www.pua-unemployment-login.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pua-unemployment-login.com/ohio
Submission: On May 10 via manual (May 10th 2022, 8:51:13 pm UTC) from US — Scanned from DE

Summary HTTP 154 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 22 domains to perform 154 HTTP transactions. The main IP is 2a06:98c1:3120::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pua-unemployment-login.com.
TLS certificate: Issued by E1 on March 19th 2022. Valid for: 3 months.

This is the only time www.pua-unemployment-login.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:d200:1e:6a6f:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
3	184.87.213.205 184.87.213.205	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
6	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:a200:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.6 108.157.4.6	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.52 108.157.4.52	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:9400:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2606:4700:303... 2606:4700:3030::ac43:8da3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:215... 2600:9000:2156:3000:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
154	35

18 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

www.pua-unemployment-login.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)

platform.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d200:1e:6a6f:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.87.213.205 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-205.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a200:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-6.dus51.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-52.dus51.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9400:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:8da3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

foremedianative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:3000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	98 KB
22	googlesyndication.com b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130 pagead2.googlesyndication.com — Cisco Umbrella Rank: 95	101 KB
18	pua-unemployment-login.com www.pua-unemployment-login.com	369 KB
12	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1327 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2750 odb.outbrain.com — Cisco Umbrella Rank: 1442 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5708 mv.outbrain.com — Cisco Umbrella Rank: 3326	116 KB
9	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487	153 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9163	3 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187	193 KB
8	foremedia.net platform.foremedia.net — Cisco Umbrella Rank: 188956	9 KB
6	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4142 log.outbrainimg.com — Cisco Umbrella Rank: 2136 images.outbrainimg.com — Cisco Umbrella Rank: 1997	62 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	147 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3290	70 KB
3	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1382	2 KB
3	foremedianative.com 1 redirects foremedianative.com — Cisco Umbrella Rank: 535893	20 KB
3	cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 7839 obs.cheqzone.com — Cisco Umbrella Rank: 5035	20 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 46884 go.trvdp.com — Cisco Umbrella Rank: 43463 s.trvdp.com — Cisco Umbrella Rank: 45366	187 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	77 KB
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 5451	739 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 39518	4 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	358 B
154	22

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
18	www.pua-unemployment-login.com	www.pua-unemployment-login.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com tpc.googlesyndication.com
10	pix.eu.criteo.net	ads.eu.criteo.com
8	mc.yandex.com	2 redirects www.pua-unemployment-login.com mc.yandex.ru
8	securepubads.g.doubleclick.net	platform.foremedia.net securepubads.g.doubleclick.net www.pua-unemployment-login.com
8	platform.foremedia.net	www.pua-unemployment-login.com platform.foremedia.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
5	csm.eu.criteo.net	ads.eu.criteo.com
5	widgets.outbrain.com	www.pua-unemployment-login.com widgets.outbrain.com
4	www.googletagservices.com	www.pua-unemployment-login.com b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
4	b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	mc.yandex.ru	2 redirects www.pua-unemployment-login.com
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	secure-gl.imrworldwide.com	ads.eu.criteo.com
3	www.google.com	b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com tpc.googlesyndication.com
3	ads.eu.criteo.com	b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
3	foremedianative.com	1 redirects www.pua-unemployment-login.com foremedianative.com
3	mcdp-nydc1.outbrain.com	widgets.outbrain.com
3	log.outbrainimg.com	widgets.outbrain.com
2	rtb.nl.eu.criteo.com	www.pua-unemployment-login.com
2	obs.cheqzone.com	ob.cheqzone.com www.pua-unemployment-login.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net foremedianative.com
2	images.outbrainimg.com	www.pua-unemployment-login.com
2	mv.outbrain.com	widgets.outbrain.com
2	www.googletagmanager.com	platform.foremedia.net www.pua-unemployment-login.com
1	data.ad-score.com	s.trvdp.com
1	rtb.fr.eu.criteo.com	www.pua-unemployment-login.com
1	s.trvdp.com	go.trvdp.com
1	ob.cheqzone.com	widgets.outbrain.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	odb.outbrain.com	widgets.outbrain.com
1	www.google-analytics.com	www.pua-unemployment-login.com
1	widget-pixels.outbrain.com	www.pua-unemployment-login.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	cnt.trvdp.com	www.pua-unemployment-login.com
154	39

This site contains links to these domains. Also see Links.

Domain
www.outbrain.com
www.amazon.com

Subject Issuer	Validity	Valid
*.pua-unemployment-login.com E1	`2022-03-19` - `2022-06-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.cheqzone.com Amazon	`2022-01-22` - `2023-02-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.pua-unemployment-login.com/ohio
Frame ID: CE02FCED523D3FF7F7383B4E18246019
Requests: 73 HTTP requests in this frame

Frame: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 57B81452C7EAB27FCA15370B48C8A9CF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 77D5FEA9364F88F7C444D9425B02400A
Requests: 2 HTTP requests in this frame

Frame: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 23746931D51EACB02FEF8395E0826E43
Requests: 10 HTTP requests in this frame

Frame: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A52A285546591B2B777CD63BD22FAAB4
Requests: 10 HTTP requests in this frame

Frame: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4D3A30DE6C9E8DC321426A7A4BEEC941
Requests: 8 HTTP requests in this frame

