38:06 GMT
Server: MinIO
X-Amz-Request-Id: 17B87B5824014A23
ETag: "bd807806fcd56bd421ebb02067eb314b"
Vary: Origin
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 109761
X-Xss-Protection: 1; mode=block

GET
H2 200 cookie-frame.html Show response
ad4m.at/ Frame 1C57 2 KB
1 KB 40ms
39ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/m8f5fech.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2677218
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 85d4e8d82cbb0f74-EWR
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 01 Mar 2024 00:07:54 GMT
expires: Sat, 30 Dec 2023 10:37:00 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsqYcC9kokU3r2wgp%2B8aQIhu5oMclt0wXHVLsrNxHh3iZQSFKmfaJoN0B%2BDJl2ppQCcqyK%2Ff9iZE%2Bl%2B7vDZVXtveW8x9WBqv9g8GpLDLfwu5mVAeEnTspCuWMhahGrp%2FrT8Wa9k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 track.php
lantern.roeye.com/ 0
128 B 471ms
177ms Image
image/gif 52.31.96.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lantern.roeye.com/track.php?fingerprint=&referrer=&landingpage=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&site=12811
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.96.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-96-185.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
server: nginx
content-length: 0
content-type: image/gif

GET
H2

200

gdpr=0;dc_pre=CLfBt9fi0YQDFRka-QAdLaAOKA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CLfBt9fi0YQDFRka-QAdLaAOKA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;o...
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CLfBt9fi0YQDFRka-QAdLaAOKA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

179ms
89ms

Image
image/gif

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CLfBt9fi0YQDFRka-QAdLaAOKA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Mar 2024 00:07:55 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17796966653327380765"}],"aggregatable_trigger_data":[{"filters":{"14":["6726761"]},"key_piece":"0x217f1a5c036fefa1","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x680bc80e5ffd98da","not_filters":{"14":["6726761"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6726761"]},"key_piece":"0xe5fe3a241ccf1ef","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xdacda4c5f909960f","not_filters":{"14":["6726761"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"4284582443527377486","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17796966653327380765","filters":{"14":["6726761"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"17796966653327380765","filters":{"14":["6726761"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"17796966653327380765","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"17796966653327380765","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8219325"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CLfBt9fi0YQDFRka-QAdLaAOKA;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=|

35 B
518 B

264ms
263ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=|

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=|
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

gdpr=0;dc_pre=CJa_t9fi0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CJa_t9fi0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;o...
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CJa_t9fi0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
401 B

187ms
88ms

Image
image/gif

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CJa_t9fi0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Mar 2024 00:07:55 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17520866943082321822"}],"aggregatable_trigger_data":[{"filters":{"14":["3313423"]},"key_piece":"0x5a93b00424516d24","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x2822cc555729bf27","not_filters":{"14":["3313423"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["3313423"]},"key_piece":"0xdd1c2a50ceff3f8e","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x99fc4077ee0f6abc","not_filters":{"14":["3313423"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"5402843374866010158","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17520866943082321822","filters":{"14":["3313423"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"17520866943082321822","filters":{"14":["3313423"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"17520866943082321822","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"17520866943082321822","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["5252003"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CJa_t9fi0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10716248;dc_pre=CPL21Nfi0YQDFRgt-QAdNWYCLA;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent=
https://ad.doubleclick.net/ddm/activity/src=10716248;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=10716248;dc_pre=CPL21Nfi0YQDFRgt-QAdNWYCLA;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CPL21Nfi0YQDFRgt-QAdNWYCLA;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

95ms
91ms

Image
image/gif

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CPL21Nfi0YQDFRgt-QAdNWYCLA;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Mar 2024 00:07:55 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"7134795801969672159"}],"aggregatable_trigger_data":[{"filters":{"14":["10997860"]},"key_piece":"0x1078407b20d18a6f","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xd36b0b63a5c13b55","not_filters":{"14":["10997860"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["10997860"]},"key_piece":"0x4e758d2554965736","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x9234bc3324a73dc1","not_filters":{"14":["10997860"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"11285525694137603425","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7134795801969672159","filters":{"14":["10997860"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"7134795801969672159","filters":{"14":["10997860"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"7134795801969672159","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"7134795801969672159","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["10716248"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CPL21Nfi0YQDFRgt-QAdNWYCLA;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2
https://imagesrv.adition.com/1x1.gif

68 B
103 B

556ms
258ms

Image
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 00:07:55 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
date: Fri, 01 Mar 2024 01:07:55 +0100
content-type: text/plain
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1
https://imagesrv.adition.com/1x1.gif

68 B
178 B

555ms
256ms

Image
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 00:07:55 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
date: Fri, 01 Mar 2024 01:07:55 +0100
content-type: text/plain
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

/
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=|
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=|

35 B
519 B

232ms
231ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=|

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=|
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 204 dst
as.ad4m.at/ad/ 0
537 B 140ms
116ms Image
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=1939&b=2&c=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&e=17916&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 85d4e8db48920f74-EWR
expires: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=1
https://as.ad4m.at/ad/dpe?b=CAESEIxCdV3gKjUk9vJ8fUSEckc&a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=1&google_cver=1

0
582 B

121ms
120ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?b=CAESEIxCdV3gKjUk9vJ8fUSEckc&a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=1&google_cver=1

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 85d4e8dcb8e6436e-EWR
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://as.ad4m.at/ad/dpe?b=CAESEIxCdV3gKjUk9vJ8fUSEckc&a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=1&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://ih.adscale.de/tpui?tpid=25&tpuid=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt68odbLBoyTKQL0s%26b%3D__ADSCALE_USER_ID__%26c%3D6
https://ih.adscale.de/tpui?tpid=25&tpuid=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt68odbLBoyTKQL0s%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&...
https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=6ee9ddac899471ea0da735cd9c5fef18ce318fd772a0acde580c5e959cf0b11b&c=6

0
546 B

139ms
138ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=6ee9ddac899471ea0da735cd9c5fef18ce318fd772a0acde580c5e959cf0b11b&c=6

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:56 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 85d4e8e09cda436e-EWR
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=6ee9ddac899471ea0da735cd9c5fef18ce318fd772a0acde580c5e959cf0b11b&c=6
date: Fri, 01 Mar 2024 00:07:56 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt...
https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=9&b=2158654252907210650&gdpr=0&gdpr_consent=

0
546 B

112ms
112ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=9&b=2158654252907210650&gdpr=0&gdpr_consent=

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 85d4e8de4aa0436e-EWR
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&c=9&b=2158654252907210650&gdpr=0&gdpr_consent=
pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&C=1

43 B
340 B

62ms
61ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&C=1
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMWeORb8n6DgfFdULoX1sV0AvU24OLI4wP%2FpM71RdtA9V6N7pEkycJlSWmcqePJKFi%2F%2FNP4bNIBM%2BAG4N2JxT5B2tLHgtldOJvheIBmbAvXtBSbDLgINhgeJsD9jAm3z9rZtSeWHhkg%2B%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85d4e8dd4efcc42f-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt5IW%2Bw9SO%2BNt6oxM%2FCdDV6y0qdaa6pL63M%2FM2ir6yrXXHh3ibvMRQrJDyj%2B8jH5xoFQipmL36PLcNe412DMb1Dn%2BqHvEpEr%2FyObryii2lQHlLJRAkxWrNQVzm%2FqtJPRHwIgkxkMXtUfOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=5&external_user_id=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&C=1
cache-control: no-cache
cf-ray: 85d4e8dcbe63c42f-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&r=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZiTqt68odbLBoyTKQL0s%26b%3D%24%7BPUBMATIC%5FUID%...
https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=${PUBMATIC_UID}&c=5

0
546 B

120ms
120ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=${PUBMATIC_UID}&c=5

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 85d4e8dd1970436e-EWR
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=${PUBMATIC_UID}&c=5
date: Fri, 01 Mar 2024 00:07:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

dpe
as.ad4m.at/ad/
Redirect Chain

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DUrKKONVDjm-TZ...
https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=f53468fce3a6f84564369b30f8083e0688c0e0d0a0f9342c4d35914637a4b&c=7