Frame: https://foremedianative.com/js/native/native.js
Frame ID: DD7C5E149D46C6B966A15D819F03AAB6
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj5sIu8nZAAm-PsJh2xRUVkuEvokeoA&u=%7C0rweMepMFJSbMojxlue6gsUkNRt7en80JLMAm4wni4A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3GMZfjVtuw14HJf2DcQ2lBYX5-AwDeuHaELAQlYvQIdJmP6ihwSSCvVjMgVe7bXEO3aWFTwIRyIjCyZLi-j-ALzPkP4lEfoiHTFJMGCpDo0sKeKoobiBwJE0H-CLVloonNNHTP2z_J0_x2dC1A1RIaCG9s4OihcYNyPLYGpUC5To1_KosgDmAMSCrOk_a1HNHMAL--knwE4VJI0XDOD_OJzdlXFVMztWfMUtxDgLnSBBfvIaHny2xCrD_ewuY-iKUFQw7i1WVQIbFhacfHngMEzu_yHw9qdNyVuxDyqIcCbDCRu0riMd4W7CJktsuDaAxrONQwcLGT-UZkOVULdHIoPpT6ZVcBUGw_GuC0e8d4wZJM_nJpePue8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaOTuO9B6YpufKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEigJP0CzOONgUHm_xgUSdj2xKptotwg85Lg-EBhrxBGbgOGQYeR0PZbfM8iYBR9MeahWPkiBze38wnGOERvHFOfAVsvlhWEvisKYVri6XTO5QMIe1q1t764yC_QT_3MfomjvZ7dmGFqTtAhjyhlv06AVVwyqqexo778TmnjtI_15Sja9H4VfOxxkM4ugRePVhsk15IR9TpwN_tfj7XHSqq5wKExMivBGqCN2tVCOZVDnyJW90MnApBJeNlzwXakjcotoERBOelDiUPVCtWO-2HbDPZs4q12vex1d_FsldkpS8NFFsbpv6yB8orK7g-1QzHY_y8c6wqyWLGfsdIqfZm-zWtPrDq8jvFIFuJOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_14In9zOoOLWeB9RWVzwhmQ8KM8SQ%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: 0F6F50A13ADE77D1F1B3092C667CC56D
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj6AIu8nZAAm-PmbBnp2PHIA_3eZzsQ&u=%7C0rweMepMFJTEpjFgXclM1KUFywlGxdooO0dHS7%2BhN4Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xQmFH1Rvc9StwZQUKfaPOFa7rXaRvrF3PSJukC32hqP9_yHyOEL2OigQuTcKKytIuAq7wndDETdk6y05EQfbz1FyIs_rGDeUOjnf6bPFBS-z7V-B95LFJBeEjOJWjZZPb31XYoJEXcAg2ps8kXGDcZtSQwW6SfXEybQEtRRKulISW-KdhoA1wFmrgUWN8u0BGknOEd7k0mlqrFP4A_C5V5dpcV4ukJPuuVLhAoYBsddALAJs9zkaL6cZyGTEa41YolDUT-juSbC4PK8p3dXEbxiTC4iJYSM8_dltoBYp4za-Xmfp7-UWvWhuye8iLA2GLv6DHXadv1GtXhWUkS0uJPOkaHyvpIth6jq9nHOmGuYPoRNen9QdBKGuI3YHNrKwCWa5SwX6rLtTeff_EmklJd8fgagV8fVbJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCma5NO9B6YqCfKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhAJP0DYWYq0zFVaQXiYVwx3ZvtbbNXozPPbVqnhS1gVFXqivQy0MqvMIuG3oLCo9lAZlcbTMyBhXoo2uavLlaS1V_zGjCbl8HLar10_FbEkqgoLHF3u4tmgcutVDcA9Uo4WdXJZT-jlnadSYMi4VrGtQIeHCUedhXrwibBM16GcCJuqI-CoVpis-YmegCOawfyPGVPpRHpOjqmcY4wcuXbxJPT7B8XAi5uCXYvj7tchroq4Yi1yFT7DAQFXrq3O8k5glO4xCp9hSPNQ4-p3rkckhcKn-4GQOgBt_OXdEVQr4wx0vPbJw6ekD1aanYdpI_obXxw2IQNZL59sqcsn0vPUoRRzjTOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JDFEXwfRf4amLdbrSawXD6RsR-g%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: BAA1F8ACC6940B04FF570C0ED6BD2BB8
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj50Iu8nZAAm-PuOSifAQb3iLCOX82A&u=%7C0rweMepMFJSTYsfYRRtRCEZiCXaSHXG5MiY9PNHk1MY%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqAtaD38bvZa_lDxLVjOtBdFR-9NjsgymLJMfUzB8trrucs-nlB3l4G6sPHBb7pSe4zdOoGyIWdptC8IRYf7tV-jzG1QpXMtXGUG9swttpSuvmbgj37Id0KXAmth3AFtyus6A0-KOIqvb9WR-twP4SF1Is25xExyzVD-sbTBX6pN3tVwiD8_bmnF5Cdtv_enq-QQScrzGIX9YDz8mL8Uj6xfjWIE9uBTVDGN95X09AmAG1g17ujf4cFnrD2FMwvqsL_2TDzWE4-632x3APNf583i9l44odA5l0fliSSueoW8pp1qd0mYgAON2qNTwaGeuB3obLeU0eXS1PfSFFAcGemQqrF9azU6hnQHREdkzCTIJEj1CFy9EtRIiuYv48584dprzdvQS2BsOMwyDdi0vkPBF5drabf4RJLMQQFCIpKAvhzPO2JbG7Lra4VOgX1Oy_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi34oO9B6Yp2fKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhQJP0JpguRmuhd6BluLwRy8aeT_2ZqeXhagMdLKb-o7er9YvyzlcSPf4d_lIjhqe64WwCveVR06dd9deeIU_R9IXU2Ddyv-RCYs5fnAIXpsjrQDcr84J1Aklh34mC3ZSZOLEjqAZgKuVT5bbSzSAW64wGQzpFNSEzGL03xDaVv0ZIBf7lLryMf_QoMBlYaK3Z7Wxs7UEvnGgVMRSWu93vapEbI1bU6wKMaMJfgiEnnhYiilE8IL8QcbY6EmVueB_c3t8q-9cc-WAW8-_Ai_r-R3Vnz_gMci2H9TN6rfnSVRVVeFQC4ceqyUhv3BwLnBHjN4I8uq4tWNlxGPn8CjI2OfUmEQ8RtbgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Qu-OlJpdfE06UIffTBmzUsagpxQ%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: D9479193D9CDD1CD2F567137DCF47C2F
Requests: 13 HTTP requests in this frame

Frame: https://foremedianative.com/native/nativead/4/09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c?u=1652215868713
Frame ID: 42C69E3A6E75CC14B79C9BB5AE7A23B9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B7F997D565D5F3D84785FFB9E6DDD3A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B6C20058DD67A5D9D9B1215C0DC4E7E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - PUA Unemployment Login

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

154
Requests

98 %
HTTPS

68 %
IPv6

22
Domains

39
Subdomains

35
IPs

5
Countries

1645 kB
Transfer

4269 kB
Size

22
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/goldbox?&_encoding=UTF8&tag=morningdough-20&linkCode=ur2&linkId=addffa3820d795ad48814fb7181eb8e9&camp=1789&creative=9325

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Coupons/b?ie=UTF8&node=2231352011&_encoding=UTF8&tag=morningdough-20&linkCode=ur2&linkId=f770b179aa1c5f37c8dbab4b21375abd&camp=1789&creative=9325

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00R20MPW2/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00R20MPW2&linkCode=as2&tag=morningdough-20&linkId=7d94b02402bdd3500a59ca44da8ed8e8

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B004GJ6BY0/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B004GJ6BY0&linkCode=as2&tag=morningdough-20&linkId=ead5bcb530e5125f4b2a9dbb36190172

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://mc.yandex.ru/watch/87761349 HTTP 302
https://mc.yandex.ru/watch/87761349/1

Request Chain 40

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9634.mEkyCW2Y_bO-bCoPTf8dgW47QKDMUTUU0zr_tTFTaha-wKHvgU_0kguj9H_8eyX2.bD_9bMbwlfP750TcWmVOTGdOVWA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9634.HU1Ii4ie-H0P3uKpEZHJSyHRt03cX7YKFSMddzGUMxh2s7WkOfn0MWphEFlKdda9l4qVMhbbsLUZhozIVgoouw-rkUrV-ChrZTJ-qJGnOEg%2C.-Dsj6CCs2q7qXfRFuKcNHv3zrIc%2C

Request Chain 52

https://mc.yandex.com/watch/87761349?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1072%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A958038165953%3Ahid%3A896984651%3Az%3A0%3Ai%3A20220510205107%3Aet%3A1652215868%3Ac%3A1%3Arn%3A374495757%3Arqn%3A1%3Au%3A1652215868731165073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215865841%3Ads%3A10%2C83%2C667%2C0%2C0%2C0%2C%2C471%2C0%2C%2C%2C%2C1316%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215868%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1072%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A958038165953%3Ahid%3A896984651%3Az%3A0%3Ai%3A20220510205107%3Aet%3A1652215868%3Ac%3A1%3Arn%3A374495757%3Arqn%3A1%3Au%3A1652215868731165073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215865841%3Ads%3A10%2C83%2C667%2C0%2C0%2C0%2C%2C471%2C0%2C%2C%2C%2C1316%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215868%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 97

https://foremedianative.com/native/nativead/4/09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c/?u=1652215868713 HTTP 301
https://foremedianative.com/native/nativead/4/09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c?u=1652215868713

154 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request ohio Show response
www.pua-unemployment-login.com/ 46 KB
11 KB 760ms
667ms Document
text/html 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e781551b26f8fdaaa828b555b92cf515e8a481a92ea4f544c25a982e7b9f75b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 70958d0a3f628fd7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 20:51:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 11 Jan 1984 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzAP6izGCsb2Ju7ZlL3On6%2Bx%2F8pRHLQpgsrlDuii93%2BnQ1JlQhQBHzau8E27J9byDhwGZIVcGZvYBIOzV1Kfp%2BvLw9OHh46FLmRlqirKUDgVaRUd12lbf3u83zNMIUbz9QjEMA8GphhZvA3o5OD2Y%2FwT5rvEDRzahID5OR0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
x-cache: MISS

GET
H2 200 analytics Show response
platform.foremedia.net/code/8428/ 1 KB
1008 B 251ms
153ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/analytics
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb02060fbb2cd5a6affe0d185aca6d9227a2c2fc53cd7b5be44ca9b95f2cec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWUkVtC9CxLSkfxwJcbJosTifnFso1Ni320Mq3UDjDOn6Z%2BNnYLaj39GoYw5znr%2F6O0xq1RSobq3Q6JeweVaYohBvSw1ZGfjcPmU9WL7AjsvImWUE6AwYzuBVSiYg2oMix%2FB5XyALsQjQwm5laSgsQPpFKiM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70958d0f1f099bd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5681.js Show response
cnt.trvdp.com/js/1319/ 6 KB
2 KB 157ms
38ms Script
application/javascript 2600:9000:2156:d200:1e:6a6f:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1319/5681.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d200:1e:6a6f:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4257ae7fef496cc1b81dd5e2fab57e8c938400c10b11566bf3a7fe41ff622f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:39:48 GMT
content-encoding: br
last-modified: Wed, 24 Nov 2021 17:29:03 GMT
server: AmazonS3
age: 14440279
etag: W/"067d663d6cf48d47cd216775910d4fbb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bjGP7PFsL4fkzj_d1G6Kh8D0pNLzMi0QP9xkkzgZ5HQlSYRbTQLmqg==

GET
H2 200 style.min.css
www.pua-unemployment-login.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 56ms
54ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Apr 2022 09:46:05 GMT
server: cloudflare
age: 777
etag: W/"625155dd-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeUbAd521hpTjRuh9Y2H7l3r2joG1uYxtK%2FM7r6GlrM5RUFNIVBW3HK2kitnpMc7DiXTzkaDZXU6Kiovt1mclBN6Ux5Yqz9rDVK3xp%2Bv8Gj9bEotX6zL2yQelBvub02g3V%2BWT3wG%2BzCRdn5xk3RqAyRGLaGXTt9iSuoUmFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70958d0e8d748fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-options.css
www.pua-unemployment-login.com/wp-content/plugins/widget-options/assets/css/ 1 KB
601 B 53ms
51ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
cf-polished: origSize=1046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Mar 2022 04:50:58 GMT
server: cloudflare
etag: W/"62204932-416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dczL1GfjO3e9kz0aWINkuYAoFzVxhc%2FfDUHTd6rAbiDLq93DJ4EpBnag3bGQ%2FTT6kw32O0b7b1oTbJuBMEaWNCdqsdmrJrCtR33Ku9y8naSWa83vL1wW4DlZ02F%2Fpc%2B2qyC6kqyFXdlFP18V86ylllLmry%2FJos4s02H0l2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 70958d0e8d768fd7-FRA
cf-bgj: minify