0
546 B

124ms
123ms

Image
text/plain

2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=f53468fce3a6f84564369b30f8083e0688c0e0d0a0f9342c4d35914637a4b&c=7

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:56 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 85d4e8e0bd05436e-EWR
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&b=f53468fce3a6f84564369b30f8083e0688c0e0d0a0f9342c4d35914637a4b&c=7
date: Fri, 01 Mar 2024 00:07:56 GMT
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
server: Apache
x-powered-by: PHP/7.3.30
content-type: text/html; charset=UTF-8

POST
H2 200 request Show response
api.bounce-commerce.de/ 0
322 B 564ms
285ms XHR
text/html 2a01:4f8:272:50e8::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounce-commerce.de/request
Requested by: Host: api.bounce-commerce.de
URL: https://api.bounce-commerce.de/bounce.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:272:50e8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.24.0 / PHP/8.1.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarymAVvc045aByl1xzf

Response headers

date: Fri, 01 Mar 2024 00:07:55 GMT
content-encoding: gzip
server: nginx/1.24.0
x-powered-by: PHP/8.1.25
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK d65a51381a.js Show response
tm722.ad-srv.net/tm/a/container/eval/ 153 B
467 B 1704ms
410ms Script
application/javascript 46.4.104.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm722.ad-srv.net/tm/a/container/eval/d65a51381a.js?sid=b48hf41c56m0oesfsaov53nkhm&rnd=70809052&macroData[transactionId]=&macroData[searchTerm]=&macroData[products]=&macroData[productId]=empty&macroData[productDetails]=&macroData[pageType]=homepage&macroData[pageName]=&macroData[orderValue]=&macroData[checkoutStage]=&macroData[categoryId]=
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData3569707617950&rnd=85747449
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.104.8 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.8.104.4.46.clients.your-server.de
Software: nginx /
Resource Hash: d3a231d76579aaff86b78dc3ad7d081caf1ef0c2c0d7ea7bebe58c33e8cffec7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Mar 2024 00:07:57 GMT
Server: nginx
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 153
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
100 KB 220ms
87ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1214a5cb7b300708fe19a11e771a27e61ecc2cf27a50abb94f58bcf0719beb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 00:07:56 GMT

GET
H2 200 bundle.js Show response
app.usercentrics.eu/browser-ui/latest/ 621 KB
177 KB 334ms
115ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/bundle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fcfa6336d3c1781a4ec5997cc634de0149415fa515ac26454e3a8a21fbe9858d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:34:55 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1981
x-guploader-uploadid: ABPtcPotN58p7yng3YME1E5qurlsiLvHYN15mrX1RE3G83JdH9YCDzURx4xZsUoH6kAw4d5Ll-M
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180912
last-modified: Wed, 21 Feb 2024 14:46:50 GMT
server: UploadServer
etag: "10ac2cd0c6d0be0f4d73b95db4519cba"
x-goog-generation: 1708526810787941
x-goog-hash: crc32c=usR+6Q==, md5=EKws0MbQvg9Nc7ldtFGcug==
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Content-Length,Transfer-Encoding
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 180912
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 01 Mar 2024 00:34:55 GMT

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/DQ4q62vv3/latest/ Frame 0
0 513ms
217ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/DQ4q62vv3/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://shopper-wages-army-like.trycloudflare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 00:07:57 GMT
expires: Fri, 01 Mar 2024 00:07:57 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: US,USGA
x-guploader-uploadid: ABPtcPr8lujIA2omq1ELJV6QoRJk7L9n_s-sCuJrkOOdkbI9o4qy624VInhd1DL4L0eROzcAdMKX3ksXRg

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/DQ4q62vv3/latest/ 76 B
597 B 241ms
240ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/DQ4q62vv3/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7ee8ca906d61597785e898a6a4e492227006b05b297fc86766d94f7b4f20eac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Mar 2024 00:07:57 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1
x-client-geo-location: US,USGA
x-guploader-uploadid: ABPtcPrA93N1xyMKoyeGPR-FDGg8wsH_7IQ7XVlaX9I9JvUOP4xH739ms4TB4bU-v9cgD87PYKgk2jOsWw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
last-modified: Tue, 13 Feb 2024 14:17:59 GMT
server: UploadServer
etag: "c9c96842e8034346db647424b40347cd"
vary: Accept-Encoding
x-goog-generation: 1699604359679008
x-goog-hash: crc32c=9xX5/g==, md5=ycloQugDQ0bbZHQktANHzQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 68
accept-ranges: bytes
content-type: application/json
expires: Fri, 01 Mar 2024 00:08:57 GMT

GET
H/1.1 200
OK d65a51381a.html Show response
tm722.ad-srv.net/tm/a/container/tags/iframe/ Frame 01F0 1 KB
905 B 1189ms
257ms Document
text/html 46.4.104.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm722.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=b48hf41c56m0oesfsaov53nkhm
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData3569707617950&rnd=85747449
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.104.8 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.8.104.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 491ca964d9447b2a25f2136ffc2b5b3135315422292e445949e30e873fe12c72

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Mar 2024 00:07:58 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 de.json Show response
api.usercentrics.eu/settings/DQ4q62vv3/latest/ 35 KB
9 KB 26ms
22ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/DQ4q62vv3/latest/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

65873adbbba30caaa3dc775463e786ad6e1d8b7a65953d14f14b8f1de9c0ecf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Mar 2024 00:07:15 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 43
x-client-geo-location: US,USGA
x-guploader-uploadid: ABPtcPru9HMTqCAec-Rx5-VdbZdAxubVAaNzY4T7Zr5SiEupUanmb88FqWJUePGuXMTaxVA8HEj9DdTMXA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
last-modified: Tue, 13 Feb 2024 14:17:59 GMT
server: UploadServer
etag: "3d8dde72d198c595874adf93c7e4f6c3"
vary: Accept-Encoding
x-goog-generation: 1707833879397635
x-goog-hash: crc32c=y8viRg==, md5=PY3ectGYxZWHSt+Tx+T2ww==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 9345
accept-ranges: bytes
content-type: application/json
expires: Fri, 01 Mar 2024 00:08:15 GMT

OPTIONS
H2 200 de.json
api.usercentrics.eu/settings/DQ4q62vv3/latest/ Frame 0
0 199ms
198ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/DQ4q62vv3/latest/de.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://shopper-wages-army-like.trycloudflare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 00:07:58 GMT
expires: Fri, 01 Mar 2024 00:07:58 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: US,USGA
x-guploader-uploadid: ABPtcPqY5wy2F0oBB36lvfiUae2T1nUTRkKc0sezp4HRNYPb8FuPe2vkfGDpJioExT27rYkLDvbcw5rDmQ

GET
H2 200 cross-domain-bridge.html Show response
app.usercentrics.eu/browser-sdk/4.33.1/ Frame 51C8 5 KB
1 KB 23ms
22ms Document
text/html 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-sdk/4.33.1/cross-domain-bridge.html

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type Content-Length Transfer-Encoding
age: 724686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=2592000, no-transform
content-encoding: gzip
content-length: 1123
content-type: text/html
date: Wed, 21 Feb 2024 14:49:52 GMT
etag: "2dd983f17bf9d8831cd492e42285fb88"
expires: Fri, 22 Mar 2024 14:49:52 GMT
last-modified: Wed, 21 Feb 2024 14:46:11 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-goog-generation: 1708526771087348
x-goog-hash: crc32c=dyWvFg== md5=LdmD8Xv52IMc1JLkIoX7iA==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1123
x-guploader-uploadid: ABPtcPqL7lhpDiwmV3g--l5UCskWTlGWpsURY63vPShswnP9l9Per0CAcFuZC8FcyeV8ikAtZLw

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
820 B 23ms
22ms Image
image/png 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=DQ4q62vv3

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:53:21 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 877
x-guploader-uploadid: ABPtcPqS7DRwEDYLXZE0daZUdH1e0NI4ZUygYBJP2Rt4g63MTNOdXS-xSSBM62Iy5zngDqqLc74
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
x-goog-generation: 1588928773413784
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type: image/png
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
expires: Fri, 01 Mar 2024 00:23:21 GMT