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/ 55 KB
11 KB 53ms
52ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/style.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f756dfbe6acaf000051e953483ef0b192ebde398a02a3b02342626d01e19cd2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
cf-polished: origSize=74854
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-12466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7jo7mB1rUNgkVfIK9AaKL1iCcc8Lq7pUx%2FwlvnZcLet7VHDwbZwU8mcBzOHItuR2dKTvmqyYEzhCrxPqV7BS6dhKqOhAoC81YWVG4grdKJE%2FRfhFSlekJ4ARyzRxD5xApBHEc%2FKb7JLMwycflIkd1Fk1JEAmCD8PYrIZEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 70958d0e8d798fd7-FRA
cf-bgj: minify

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/ 5 KB
2 KB 54ms
52ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/style.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1acdc2684bd8b7adaff16a3484ffbfb6aba5d5f84c8f3b953b627d964f1dee09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
cf-polished: origSize=7462
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 05:10:16 GMT
server: cloudflare
etag: W/"623ea038-1d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjPxvkk%2BFXd73ndeQts8KxNFyjvPqsZxPTGMg0RKbQD5otglVsjwmUJ6vbTIUHF7OC8nRzw4n2L3WWpsjP%2B7KbjNVbXc0b%2BErMsFWgHdaiABKB2ZSOAylWbI6Je0dRS3pFhvEzKjcVUCdDV4tR5Ew%2F6GUzNT4DGLsZ0S7O0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 70958d0e8d7b8fd7-FRA
cf-bgj: minify

GET
H2 200 genericons-vfbebe6833240b44e5b7683d3f72df194cc085824.css
www.pua-unemployment-login.com/wp-content/cache/asset-cleanup/css/item/ 26 KB
16 KB 48ms
47ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/cache/asset-cleanup/css/item/genericons-vfbebe6833240b44e5b7683d3f72df194cc085824.css
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193af24ee1ee57616c68f47ca4cc71c36fabb05b1afae6d15f4b0e267fc89c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
cf-polished: origSize=28594
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 09 May 2022 08:15:21 GMT
server: cloudflare
etag: W/"6278cd99-6fb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg2ad3hrXGe7GjC0TtFg0OtY5THPb24XeFOqimBzH6iXRUc%2BAzMp2Qmi%2Bda43%2FTxG2rqGF92Fz07kHnUpC7%2FyFIwM2Ym%2F%2Fvt%2FIhXoElrOAjhBe7gLWWl8Dn95%2BHNjK%2F6DlRFtA9f7OKAep7A92%2FbzZv39PCFN84fTP2tG50%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 70958d0e8d7c8fd7-FRA
cf-bgj: minify

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/ 5 KB
2 KB 54ms
53ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/style.css?ver=20201208
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1acdc2684bd8b7adaff16a3484ffbfb6aba5d5f84c8f3b953b627d964f1dee09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
cf-polished: origSize=7462
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 05:10:16 GMT
server: cloudflare
etag: W/"623ea038-1d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GSlY6ffQusu7hk8NDhNFeKuMJtcg9Vyme6i60Gd12UMMxdg0IQzvukDNCsiWGEJr16e24wfApcwqT08uzO15SEipMO0RybiJAvj%2BesPtjvU8dKtlzZ3axzD5EFwcKEWLyeT43vakE46j%2FWRM%2FYI4lS%2BiBYyXOLBUTy4fo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 70958d0e8d7e8fd7-FRA
cf-bgj: minify

GET
H2 200 blocks.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/css/ 6 KB
2 KB 54ms
53ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20190102
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f82e92f570144e5591909c4e61040ac0cbcb1024d0c0acc6a79abf7364d84ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
cf-polished: origSize=9246
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-241e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ctv0Rtm8e%2BTVliDby3zJ2Fb8Q08pAZKjT%2FBonZdbu5VcVvALlqbvQmBNSQPZQAGVqsTv7h3r8SxzgK%2FDVed8pzPSLjggck%2FzH1CldW%2FydObYGvH0%2FwuMDf2ghO2uHfq2GtWIDYZwGmeun%2BtNjAlsu5XlEejfmzEW9hQUkjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 70958d0e8d818fd7-FRA
cf-bgj: minify

GET
H3 200 jquery.min.js Show response
www.pua-unemployment-login.com/wp-includes/js/jquery/ 87 KB
32 KB 122ms
121ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Sep 2021 05:11:34 GMT
server: cloudflare
age: 777
etag: W/"613edd86-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoTINjtCbAvWjlop%2Fv9r1K6M6YoV6BQXIlz%2F429B45UbwhGiVLIxhK%2BhZLBcYdO0enNb7Az4m1zoe6mTBk61IBD9mRoKoZaVcEReQIRs9fRM7lEuCkABgbsFajudziy4l4zWaFc4axkhkla58EmUlunzM8okL9fuBEI%2FMuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70958d102a3b9164-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cropped-PUAUnemploymentLogin-logo.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/09/ 4 KB
4 KB 85ms
84ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/09/cropped-PUAUnemploymentLogin-logo.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93fbf26c7da3d17b1d602ee05d91d63af89666e1c7df99fa9ea7656973102c9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4036
last-modified: Mon, 27 Sep 2021 05:30:47 GMT
server: cloudflare
etag: "61515707-fc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmNrSLmlD30Cx%2B1Lb%2FsoiEewZ%2FNnJaxodxlIFtCuEd8E4EX3O%2BaYFUMBYrsPrhy6%2F8B1bihYsW3hawbVLpR7%2Bf4%2FSiNsANSzWAadlLKqZGNgIpBn41Zdo79mdAOIRcgT%2B0lOZ%2BXl0ywg6ZMfPauz5W6gwUrYPM5w6gtAHYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 70958d102a3c9164-FRA