GET
H2 200 translations-de.json Show response
api.usercentrics.eu/translations/ 8 KB
3 KB 27ms
24ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d4921e6caf1dfe28190143aa7cab9addbed7127f03827e73a7cdc56032c25610

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Thu, 29 Feb 2024 14:13:49 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 35649
x-client-geo-location: US,USGA
x-guploader-uploadid: ABPtcPppwgsDkGmvJ1g16HGW9yzTOyfJgqzkr6sz3qGCZewnd-nadom5goGeF2yGJfoX-PSYwwzb21jEEg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2875
last-modified: Tue, 30 Jan 2024 11:24:22 GMT
server: UploadServer
etag: "5f40044b7c98de707f2f938632ef9890"
vary: Accept-Encoding
x-goog-generation: 1706613862457759
x-goog-hash: crc32c=c2vh+w==, md5=X0AES3yY3nB/L5OGMu+YkA==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 2875
accept-ranges: bytes
content-type: application/json
expires: Fri, 01 Mar 2024 14:13:49 GMT

OPTIONS
H2 200 translations-de.json
api.usercentrics.eu/translations/ Frame 0
0 123ms
123ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://shopper-wages-army-like.trycloudflare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 00:07:58 GMT
expires: Fri, 01 Mar 2024 00:07:58 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: US,USGA
x-guploader-uploadid: ABPtcPqPvJ5u2NmHwZkw5b_UmTRtcehCuSLLXrFSNj57wQ00YqSLLa1RNWrHDuvfZW8M2v-SUGmjveXf4g

GET
H/1.1

200
OK

retarget Show response
ad.ad-srv.net/ Frame E207
Redirect Chain

https://ad.ad-srv.net/retarget?a=61152&version=1
https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1

1 KB
1 KB

1126ms
855ms

Document
text/html

116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1
Requested by: Host: tm722.ad-srv.net
URL: https://tm722.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=b48hf41c56m0oesfsaov53nkhm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 28ef14d4ce4be2730121ae8adcb2fdafe4aa7dd3039de48e5f46b0f844ecc098

Request headers

Referer: https://tm722.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 655
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Mar 2024 00:08:00 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Mar 2024 00:07:59 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: ?a=61152&version=1&redirected=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

OPTIONS
H2 204 de
aggregator.service.usercentrics.eu/aggregate/ Frame 0
0 224ms
107ms Preflight
text/html 2600:1901:0:256b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aggregator.service.usercentrics.eu/aggregate/de?templates=9V8bg4D63@9.6.8,B1WMgcNodi-7@4.2.2,BJ59EidsWQ@25.7.28,BJTzqNi_i-m@5.3.8,BJz7qNsdj-7@15.8.17,CguMb4Rq@4.0.4,Gd0bshOBs@12.2.15,H1QMcEsusbm@11.7.8,H1Vl5NidjWX@40.17.44,H1dDqVjOjWX@14.11.12,HHnOG47_6@2.2.2,HJLZqNi_iZQ@7.3.2,HLap0udLC@6.1.5,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,QcD9GVNXZ@1.1.2,S1hmcVouiZm@6.2.2,S1tqOzjaX@5.1.5,SJFe9NousWX@11.10.13,SkPc5EjOsWm@6.2.1,Skj79NodobQ@8.1.3,SyfKc4oOjWQ@10.3.3,SylacVousbm@10.2.0,W-HOHMTVq@5.1.5,XYQZBUojc@9.6.4,bt_SD1xU@2.0.3,ir7QpAGI@1.1.4,njy_AxqKG@3.0.3,rJ99c4oOo-X@7.3.6,rJMsqEj_iZQ@14.6.7,rkUcEjuoWm@16.6.5,twMyStLkn@15.9.15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://shopper-wages-army-like.trycloudflare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 01 Mar 2024 00:07:58 GMT
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 51e10aaf2c2c64711c19bca1fd9d59a8

GET
H2 200 de Show response
aggregator.service.usercentrics.eu/aggregate/ 114 KB
15 KB 23ms
23ms Fetch
application/json 2600:1901:0:256b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aggregator.service.usercentrics.eu/aggregate/de?templates=9V8bg4D63@9.6.8,B1WMgcNodi-7@4.2.2,BJ59EidsWQ@25.7.28,BJTzqNi_i-m@5.3.8,BJz7qNsdj-7@15.8.17,CguMb4Rq@4.0.4,Gd0bshOBs@12.2.15,H1QMcEsusbm@11.7.8,H1Vl5NidjWX@40.17.44,H1dDqVjOjWX@14.11.12,HHnOG47_6@2.2.2,HJLZqNi_iZQ@7.3.2,HLap0udLC@6.1.5,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,QcD9GVNXZ@1.1.2,S1hmcVouiZm@6.2.2,S1tqOzjaX@5.1.5,SJFe9NousWX@11.10.13,SkPc5EjOsWm@6.2.1,Skj79NodobQ@8.1.3,SyfKc4oOjWQ@10.3.3,SylacVousbm@10.2.0,W-HOHMTVq@5.1.5,XYQZBUojc@9.6.4,bt_SD1xU@2.0.3,ir7QpAGI@1.1.4,njy_AxqKG@3.0.3,rJ99c4oOo-X@7.3.6,rJMsqEj_iZQ@14.6.7,rkUcEjuoWm@16.6.5,twMyStLkn@15.9.15
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 78f44e7121300db7c0a566d7480e17687159a80b3682dcd70218e723739fb8a2

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Wed, 28 Feb 2024 08:32:17 GMT
content-encoding: br
via: 1.1 google
server: Google Frontend
age: 142541
etag: "10uddro"
vary: Accept-Encoding, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=2592000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14829

GET
H2 200 en.json Show response
api.usercentrics.eu/gvl/v3/ 578 KB
71 KB 33ms
32ms XHR
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/gvl/v3/en.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

97672a7da7b2940a868680d8f803e8dcae6aa24886b2cfb8d5c3a368466ef463

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 22:37:16 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 5443
x-client-geo-location: US,USGA
x-guploader-uploadid: ABPtcPoA0pg_oQtqQLBnoXEghYqZsJlpIca6q7MtuLH_FN2G0QspyttT46oZ0_neVGaFaD4C4KM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72020
last-modified: Fri, 23 Feb 2024 01:00:10 GMT
server: UploadServer
etag: "1d837a81e0d140e5d0e62b7be9d2e7e9"
x-goog-generation: 1708650010137374
x-goog-hash: crc32c=Ywrm2A==, md5=HYN6geDRQOXQ5it76dLn6Q==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7200, s-maxage=7200, no-transform
x-goog-stored-content-length: 72020
accept-ranges: bytes
content-type: application/json
expires: Fri, 01 Mar 2024 00:37:16 GMT

GET
H2 200 de.json Show response
api.usercentrics.eu/gvl/v3/ 45 KB
9 KB 26ms
24ms XHR
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/gvl/v3/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4c589f7f680b638ce7359857de180946ad1f150eb8bb5ce9d7f57acef9825cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 22:49:13 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 4726
x-client-geo-location: US,USGA
x-guploader-uploadid: ABPtcPrMfpqDHebPaDhqyWw4jdTifbH7KA_sL4qEY8Yq4luqlFdn_fRU4MoNVWJddB6p1CmRPrFIJL9NwQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9328
last-modified: Fri, 23 Feb 2024 01:00:10 GMT
server: UploadServer
etag: "b40ac12b4957a4163d617fce41c54434"
x-goog-generation: 1708650010137088
x-goog-hash: crc32c=9Oi3UQ==, md5=tArBK0lXpBY9YX/OQcVENA==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7200, s-maxage=7200, no-transform
x-goog-stored-content-length: 9328
accept-ranges: bytes
content-type: application/json
expires: Fri, 01 Mar 2024 00:49:13 GMT

OPTIONS
H2 204 3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 0
0 325ms
111ms Preflight
text/html 2600:1901:0:1e38::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://shopper-wages-army-like.trycloudflare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 01 Mar 2024 00:07:59 GMT
server: Google Frontend
strict-transport-security: max-age=7776000
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: afe024856b7245048fcec0751f66f64e

POST
H2 201 3 Show response
consent-api.service.consent.usercentrics.eu/consent/uw/ 0
87 B 142ms
140ms Fetch
text/html 2600:1901:0:1e38::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Request-ID: 774fac0d-dd90-4b1d-b0f7-30f47223c8ea
content-type: application/json

Response headers

date: Fri, 01 Mar 2024 00:07:59 GMT
via: 1.1 google
strict-transport-security: max-age=7776000
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: d32d336ab6b5539eddd0ef06a802d83c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
93 KB 59ms
58ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WEL07G5MBW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d3c9217cd15024a0d9e8115d828f839f9f25b13b83b45043eeebf1481b98bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 00:07:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 245ms
35ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 23:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 977
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Mar 2024 01:51:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 240ms
34ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Mar 2024 00:07:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: mebHDZPx3hqEYIXtq+WI5f4yOOrBH0ASOejCO5m1KznOOGjr36T5FIpdayaTPQfmUs2QYPcUnxVVdJY/tC896A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 250ms
46ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000150-IAD

GET
H2 200 12811.js Show response
www.dwin1.com/ 53 KB
15 KB 34ms
34ms Script
application/javascript 2600:9000:2209:5000:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/12811.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:5000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f91c8a7d3343c9421f1dcd7ef3189b1857de5a75dc1843072a4a91f65b50ece

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: k_L.V9iVc0Yz6eA_r3BzQWoqHAz6gdI1
content-encoding: gzip
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
date: Fri, 01 Mar 2024 00:07:55 GMT
x-amz-cf-pop: EWR53-P1
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Feb 2024 12:15:38 GMT
server: AmazonS3
etag: W/"ab445274e6b87c95ce5c97ff01c564cc"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: 2Hn4C-Za-IVL1oJMxdyPy--YEYlv-fX2Vbeaph6QwzZ6OwxJr7adxw==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 44 KB
19 KB 272ms
71ms Script
application/javascript 18.238.74.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.74.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-74-246.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:59 GMT
content-encoding: gzip
via: 1.1 32f0f45bc5046821af3f3517d8339abc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19117
x-amz-cf-id: -dUQSMiPTZ80Uef48oNWt7XbOEAE7zQyu6Q8v8BeZUj67eTcRRXSqA==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 86ms
85ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-779437501&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a92cd7d3a3c2fe037d1887e763e0c8597822cc3d336ee0c5e263052e231d8533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75925
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 00:07:59 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 229ms
31ms Script
application/x-javascript 54.230.160.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTJJHXQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-160-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 21:29:10 GMT
Content-Encoding: gzip
Via: 1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jan 2024 00:44:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C3
Age: 9530
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: tZXvj4nyZMG3dqRrGOIq5BOuVM7S8KEPnxj_7ij3AFPts6cUdjJzkg==

POST
H2 204 collect
analytics.google.com/g/ 0
272 B 185ms
101ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WEL07G5MBW&gtm=45je42q1v9116846308z879577065za200&_p=1709251676394&_gaz=1&gcs=G111&gcd=13n3n3n3n5&npa=0&dma=0&tcfd=10000&gdid=dOThhZD&cid=80077594.1709251680&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709251679&sct=1&seg=0&dl=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F&dt=Offizieller%20Hertha%20BSC%20Online-Shop%20%7C%20herthashop.de%20%7C%20Hertha%20BSC%20-%20Offizieller%20Online-Shop&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7379
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WEL07G5MBW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shopper-wages-army-like.trycloudflare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
272 B 215ms
125ms Ping
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WEL07G5MBW&cid=80077594.1709251680&gtm=45je42q1v9116846308z879577065za200&aip=1&dma=0&gcs=G111&gcd=13n3n3n3n5&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WEL07G5MBW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shopper-wages-army-like.trycloudflare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arrow-left-blue.svg
shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/ 1017 B
570 B 278ms
277ms Image
image/svg+xml 104.17.123.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shopper-wages-army-like.trycloudflare.com/themes/Frontend/HerthaBSC/frontend/_public/src/img/icons/arrow-left-blue.svg
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.123.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 192331092b3d16609317a5acabe4240131e86500696e0f032de129cf1aa85537

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/web/cache/1692796603_bcbf665a891bf5233d29d502c460619c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:08:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 23 Aug 2023 13:16:08 GMT
server: cloudflare
etag: W/"64e60698-3f9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31104000
cf-ray: 85d4e8f6cacbc43b-EWR
expires: Mon, 24 Feb 2025 00:07:59 GMT

GET
H3 200 m8f5fech.js Show response
ad4m.at/ 27 KB
11 KB 40ms
39ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/m8f5fech.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12811.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 601a009aea5454d6bd14ea7f92c7e0e663054a9c3c16b5e0190e8d16bfe902ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:47:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 306971
etag: W/"d64cbfe42c21cb4689f9bb2032acc83b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvBWETdzgz97sKVGb9k5NSoBOOl5BHRP8UX6a8ravBBQKQiqtddmidJMZ3wf2yxIhM0599AeVYzdgU5ioPy6Mh61ZLSscgR%2Bk01iZanpAP3cCQFCDqmztbOntcTDSgmrfK1UvVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 85d4e8f71f0f436e-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Feb 2024 10:51:48 GMT

GET
H/1.1 200
OK d65a51381a.js Show response
tm.ad-srv.net/tm/a/container/init/ 12 KB
3 KB 682ms
275ms Script
application/javascript 46.4.104.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData3233864104139&rnd=29441888
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12811.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.104.8 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.8.104.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 21f7c4f802454631d6d9b3860044d0b65a2c1336cf0545ccceb9cc3142c7ef3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Mar 2024 00:08:00 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Expires: 0

GET
H2 200 bounce.min.js Show response
api.bounce-commerce.de/ 2 KB
1 KB 154ms
151ms Script
application/javascript 2a01:4f8:272:50e8::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounce-commerce.de/bounce.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/12811.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:272:50e8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 529719c177311bb9f345c442bf5b3039567392929670474949689f242beda4b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:07:59 GMT
content-encoding: gzip
last-modified: Sun, 08 Oct 2023 11:48:43 GMT
server: nginx/1.24.0
etag: W/"6522971b-932"
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800, public
expires: Fri, 08 Mar 2024 00:07:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/779437501/ 2 KB
2 KB 530ms
70ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779437501/?random=1709251679867&cv=11&fst=1709251679867&bg=ffffff&guid=ON&async=1&gtm=45be42q1z879577065za201&gcd=13n3n3n3n5&dma=0&tcfd=10000&u_w=1600&u_h=1200&url=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F&hn=www.googleadservices.com&frm=0&tiba=Offizieller%20Hertha%20BSC%20Online-Shop%20%7C%20herthashop.de%20%7C%20Hertha%20BSC%20-%20Offizieller%20Online-Shop&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&uamb=0&uaw=0&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-779437501&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10c0bdb5b3195918984219af647e26a1f2cbea5c7515320a893a797e750efe88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
227 B 85ms
84ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1854603461&t=pageview&_s=1&dl=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F&ul=en-us&de=UTF-8&dt=Offizieller%20Hertha%20BSC%20Online-Shop%20%7C%20herthashop.de%20%7C%20Hertha%20BSC%20-%20Offizieller%20Online-Shop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=1543479727&gjid=350188867&cid=80077594.1709251680&tid=UA-73429790-1&_gid=1840972463.1709251680&_r=1&_slc=1&gtm=45He42q1n81NTJJHXQv79577065za200&gcs=G111&gcd=13n3n3n3n5&dma=0&tcfd=10000&z=500430661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shopper-wages-army-like.trycloudflare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
375 B 473ms
126ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=60d275b3-ac50-4c43-ab91-3ab51ea24214&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4aa1d00e-f5f6-4b52-80de-5cf0d8d4fd33&tw_document_href=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2egi&type=javascript&version=2.3.29