GET
H2 200 c5 Show response
platform.foremedia.net/code/8428/ 1 KB
779 B 140ms
140ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/c5
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccceafbf83aec903f0974b23f6c94fac56cebb332adc6d7fb48f4d957ff6329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnpJut9RvsL0nET5ymUP7pMDxiv9kMnP5fjb86fbNU5toATZ3b6xziPvi4Pa4DLZPwWB0gCEKHUVBxFa8cPIAwPnoFrGW4lXLNRcrmOcE34nhcdfC%2BYW9WDtfpjcTeMvG2uWOcrH%2FHp0ODaxUdSEJCkEulQd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70958d0f8fe69bd0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 199 KB
69 KB 146ms
37ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0f5a0cc806846ed2f58fbb2740c4c7ef9ad190e401368493c1442b7dcc9eecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 08:07:53 GMT
etag: "17-JFnhdNKXF6rpRO6vlr0R3LvmkLE"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 81d81e7c99b49e4b194316901885e392
timing-allow-origin: *, *
content-length: 70342

GET
H3 200 c3 Show response
platform.foremedia.net/code/8428/ 1 KB
990 B 190ms
147ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/c3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da524ab3b63b0729cef49c40106e10fe0f23483c0a761355cbbb7ee3742ccc28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YRBzUuSjeolcnKjKH4cg6ZYV838zC0zjTdLreAUI75FGppeCytGRKoQIk%2F8v1ivysaS%2FE9Xp574mc3JDcDSn6XFp6CRqJf7B%2FuGl03oKYYusFMBbMEYFTwNt7Ktt5qmV8Co5R1zS4PjX71WwFGLql%2B%2BBB1o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70958d105db26964-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Best-Amazon-Deals.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 55 KB
55 KB 47ms
46ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Best-Amazon-Deals.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe6a6b5b64bf6ea1a25fd5aa7c736f971111fa066ba856cde47432d02dc263b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55972
last-modified: Sun, 11 Apr 2021 12:55:52 GMT
server: cloudflare
etag: "6072f1d8-daa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ym%2BFGgTzQ%2B7klGSh5E4XIdvweQiQ6rijfyrVD5snR68UhvFxqp%2BzTaQ8QKJmms8qxaLZnATQ0YXaU1VQgtZ6VLCnjmjwrBMwbZi1IXXgsMXUAsRsEKXSJhsJNjDtEZZP3pQwiUiVkWpp8t1MvF3ch9rflAJI0tDR2ZrffNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 70958d102a3d9164-FRA

GET
H3 200 Best-Amazon-Coupons.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 75 KB
75 KB 195ms
194ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Best-Amazon-Coupons.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40143e736f525cb284279c368de9f5a44ab9278dba7911c1157d5ec0ba0a810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76715
last-modified: Sun, 11 Apr 2021 12:55:52 GMT
server: cloudflare
etag: "6072f1d8-12bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fa5UJzArW7arwjbw7mzQyRL8AAoOuTMtZqZskLp%2FHBR8uHATW36oYFeOL2vJoCT%2B97%2BbhCDwLHjxRJ8ijnSNlxP6MVcottWlh933sVDERLzWFzq9yzPoOuAGKdH0cKGMiSSKrMTZoNMBcn7H08%2FQ5CZHLvkKYGH2lJLAL6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 70958d102a3e9164-FRA

GET
H3 200 Amazon-Prime_Now.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 49 KB
49 KB 85ms
84ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Amazon-Prime_Now.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df174ce03e6a22ad812e3301fa1cb4c94bb1c8fc36690e4077a958c4446eabb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50072
last-modified: Sun, 11 Apr 2021 12:55:54 GMT
server: cloudflare
etag: "6072f1da-c398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZ%2FQuY3EK4JxPCACbB5m7PPQygcRBeRk7FGTnaUu8yL0jkwCOiBkCNC9o5D3BLuQ%2FOU2HLngXMcUc7JOfoN4znCLgMOIVqWISQW%2FpCgERlGOEOpnven2luD5eyi6QhP6EPFjf8Ab0b9p77TX7Fu7qJG1thn4ka1Ox%2FcYBCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 70958d102a3f9164-FRA

GET
H3 200 Audible-audiobooks-podcasts-audio_stories.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 56 KB
56 KB 86ms
85ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Audible-audiobooks-podcasts-audio_stories.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e467b8cb04f6f34bd50fa7f2f15a21d229f4403a8b88b25456219689377819ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57171
last-modified: Sun, 11 Apr 2021 12:55:54 GMT
server: cloudflare
etag: "6072f1da-df53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cy1wMFHSfpDTTY6xIkX9i0GgxQdsDWcyTNkjKAgiOPs3PWnJSbfEQO%2BOXF9VscxGOkRKNeh99Z2IUq0mOISJSg1xarqgKgvBg16d1a2ENplZy8oGwFU1eARyxSsJKlse9JzB8pe%2FgWcIpcFaHK0UU%2BWbWNT4vb1tzc8NOFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 70958d102a439164-FRA

GET
H3 200 skip-link-focus-fix.js Show response
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/ 605 B
868 B 161ms
160ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ac754f43f0059a7e083b86aebdd7e6df7974df57209f7164709a238d3302d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
cf-polished: origSize=1095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9mNmmbgcLRP1JVjE0qCxEzPd0kcpSGRs1F0Tz87AyzFHB2WtaBiPipXOeoVz83n%2FH4degLv2fmV%2BsP4W%2BtanhoFqqpjEAr0%2F5ywxh8aXogtuRfLnyThlRj7Dcebrz16g7whhKjyrqWGOFoZT6LUQtfnp9PHfVbB76LDuvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 70958d102a399164-FRA
cf-bgj: minify