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 6
date: Fri, 01 Mar 2024 00:08:00 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: ea5ee39f424c5eab
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 31a05b52a0f5f5aeb36d42cef137c3b5c597723dcfde36ea0e49789ac7d33e0a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 526ms
179ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=60d275b3-ac50-4c43-ab91-3ab51ea24214&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4aa1d00e-f5f6-4b52-80de-5cf0d8d4fd33&tw_document_href=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2egi&type=javascript&version=2.3.29

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 72
date: Fri, 01 Mar 2024 00:07:59 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 30620276f1342f97
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 65ef7b4de3e4226088adee1e7f81f215fd64a4f902f3e9f562e5265e710cff0a
content-length: 43

GET
H2 200 764462920400784 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 120ms
91ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/764462920400784?v=2.9.147&r=stable&domain=shopper-wages-army-like.trycloudflare.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e0e337cbd811a7bc62a1d8a30208984ef65666466205ebaf800656b6f587c69

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Mar 2024 00:08:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: FF8tgbrm6OUTAw0yI8XI66O6Gdr/vIBbLBwjZ0kXb5WPDsamQxBtU1wRVmQIDoVxrqQ190xEtUEpj0K4HPT2Rg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 36F5 2 KB
1 KB 72ms
56ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/m8f5fech.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2641727
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 85d4e8fa1a3a436e-EWR
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 01 Mar 2024 00:08:00 GMT
expires: Tue, 30 Jan 2024 11:19:13 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maJmyh8dw5ERbYndmT0usfCMqSVEjOqUwRs3AZjwvepTtD6RJzD4bBnvS8lrp6imYjWoeBfDRZfprpfxywjCtk2pIFTFyfdkQFeTxe9yi8CToYpYkldghikz8eo4yORzx8RbMTo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 d13aed06-63ab-44a0-9e79-e07f11ad396d.js Show response
tr.snapchat.com/config/com/ 174 B
476 B 388ms
102ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/d13aed06-63ab-44a0-9e79-e07f11ad396d.js?v=3.12.0-2402271815

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

5320b576f52f227c7f4d7179b76be5b6cd8e49aa5f185a1cc6cc065b39b40e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
Origin: https://shopper-wages-army-like.trycloudflare.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:08:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://shopper-wages-army-like.trycloudflare.com
x-envoy-upstream-service-time: 40
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 6C36 672 B
890 B 123ms
102ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=d13aed06-63ab-44a0-9e79-e07f11ad396d&u_scsid=771f3bb4-730f-4aaa-a2c6-ada2dadc8c3e&u_sclid=347ae1cc-fabb-47ad-bcda-28ddec8ad6e8

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Fri, 01 Mar 2024 00:08:00 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 9

POST
H2 200 request Show response
api.bounce-commerce.de/ 0
321 B 250ms
249ms XHR
text/html 2a01:4f8:272:50e8::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounce-commerce.de/request
Requested by: Host: api.bounce-commerce.de
URL: https://api.bounce-commerce.de/bounce.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:272:50e8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.24.0 / PHP/8.1.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary5XaOBlw7ZeX8oqMj

Response headers

date: Fri, 01 Mar 2024 00:08:00 GMT
content-encoding: gzip
server: nginx/1.24.0
x-powered-by: PHP/8.1.25
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 200 p
tr.snapchat.com/ 0
267 B 202ms
101ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 00:08:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://shopper-wages-army-like.trycloudflare.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 43ms
22ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73429790-1&cid=80077594.1709251680&jid=1543479727&gjid=350188867&_gid=1840972463.1709251680&_u=YADAAEAAAAAAACAEK~&z=1019772647

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 01 Mar 2024 00:08:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shopper-wages-army-like.trycloudflare.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 166ms
71ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=764462920400784&ev=PageView&dl=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F&rl=&if=false&ts=1709251680348&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.2.1709251680343.1464857148&cs_est=true&ler=empty&cdl=API_unavailable&it=1709251680012&coo=false&dpo=&tm=1&exp=e1&rqm=GET

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Mar 2024 00:08:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 220ms
107ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73429790-1&cid=80077594.1709251680&jid=1543479727&_u=YADAAEAAAAAAACAEK~&z=486038378

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/779437501/ 42 B
455 B 176ms
82ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/779437501/?random=1709251679867&cv=11&fst=1709251200000&bg=ffffff&guid=ON&async=1&gtm=45be42q1z879577065za201&gcd=13n3n3n3n5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F&frm=0&tiba=Offizieller%20Hertha%20BSC%20Online-Shop%20%7C%20herthashop.de%20%7C%20Hertha%20BSC%20-%20Offizieller%20Online-Shop&npa=0&data=ads_data_redaction%3Dfalse&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqAH9Ntz1dZe4NNl9L31-O4Z5XA-CclTU4uqVUBwRAY5tacbaA&random=455336240&rmt_tld=0&ipr=y

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0;dc_pre=CKqD_dni0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CKqD_dni0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;o...
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CKqD_dni0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

139ms
138ms

Image
image/gif

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CKqD_dni0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Mar 2024 00:08:00 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17796966653327380765"}],"aggregatable_trigger_data":[{"filters":{"14":["6726761"]},"key_piece":"0x217f1a5c036fefa1","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x680bc80e5ffd98da","not_filters":{"14":["6726761"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6726761"]},"key_piece":"0xe5fe3a241ccf1ef","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xdacda4c5f909960f","not_filters":{"14":["6726761"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"17467440585285048387","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17796966653327380765","filters":{"14":["6726761"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"17796966653327380765","filters":{"14":["6726761"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"17796966653327380765","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"17796966653327380765","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8219325"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CKqD_dni0YQDFR0W-QAdoe8MDQ;gdpr_consent=;src=8219325;type=invmedia;cat=bjjfzlfb;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
track.adform.net/Serving/TrackPoint/ 35 B
518 B 106ms
103ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Sport%2F%20Health%20%2F%20Food%20-%20Suite&ADFdivider=|

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

gdpr=0;dc_pre=CL_J_dni0YQDFcUC-QAdFCEBLQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CL_J_dni0YQDFcUC-QAdFCEBLQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;o...
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CL_J_dni0YQDFcUC-QAdFCEBLQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

85ms
85ms

Image
image/gif

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CL_J_dni0YQDFcUC-QAdFCEBLQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Mar 2024 00:08:00 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17520866943082321822"}],"aggregatable_trigger_data":[{"filters":{"14":["3313423"]},"key_piece":"0x5a93b00424516d24","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x2822cc555729bf27","not_filters":{"14":["3313423"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["3313423"]},"key_piece":"0xdd1c2a50ceff3f8e","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x99fc4077ee0f6abc","not_filters":{"14":["3313423"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"16410131253495570105","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17520866943082321822","filters":{"14":["3313423"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"17520866943082321822","filters":{"14":["3313423"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"17520866943082321822","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"17520866943082321822","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["5252003"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CL_J_dni0YQDFcUC-QAdFCEBLQ;gdpr_consent=;src=5252003;type=invmedia;cat=fpqqpb6w;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=10716248;dc_pre=CJP2hNri0YQDFWMj-QAdsKMKDg;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://r.adserver01.de/rt/perf_de.php?gdpr=0&gdpr_consent=
https://ad.doubleclick.net/ddm/activity/src=10716248;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=10716248;dc_pre=CJP2hNri0YQDFWMj-QAdsKMKDg;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CJP2hNri0YQDFWMj-QAdsKMKDg;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

86ms
86ms

Image
image/gif

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CJP2hNri0YQDFWMj-QAdsKMKDg;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Mar 2024 00:08:00 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"7134795801969672159"}],"aggregatable_trigger_data":[{"filters":{"14":["10997860"]},"key_piece":"0x1078407b20d18a6f","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xd36b0b63a5c13b55","not_filters":{"14":["10997860"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["10997860"]},"key_piece":"0x4e758d2554965736","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x9234bc3324a73dc1","not_filters":{"14":["10997860"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"1150953289365244475","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7134795801969672159","filters":{"14":["10997860"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"7134795801969672159","filters":{"14":["10997860"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"7134795801969672159","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"7134795801969672159","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["10716248"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=10716248;dc_pre=CJP2hNri0YQDFWMj-QAdsKMKDg;type=invmedia;cat=devie0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_Vzm]=ASRETVZM2
https://imagesrv.adition.com/1x1.gif

68 B
178 B

467ms
209ms

Image
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 00:08:00 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
date: Fri, 01 Mar 2024 01:08:00 +0100
content-type: text/plain
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

1x1.gif
imagesrv.adition.com/
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.advancedStore_Adbundle]=1
https://imagesrv.adition.com/1x1.gif

68 B
103 B

506ms
249ms

Image
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/
Protocol: H2
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 00:08:00 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
date: Fri, 01 Mar 2024 01:08:00 +0100
content-type: text/plain
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 /
track.adform.net/Serving/TrackPoint/ 35 B
518 B 196ms
196ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1351292&ADFPageName=DE%20-%20Reach%20-%20Fussball%20WM&ADFdivider=|

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 204 dst
as.ad4m.at/ad/ 0
546 B 138ms
137ms Image
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=1939&b=2&c=UrKKONVDjm-TZiTqt68odbLBoyTKQL0s&e=17916&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fshopper-wages-army-like.trycloudflare.com%2F

Requested by

Host: shopper-wages-army-like.trycloudflare.com
URL: https://shopper-wages-army-like.trycloudflare.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:08:00 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
via: 1.1 google
cross-origin-embedder-policy: unsafe-none
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 85d4e8fb1b3f436e-EWR
expires: 0

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 6C36 44 KB
19 KB 61ms
61ms Script
application/javascript 18.238.74.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=d13aed06-63ab-44a0-9e79-e07f11ad396d&u_scsid=771f3bb4-730f-4aaa-a2c6-ada2dadc8c3e&u_sclid=347ae1cc-fabb-47ad-bcda-28ddec8ad6e8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.74.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-74-246.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 18:30:02 GMT
content-encoding: gzip
via: 1.1 32f0f45bc5046821af3f3517d8339abc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
age: 20278
etag: b9bd00ec73544025b937f4253ff9de4c
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 19117
x-amz-cf-id: IR-Jiu3uanOof69rMzPEC2dy1bXOVGRkyTfMplQSrWRJQc-jJpeLKg==

GET
H/1.1 200
OK d65a51381a.js Show response
tm722.ad-srv.net/tm/a/container/eval/ 153 B
467 B 177ms
177ms Script
application/javascript 46.4.104.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm722.ad-srv.net/tm/a/container/eval/d65a51381a.js?sid=3k7ppddrbno16dtsaeovruot00&rnd=73025558&macroData[transactionId]=&macroData[searchTerm]=&macroData[products]=&macroData[productId]=empty&macroData[productDetails]=&macroData[pageType]=homepage&macroData[pageName]=&macroData[orderValue]=&macroData[checkoutStage]=&macroData[categoryId]=
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData3569707617950&rnd=85747449
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.104.8 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.8.104.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 70c788c294475cdf2060dca0689c5d45002444c1fc267042d90d8357866eb961

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper-wages-army-like.trycloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Mar 2024 00:08:00 GMT
Server: nginx
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 153
Expires: 0

GET
H2

200

p Show response
tr.snapchat.com/cm/ Frame 51B0
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1709251680553&u_scsid=569650c5-b37b-4c25-b8ba-af0108bc46dd&u_sclid=e8938c3e-4422-4775-a0ce-a8e68583b6fd
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1709096854517%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1709096854517%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1709096854517&pnid=140&pcid=91085395-a317-4cf3-80bc-5525795d9e23

0
219 B

70ms
70ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1709096854517&pnid=140&pcid=91085395-a317-4cf3-80bc-5525795d9e23

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Fri, 01 Mar 2024 00:08:00 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 11

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 01 Mar 2024 00:08:00 GMT
location: https://tr.snapchat.com/cm/p?rand=1709096854517&pnid=140&pcid=91085395-a317-4cf3-80bc-5525795d9e23
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H2 200 p
tr6.snapchat.com/ 0
45 B 72ms
65ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 00:08:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK d65a51381a.html Show response
tm722.ad-srv.net/tm/a/container/tags/iframe/ Frame C294 1 KB
905 B 708ms
265ms Document
text/html 46.4.104.8
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm722.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=3k7ppddrbno16dtsaeovruot00
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/init/d65a51381a.js?ntmData=ntmData3569707617950&rnd=85747449
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.104.8 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.8.104.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 491ca964d9447b2a25f2136ffc2b5b3135315422292e445949e30e873fe12c72

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Mar 2024 00:08:01 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

POST
H2 200 p
tr.snapchat.com/ 0
45 B 63ms
63ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://shopper-wages-army-like.trycloudflare.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Mar 2024 00:08:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://shopper-wages-army-like.trycloudflare.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 js Show response
pixel.mathtag.com/event/ Frame E207 161 B
494 B 234ms
121ms Script
text/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1559605&mt_adid=248420&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1&gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: MT3 1487 7fd7a36 master ord ord-pixel-x6 config_version:"2817" /
Resource Hash: 98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 01 Mar 2024 00:08:01 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 165
x-served-by: cache-ewr18138-EWR
server: MT3 1487 7fd7a36 master ord ord-pixel-x6 config_version:"2817"
x-timer: S1709251681.134437,VS0,VE26
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Fri, 01 Mar 2024 00:08:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame E207
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

295ms
39ms

Script
application/javascript

185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1
Protocol: H2
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:08:01 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Fri, 01 Mar 2024 00:08:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H/1.1

200
OK

/ Show response
ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/ Frame FD63
Redirect Chain

https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=
https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1&

154 B
499 B

703ms
309ms

Document
text/html

116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1&
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 9396acbe94cd005edaebc5fa6ad514a51c763c4aa30a3a29936408b82a512388

Request headers

Referer: https://ad.ad-srv.net/retarget?a=61152&version=1&redirected=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 146
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Mar 2024 00:08:02 GMT
Server: Apache
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Mar 2024 00:08:01 GMT
Location: ?gdpr=&gdpr_consent=&dspRetargetingMarkersetRedirected=1&
Server: Apache

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame E207 111 B
715 B 108ms
108ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2494165&ADFPageName=d23e0719a8&ADFdivider=%7C&ord=3940899910&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D61152%26version%3D1%26redirected%3D1&CPref=https%3A%2F%2Ftm722.ad-srv.net%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c0a7357302efa38a485672d0fe6d9ebf5c74934b2966ca87393c0ebac434f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 186
expires: -1

GET
H/1.1 200
OK retarget Show response
ad.ad-srv.net/ Frame 8194 1 KB
1 KB 664ms
293ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=61152&version=1
Requested by: Host: tm722.ad-srv.net
URL: https://tm722.ad-srv.net/tm/a/container/tags/iframe/d65a51381a.html?sid=3k7ppddrbno16dtsaeovruot00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 2c05d973308df3aa2b22a39d11f73d1e0736d1dce3638714d2b68039bb7676f6

Request headers

Referer: https://tm722.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 657
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Mar 2024 00:08:02 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET

match
ads.betweendigital.com/ Frame FD63
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=305&user_id=cc9aa93f86316862&expires=90&gdpr=&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?dsp_id=305&user_id=cc9aa93f86316862&expires=90&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=06c134ca-da44-47ea-9f70-eb6134763084

0
0

GET
H2 200 js Show response
pixel.mathtag.com/event/ Frame 8194 161 B
323 B 39ms
38ms Script
text/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1559605&mt_adid=248420&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1&gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=61152&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: MT3 1487 7fd7a36 master iad iad-pixel-x10 config_version:"2817" /
Resource Hash: 98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 01 Mar 2024 00:08:02 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 165
x-served-by: cache-ewr18138-EWR
server: MT3 1487 7fd7a36 master iad iad-pixel-x10 config_version:"2817"
x-timer: S1709251682.243793,VS0,VE11
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Fri, 01 Mar 2024 00:08:40 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 8194
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