GET
H3 200 functions.js Show response
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/ 5 KB
2 KB 124ms
122ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b26f4370b5fcaa6e2fd63a64a1de2b080db94131eb58afb6203328f2d019abf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
cf-polished: origSize=7542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-1d76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm6xZdR4M5A0YmGP09GoMmwexDwy7ojxNw1jFgSRhCaHJvQlNKguiAFptMwV%2BsICWSZqXuq7Ga4ZtjKPiIayBGOEInAL2N%2B0iUBkB8pp25oiO25EmeAkNHgLAWNjYk5h5zi5GxwmKShr%2F7aXdwoNOqPiJTtBY%2FvoQ0WaVZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 70958d102a3a9164-FRA
cf-bgj: minify

GET
H3 200 gtagv4.js Show response
www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/ 91 KB
35 KB 235ms
234ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 Mar 2021 07:37:06 GMT
server: cloudflare
etag: W/"60506022-16ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2F2J8dafidHluSUSxmWuDoXvhfdFRFPCkARWBxGHdoe9ti5elBNrUw6JdHbEHB8W%2Fpae4%2BHjonI80qXDgCGisa6xsb5JTlMHoB2qNJ95mZ8yK0i8RlbKE9Pry20ye%2FXEQp6Va19znwnswbQG5z1C4wHmsTSkNPimNMmbuoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 70958d102a459164-FRA
cf-bgj: minify

GET
H3 200 footer_float Show response
platform.foremedia.net/code/8428/ 1 KB
1001 B 183ms
148ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/footer_float
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b69a3dd2271ada2d50dfe7bfaea402e8ae9d830cd245e34fac2437ca33158d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2F%2BpEkWfPS1OcXudLhr%2B1b4hgDOCFSZKbgmri5RbO75Gu%2BxZMwoXFsAwoL%2F6vpkXZFqP1wWkDM2mOkPjzQ6berjRX2FAks%2FrgEKVPccqRtyOVCBH8fqabDlAiyk53qpzGP%2Fw3bTeEfr67Tiw4SVuVa6Z0QJo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70958d105db56964-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
www.pua-unemployment-login.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 271ms
270ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/ohio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 May 2022 02:56:15 GMT
server: cloudflare
age: 2809
etag: W/"62748e4f-2063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxZ5aHcZ2COTwz%2Bup8HVf98mEDG0UrUhY403IFhRkZxRRBYwnl5bWUhaXlW40EkXp8MtTKy2p3jZR%2BML5ysRSaHfKC%2BS0Hf%2F7aVuyNDnAuHqbMo5TKwTXUSVm8Y5X7bIlWVfrFarODMX08%2B021Q4nXVzKNoGgThZUk3eHtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70958d102a479164-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics Show response
platform.foremedia.net/getcode/8428/ 8 KB
2 KB 203ms
169ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/analytics
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/analytics
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d637341e9d6d89752d08ae604391544a79e884fcb68c56a617c700b906555b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvEA%2BDqxoNXUL2X7uV1kMVLS%2BIk8%2BqgwQPfoabln2SB0zjXv93Wfe7XyaGsxjCNvG%2B%2FXKtmPFCfOKH3HRjh6k%2FVWNbOjCj%2B0FuMAjF52%2FR2ERMdLVtaWJHq%2B0HxYhcCIiP3Y73V7AXxM13MMzc19LY6Y7AmX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70958d105daf6964-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://www.pua-unemployment-login.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 c5 Show response
platform.foremedia.net/getcode/8428/ 1 KB
890 B 140ms
140ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/c5
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/c5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7efc48e5c37e8d392a52637dbdacc1b81c7ba29c8f10cd5a0ddb3cdd3fb180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUte4zH8b6%2Fa8UPi800YYvMDuv5NUieFJyXyqavcWEFbkwFVD9XeZvtXvXnCL%2BDiiDyvQKSVOAbKvpX8u8wHQhbas%2FX656ABDzwHud3dG9f2MKy28lVyHN9PiSUuQpz7ZHwSnR6RcuqB7cr7Ort9CPKXqMDt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70958d106dd36964-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 c3 Show response
platform.foremedia.net/getcode/8428/ 1 KB
853 B 133ms
132ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/c3
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/c3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a9eaebd1e51360e20a453fd080f7dc7ce220eb009c50c3337b41cf1b0db975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wyj2udhjt1R6ygOnXAOEAsmuWr8dWx695cQmE%2Fz7f7y5uCiyi93pN2YnzJsgR5JgVpEWDSIvx6%2BnsEop1vUG4yt6NtEBaAAJhgqOn2xrmtzE4uTNJ5erpWozRSC4QYK1NCibGeQ1qgk0DX856OHK5S2sJd15"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70958d114f6b6964-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 footer_float Show response
platform.foremedia.net/getcode/8428/ 1 KB
875 B 135ms
135ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/footer_float
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/footer_float
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3a4411f186523148f4e4703a96f2259ee672b7b6133abe7953f243f571d7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyksZ3hUvvYSsCWCVmZ2gGdsUaX3SkGfEIgRt2%2BHx6jSJgoEyfqNGlOW%2BceoDSVUDqSnz2TatcA13aGfZwf12ROw2uCwtxwM3mwyMejQ0oagvVzpDk069ef%2BYw%2FFrQmQgjniiw1zugBa%2B%2FVIrucrbw7zxUlR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70958d115f7f6964-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 128ms
46ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8428/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54b0489eeab75dd1bcb5f6856c67ee4731ea74b0a64442b185505ff0d93631fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38878
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 20:51:07 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 154ms
57ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8428/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

f63c6de989281851ed59dfa1c06a7eecd4ab37f89453a7dd89150a2e1b8be469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28409
x-xss-protection: 0
server: sffe
etag: "1211 / 962 of 1000 / last-modified: 1652204103"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 May 2022 20:51:07 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 331ms
152ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-1149e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70814
expires: Tue, 10 May 2022 21:51:07 GMT