35ms
34ms

Script
application/javascript

185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=61152&version=1
Protocol: H2
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 00:08:02 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Fri, 01 Mar 2024 00:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H/1.1 200
OK / Show response
ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/ Frame 354B 26 B
331 B 523ms
243ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/dsp/retargeting/3fj7mny387sw/?gdpr=&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=61152&version=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://ad.ad-srv.net/retarget?a=61152&version=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Length: 26
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Mar 2024 00:08:02 GMT
Server: Apache

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 8194 111 B
715 B 185ms
185ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=2494165&ADFPageName=d23e0719a8&ADFdivider=%7C&ord=656093796488&ADFtpmode=2&loc=https%3A%2F%2Fad.ad-srv.net%2Fretarget%3Fa%3D61152%26version%3D1&CPref=https%3A%2F%2Ftm722.ad-srv.net%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c0a7357302efa38a485672d0fe6d9ebf5c74934b2966ca87393c0ebac434f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 00:08:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 186
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.zanox.com
URL: https://static.zanox.com/scripts/zanox.js

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=06c134ca-da44-47ea-9f70-eb6134763084

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 19:30:43	Name: userId Value: UrKKONVDjm-TZiTqt68odbLBoyTKQL0s
.ad4m.at/cookie-frame.html	1970-01-20 18:57:36	Name: 1advs Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 18:57:36	Name: 85 Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 18:57:36	Name: 5bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 18:57:36	Name: 9132 Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 18:57:36	Name: 625 Value: 1
.ad4m.at/cookie-frame.html	1970-01-20 18:57:36	Name: 711 Value: 1
sc-static.net/scevent.min.js	1970-01-20 18:48:58	Name: X-AB Value: b9bd00ec73544025b937f4253ff9de4c
shopper-wages-army-like.trycloudflare.com/	1969-12-31 23:59:59	Name: x-ua-device Value: desktop
shopper-wages-army-like.trycloudflare.com/	1969-12-31 23:59:59	Name: session-1 Value: 1skf9knudgir5gkk29kks5gmj4
.doubleclick.net/	1970-01-20 19:30:43	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 23:06:43	Name: receive-cookie-deprecation Value: 1
shopper-wages-army-like.trycloudflare.com/	1969-12-31 23:59:59	Name: __csrf_token-1 Value: jmDNKBDt2VToUfGe9d8zRU8TLZ4yWC
.adfarm1.adition.com/	1970-01-20 20:57:11	Name: UserID1 Value: 7341180044773101830
.adform.net/	1970-01-20 19:32:06	Name: C Value: 1
.adform.net/	1970-01-20 20:13:52	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 04:23:31	Name: IDE Value: AHWqTUkcfr_BdC6HwphkdS3WMhcp29gRcYOhltIVafSASK3XJgoJ5Wm9uQyXpgb2JYk
.casalemedia.com/	1970-01-21 03:33:07	Name: CMID Value: ZeEcW9HM66IAAEXOAB70rQAA
.casalemedia.com/	1970-01-20 20:57:07	Name: CMPS Value: 1320
.casalemedia.com/	1970-01-20 20:57:07	Name: CMPRO Value: 1320
.adform.net/	1970-01-20 20:13:52	Name: uid Value: 8389548052492110618
.smartadserver.com/	1970-01-21 04:14:53	Name: pid Value: 2158654252907210650
.smartadserver.com/	1970-01-21 04:14:53	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 03:34:34	Name: csync Value: 132:UrKKONVDjm-TZiTqt68odbLBoyTKQL0s
.adscale.de/	1970-01-21 03:29:47	Name: uu Value: d90d44362d1947fc86b083b088f5f4a0
.ih.adscale.de/	1970-01-21 03:29:47	Name: tu Value: 4#3046859022#25~UrKKONVDjm-TZiTqt68odbLBoyTKQL0s~474792~0~0
.adscale.de/	1970-01-21 03:29:47	Name: cct Value: 1709251676187
a.twiago.com/	1970-01-20 19:30:43	Name: deuxesse_uxid Value: f53468fce3a6f84564369b30f8083e0688c0e0d0a0f9342c4d35914637a4bacb
.shopper-wages-army-like.trycloudflare.com/	1970-01-21 04:23:31	Name: _ga_WEL07G5MBW Value: GS1.1.1709251679.1.0.1709251679.60.0.0
.ad-srv.net/	1970-01-20 20:57:07	Name: u8x7eovwf3h6_uid Value: 66f33b7176785b39
.shopper-wages-army-like.trycloudflare.com/	1970-01-21 04:23:31	Name: _ga Value: GA1.3.80077594.1709251680
.shopper-wages-army-like.trycloudflare.com/	1970-01-20 18:48:58	Name: _gid Value: GA1.3.1840972463.1709251680
.shopper-wages-army-like.trycloudflare.com/	1970-01-20 18:47:31	Name: _gat_UA-73429790-1 Value: 1
.shopper-wages-army-like.trycloudflare.com/	1970-01-21 04:17:18	Name: _scid Value: c3dea4fa-d2c3-4782-99ed-86ac80b49764
.shopper-wages-army-like.trycloudflare.com/	1970-01-21 04:17:18	Name: _scid_r Value: c3dea4fa-d2c3-4782-99ed-86ac80b49764
.shopper-wages-army-like.trycloudflare.com/	1970-01-20 20:57:07	Name: _fbp Value: fb.2.1709251680343.1464857148
.t.co/	1970-01-21 04:23:31	Name: muc_ads Value: 1e443ad6-346c-4199-bd68-8e0b97b6dfa1
.twitter.com/	1970-01-21 04:23:31	Name: personalization_id Value: "v1_4m9G18xBqzWcGgW5LDYvag=="
.snapchat.com/	1970-01-21 04:09:07	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GuREAIQwDwIo8I4HM140JVAXFX3ob7eRQv9UDlQotZ2w0h2WWXEzyUTic2C05Ft6v+ACC6fD9QAAAAA==
.tapad.com/	1970-01-20 20:13:55	Name: TapAd_TS Value: 1709251680876
.tapad.com/	1970-01-20 20:13:55	Name: TapAd_DID Value: 91085395-a317-4cf3-80bc-5525795d9e23
.tapad.com/	1970-01-20 20:13:55	Name: TapAd_3WAY_SYNCS Value:
.shopper-wages-army-like.trycloudflare.com/	1970-01-21 04:17:18	Name: _sctr Value: 1%7C1709200800000
.ad-srv.net/	1970-01-20 20:57:07	Name: jg2kf3qb0kis_uid Value: cc9aa93f86316862

155 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/764462920400784?v=2.9.147&r=stable&domain=shopper-wages-army-like.trycloudflare.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shopper-wages-army-like.trycloudflare.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.ad-srv.net
ad.doubleclick.net
ad11.adfarm1.adition.com
ad4m.at
ads.betweendigital.com
adservice.google.com
aggregator.service.usercentrics.eu
analytics.google.com
analytics.twitter.com
api.bounce-commerce.de
api.usercentrics.eu
app.usercentrics.eu
as.ad4m.at
cm.g.doubleclick.net
connect.facebook.net
consent-api.service.consent.usercentrics.eu
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ih.adscale.de
imagesrv.adition.com
js.adsrvr.org
lantern.roeye.com
lantern.roeyecdn.com
os1.meinecloud.io
pixel.mathtag.com
pixel.tapad.com
r.adserver01.de
rtb-csync.smartadserver.com
s2.adform.net
sc-static.net
sdk.livebuy.io
shopper-wages-army-like.trycloudflare.com
simage2.pubmatic.com
static.ads-twitter.com
static.zanox.com
stats.g.doubleclick.net
t.co
tm.ad-srv.net
tm722.ad-srv.net
tr.snapchat.com
tr6.snapchat.com
track.adform.net
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.herthashop.de
ads.betweendigital.com
static.zanox.com
104.17.123.55
104.18.36.155
104.244.42.131
104.244.42.197
116.202.48.214
116.203.183.219
116.203.242.198
142.251.40.130
142.251.40.166
146.75.28.157
151.101.65.91
18.193.137.7
18.238.74.246
185.167.164.45
2001:4860:4802:36::181
212.83.50.108
217.79.188.10
23.83.76.57
2600:1901:0:1e38::
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:c07c::
2600:9000:2209:5000:f:8ce2:fb80:93a1
2600:9000:24f1:8400:1f:af3f:8a40:93a1
2600:9000:2514:9c00:16:c2fc:5a40:93a1
2606:4700:20::681a:ad1
2607:f8b0:4004:c09::9c
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::200e
2607:f8b0:4006:820::2008
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2002
2a01:4f8:272:50e8::1
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.111.113.62
35.190.43.134
37.157.6.233
46.4.104.8
52.31.96.185
54.230.160.114
8.28.7.83
85.114.159.112
85.215.5.31
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0fc00b376a1e3ca0c405f969b1b8bc20d52ff7aad57a89788d53a623d26359c6
10c0bdb5b3195918984219af647e26a1f2cbea5c7515320a893a797e750efe88
17760a0cd51b8367ec3b19f97c917f73909962d1580beb0e1a1e33cdc001d878
186d5bb4b742480958249ad3f0feca66ff6dfc77b56c0ff16cc960f57945885f
192331092b3d16609317a5acabe4240131e86500696e0f032de129cf1aa85537
1eebbe20a7e11128ee261e88cadbc5f467f81690a0bb0a8aa2a529a8f04aee43
21f7c4f802454631d6d9b3860044d0b65a2c1336cf0545ccceb9cc3142c7ef3d
28ef14d4ce4be2730121ae8adcb2fdafe4aa7dd3039de48e5f46b0f844ecc098
2c05d973308df3aa2b22a39d11f73d1e0736d1dce3638714d2b68039bb7676f6
2d3c9217cd15024a0d9e8115d828f839f9f25b13b83b45043eeebf1481b98bd0
2e0e337cbd811a7bc62a1d8a30208984ef65666466205ebaf800656b6f587c69
324d189729bc3d44c78309768ed1d6b907ee7f8fe3beed6a5d424a2b98b686f3
3d2210032d52924e367f3a5f5353ab2946b1c1401cf255ab95a21ce31ae7c9a8
409f1e2bf01d1be1eb2c8b4e84d33d88723f3fc4e10d8070d7d79673cb2d3bb9
48268935cad40851758adadd88ab02cc3aae471449567fd996629c0eed45eb16
491ca964d9447b2a25f2136ffc2b5b3135315422292e445949e30e873fe12c72
499e8db4de7463aade473f0c529c839547c9679e9b483e76944a39b4d922dcfe
4b40a260b5ffc639db67efd2a3c0fedebe19fa7708a4e252c5965d5703f939d2
4c589f7f680b638ce7359857de180946ad1f150eb8bb5ce9d7f57acef9825cbb
4e600b32edaf67e8eff8248600b067b5c3883a66b6d3b4e307a63db27a6d40d4
529719c177311bb9f345c442bf5b3039567392929670474949689f242beda4b1
5320b576f52f227c7f4d7179b76be5b6cd8e49aa5f185a1cc6cc065b39b40e3c
532982fd02277343b04584681b645a81108e62cdf17fd83cecc9d7d9ba6cb374
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
601a009aea5454d6bd14ea7f92c7e0e663054a9c3c16b5e0190e8d16bfe902ba
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
65873adbbba30caaa3dc775463e786ad6e1d8b7a65953d14f14b8f1de9c0ecf4
6d09124716d088f15fa8383e2c1b58e07f4705e2997ca5869ba32b06ee7ee83c
70c788c294475cdf2060dca0689c5d45002444c1fc267042d90d8357866eb961
7494a0fdaebef09610ce45ac7e0c41ffdd5c97b578509accbb80e50e32d2bf43
764009519b1c7b7d83c84cdc09d8050c02737ecb5733657395816f1d34eba0e1
789c9865060b0970be7f897767b0f2c32254c8ed3724394bd05035eb523cd255
78f44e7121300db7c0a566d7480e17687159a80b3682dcd70218e723739fb8a2
79834a27024cae65a005d3406236e46858d2c3f0b921ed5c82fb6f2eacbba55b
7c0a7357302efa38a485672d0fe6d9ebf5c74934b2966ca87393c0ebac434f24
7ee8ca906d61597785e898a6a4e492227006b05b297fc86766d94f7b4f20eac9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
91af5d504c7b5623148454262c4b987a82f833a18bee73ceb420de613fc65d9e
9274150d83fb50b81d82471d1c8d74646f73cd7969def5494458cec9296db1c2
9396acbe94cd005edaebc5fa6ad514a51c763c4aa30a3a29936408b82a512388
97672a7da7b2940a868680d8f803e8dcae6aa24886b2cfb8d5c3a368466ef463
98192c2b3bfd0e66cff07b8ba31ff42de9182144d3e21b9ca258f13da96ee457
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9c84c8d44a5204db43f8cf26185edd7c816a1a1f10f9e15265c9b5ef5f49bf8f
9e1623bbe7fe1391569078b4ae7b6cd1951e5b57dca10f12934bf5c3be5021f1
9f91c8a7d3343c9421f1dcd7ef3189b1857de5a75dc1843072a4a91f65b50ece
a83308794097fbcd7f4421871a8bbf24ac06c5d682d7197a5a2ea6fe509e7a19
a92cd7d3a3c2fe037d1887e763e0c8597822cc3d336ee0c5e263052e231d8533
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed02b66d978d680da0dfbcb2ebcd62260ee37f97f67bfcc86cdd53ae6d3dd80
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cb2c8bf4cbdc764c96b68954a23c2f55b38070269f467efd3f16f3c8d8d3f8
b2a72282fbe8353bbf9b0bbdf21fd6196789f06a431f641f88f9267c44a52340
b4365977c5e2a1b441c86ccd1e708d6915adde68c9bc6a79bbd6cdae2797da3a
ba9a6e89c840085bbe46a1427b2dfbf79ba7db337aaa7f4079b950c23d871fc7
c1214a5cb7b300708fe19a11e771a27e61ecc2cf27a50abb94f58bcf0719beb3
c34179845eed425101fe22e3bb4273d7bcad9e233189b660b41a050584cefb66
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d34a85f623f5330a199fdc68ccd18ab0d4350342e672cf5486d6fe7f7dc0cf01
d3a231d76579aaff86b78dc3ad7d081caf1ef0c2c0d7ea7bebe58c33e8cffec7
d4921e6caf1dfe28190143aa7cab9addbed7127f03827e73a7cdc56032c25610
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2ebb3c55d0f8bc1b36c90cbd3ed0b9c3ccef79fd248057353af43aaebc6651e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e406821af63fa0dabbf6f34a49e4eeb5126da475647725063c6535b0be2df2b3
e6c982dd88cde2821f1b7f417edbfe5fe4cf23fd672d4f0014c5900fa87abca1
e82a840a174e8f63756f04eafb54d13d9ec9a5582a572c4185364adebe5d5bd2
eb043460025cd1d5204c272941ebbcf83209aef59442c0c232cc178d18d7e6dd
ed09a0e4d038db97f15530255fbefcc75d593bebdae50926f65b5f06ffa8b7a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f185ccece80e456068a42622ceb9e695a4c45ed1039f7e66f0c6687f45df100b
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f9b3a05653917e7127e0cf6c135b8b4a4c6982e5a56007ae77923585f85c3c5c
faa101d8248eeab254876f553941bbc3edc4324b0b88781b80eec58e5402354d
fcfa6336d3c1781a4ec5997cc634de0149415fa515ac26454e3a8a21fbe9858d

shopper-wages-army-like.trycloudflare.com Open in urlscan Pro 104.17.123.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

83 %HTTPS

41 %IPv6

35 Domains

49 Subdomains

36 IPs

5 Countries

5288 kBTransfer

8691 kBSize

44 Cookies

96 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

shopper-wages-army-like.trycloudflare.com Open in urlscan Pro
104.17.123.55 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

83 %
HTTPS

41 %
IPv6

35
Domains

49
Subdomains

36
IPs

5
Countries

5288 kB
Transfer

8691 kB
Size

44
Cookies

132 HTTP transactions
0 data transactions