GET
H2

200

1
mc.yandex.ru/watch/87761349/
Redirect Chain

https://mc.yandex.ru/watch/87761349
https://mc.yandex.ru/watch/87761349/1

43 B
83 B

87ms
86ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/87761349/1

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:07 GMT
last-modified: Tue, 10-May-2022 20:51:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:51:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:07 GMT
last-modified: Tue, 10-May-2022 20:51:07 GMT
strict-transport-security: max-age=31536000
location: /watch/87761349/1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:51:07 GMT

GET
H/1.1 200
OK d3d3LnB1YS11bmVtcGxveW1lbnQtbG9naW4uY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 338ms
51ms XHR
application/json 184.87.213.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnB1YS11bmVtcGxveW1lbnQtbG9naW4uY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.205 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 10 May 2022 20:51:07 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=30460
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: a7a6e7adb8215d5261c4e854f96a81d8
Content-Length: 15
Expires: Wed, 11 May 2022 05:18:47 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 76ms
39ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 09 Jun 2022 20:51:07 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
358 B 143ms
44ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2X191KKTRE&gtm=2oeae1&_p=1363502526&sr=1600x1200&ul=en-us&cid=1673269917.1652215867&_s=1&dl=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&dr=&dt=Page%20not%20found%20-%20PUA%20Unemployment%20Login&sid=1652215867&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 93ms
91ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1&l=dataLayer&cx=c

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10ab9ae1d16ca00d6b56fee2e4c687eb5538ae42dfb0fe60af8e5baa9dbd33ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38900
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 20:51:07 GMT

GET
H3 200 pubads_impl_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 118ms
38ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127685
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 20:50:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 128 B
128 B 128ms
47ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

eb493a6b8a417aa33b098f8c0c34376509a6d7032b4f66351133c8325f84189c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Tue, 10 May 2022 20:51:07 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 10 KB
4 KB 303ms
193ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=%27.get_permalink().%27&idx=0&rand=98604&key=NANOWDGT01&widgetJSId=GS_6&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=1055&py=911&vpd=0&cw=324&activeTab=true&darkMode=false&settings=true&recs=true&version=2000718&sig=rTxIUUUd&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2cf5b79db4626571627f31e8a7e3bec8d03ac3989d6e2b4e6ee2253f53f65b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1652215868.559537,VS0,VE136
accept-ranges: bytes
x-served-by: cache-lga21983-LGA, cache-fra19152-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 03edde0b2cc0dab1a52fd74493992660
content-encoding: gzip
content-length: 3279
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 498ms
113ms XHR
application/json 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1652215867459&sessionId=ee411d24-b7a4-573a-e35e-ed1c81dac346&url=www.pua-unemployment-login.com&cheqSource=1&cheqEvent=3&responseTime=344
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:51:07 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: fe38fd41bcb0b10987246de3779d8d29
Content-Length: 4
Expires: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9634.mEkyCW2Y_bO-bCoPTf8dgW47QKDMUTUU0zr_tTFTaha-wKHvgU_0kguj9H_8eyX2.bD_9bMbwlfP750TcWmVOTGdOVWA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9634.HU1Ii4ie-H0P3uKpEZHJSyHRt03cX7YKFSMddzGUMxh2s7WkOfn0MWphEFlKdda9l4qVMhbbsLUZhozIVgoouw-rkUrV-ChrZTJ-qJGnOEg%2C.-Dsj6CCs2q7qXfRFuKcNHv3zrIc%2C

43 B
331 B

80ms
78ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9634.HU1Ii4ie-H0P3uKpEZHJSyHRt03cX7YKFSMddzGUMxh2s7WkOfn0MWphEFlKdda9l4qVMhbbsLUZhozIVgoouw-rkUrV-ChrZTJ-qJGnOEg%2C.-Dsj6CCs2q7qXfRFuKcNHv3zrIc%2C

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9634.HU1Ii4ie-H0P3uKpEZHJSyHRt03cX7YKFSMddzGUMxh2s7WkOfn0MWphEFlKdda9l4qVMhbbsLUZhozIVgoouw-rkUrV-ChrZTJ-qJGnOEg%2C.-Dsj6CCs2q7qXfRFuKcNHv3zrIc%2C
date: Tue, 10 May 2022 20:51:07 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
100 B 79ms
79ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 10 May 2022 21:51:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 138ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 140ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 221 KB
26 KB 602ms
601ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2564605264663829&correlator=1251360285236024&eid=31067277&output=ldjh&gdfp_req=1&vrg=2022050501&ptt=17&impl=fifs&iu_parts=21863165165%2C22264204666&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%7C300x250%7C336x280%2C320x50%7C300x250%7C300x600%7C336x280%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C320x50%7C300x250%7C336x280%7C250x250%7C200x200%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C728x90%2C336x280%7C300x250%7C320x480&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2C0%2C0%2C0&ifi=1&adks=201602978%2C2183081903%2C3593666348%2C2311508265%2C574321577%2C2311508267%2C2311508266%2C201602981%2C2967810272&sfv=1-0-38&ecs=20220510&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&fsapi=false&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7C&sc=1&cookie_enabled=1&abxe=1&dt=1652215867594&lmt=1652215867&dlt=1652215866604&idt=961&biw=1600&bih=1200&adxs=-9%2C-9%2C1040%2C-9%2C1040%2C-9%2C-9%2C436%2C-9&adys=-9%2C-9%2C2369%2C-9%2C485%2C-9%2C-9%2C1110%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C360x0%7C0x-1%7C360x0%7C0x-1%7C0x-1%7C1600x6155%7C0x-1&msz=0x-1%7C0x-1%7C360x0%7C0x-1%7C360x0%7C0x-1%7C0x-1%7C1600x-1%7C0x-1&fws=2%2C2%2C0%2C2%2C0%2C2%2C2%2C512%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1673269917.1652215867&ga_sid=1652215868&ga_hid=1363502526&ga_fc=true&btvi=-1%7C-1%7C1%7C-1%7C0%7C-1%7C-1%7C0%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

be67f7ae0b641a9b22d647a2fd65fe8a2ca608eb9bf9e8941badd898d2787e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26936
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,5564880863
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,138367836629
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 57B8 6 KB
4 KB 157ms
46ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:51:07 GMT
expires: Wed, 10 May 2023 20:51:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 37ms
37ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

babb18965e9ca0d1953890df5b83fd4d714854b55e5af46dbec4bf768ab534c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13436
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 May 2023 10:36:20 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 40ms
39ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1651391295.775433"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 09 Jun 2022 20:51:07 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 512ms
130ms Fetch
text/plain 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=4500860755c10172c676a530d66da2c2_122703_1652215867646&tm=628&eT=0&widgetWidth=324&widgetHeight=33&widgetX=1055&widgetY=899&wRV=2000718&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=313&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
X-TraceId: f88e298fe5056f2f89a7f214cafaced1
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000718/module/ 37 KB
14 KB 43ms
42ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f8aadd68eb9c6abebf719b41cefb6466283be19d3154c9e51f38f0bac1bb7b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 08:06:56 GMT
server: AkamaiNetStorage
etag: "33b936cbf673d430f7f9f967c3a4310d:1652176804.781598"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13600
expires: Wed, 11 May 2022 00:51:07 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 12 KB
12 KB 42ms
41ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "65df986ae65cffdf92a926e7c42a25a8:1651391311.776385"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 12268
expires: Thu, 09 Jun 2022 20:51:07 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 274ms
114ms Fetch
application/json 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=4500860755c10172c676a530d66da2c2&pvId=4500860755c10172c676a530d66da2c2&sid=8537982&pid=122703&idx=0&wId=834&pad=0&org=0&tm=686&eT=3&cnsnt=no_consent&wRV=2000718&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:51:08 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: dfc81ef5d17b2f5300e8d3aa8217e3ab
Content-Length: 4
Expires: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/87761349/
Redirect Chain

https://mc.yandex.com/watch/87761349?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1072%3Afu%...
https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1072%3Af...

338 B
739 B

81ms
81ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1072%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A958038165953%3Ahid%3A896984651%3Az%3A0%3Ai%3A20220510205107%3Aet%3A1652215868%3Ac%3A1%3Arn%3A374495757%3Arqn%3A1%3Au%3A1652215868731165073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215865841%3Ads%3A10%2C83%2C667%2C0%2C0%2C0%2C%2C471%2C0%2C%2C%2C%2C1316%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215868%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8d4b5f0005b2d8a47b9b0fc0fdf0a351ad45b0f5900a55e624b4a70000544bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 10-May-2022 20:51:07 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:51:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:07 GMT
last-modified: Tue, 10-May-2022 20:51:07 GMT
location: /watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1072%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A958038165953%3Ahid%3A896984651%3Az%3A0%3Ai%3A20220510205107%3Aet%3A1652215868%3Ac%3A1%3Arn%3A374495757%3Arqn%3A1%3Au%3A1652215868731165073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215865841%3Ads%3A10%2C83%2C667%2C0%2C0%2C0%2C%2C471%2C0%2C%2C%2C%2C1316%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215868%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:51:07 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 17 KB
6 KB 319ms
299ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%27.get_permalink().%27&settings=true&recs=true&widgetJSId=GS_6&key=NANOWDGT01&version=2000718&apv=false&sig=rTxIUUUd&format=html&rand=85215&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDUwMDg2MDc1NWMxMDE3MmM2NzZhNTMwZDY2ZGEyYzI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11520-0&layeredTestInfo=11520-0-&dpr=1&cw=324&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3a986f929c194d761eefb5f6032a6258f70d9ffe752a343a08aee086e8f411b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1652215868.855644,VS0,VE261
accept-ranges: bytes
x-served-by: cache-lga21957-LGA, cache-fra19152-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 0ddbe3b1a01a4878278127dd5cbe4cdc
content-encoding: gzip
content-length: 6031
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 5681.js Show response
go.trvdp.com/init/ 6 KB
6 KB 150ms
41ms Script
binary/octet-stream 2600:9000:2156:a200:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5681.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1319/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a200:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 930eb3f887b0f657812c12b21e1648e6955384adedca8aacab2855ed1d0b1acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:50:39 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:05:49 GMT
server: AmazonS3
age: 806430
etag: "641671317bf70963ec45e1c50edb6c0f"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: DeQ6of0vpbcjRNwePel8R-o1nxwS7U74o8vQLT3TTf4OmJjcBMsfjg==

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 7 KB
4 KB 254ms
143ms XHR
application/json 108.157.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1319&wid=5681&cb=7784.551831961544&pid=4272&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-6.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e35e5f94adbf07e0121025407f631f9a49fb4ab9597e87af6d42da690656250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.pua-unemployment-login.com
access-control-allow-credentials: true
x-amz-cf-id: yV-ujgXh9GQua7DBGhO5YrYFRDiUDSdpIsS89HJZfawxSwp5wqve9g==
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000718/module/ 503 B
812 B 50ms
49ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000718/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e442afceada3ad856d11b90bcc9ccfa5ee84182e6fa2125e5656ab00221f3f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Tue, 10 May 2022 08:06:56 GMT
server: AkamaiNetStorage
etag: "d26ce1388f9514ff5e64d329df699a87:1652176799.408778"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Wed, 11 May 2022 00:51:08 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 228ms
127ms Fetch
text/plain 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=19dbf1efd89b26568e4edf49eb339b2d_122703_1652215868072&tm=1049&eT=0&widgetWidth=324&widgetHeight=342&widgetX=1055&widgetY=944&wRV=2000718&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=336&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
X-TraceId: ead691d267e6378be2b88a4de3fe82d1
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 150ms
47ms Script
text/javascript 108.157.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-52.dus51.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:34:14 GMT
content-encoding: gzip
server: Caddy
age: 11814
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: DUS51-P2
content-length: 18458
x-amz-cf-id: 4TXPz94qxFriS66w9h5sxOawrjptpGBwmQT9xOLZ2Ug7pWTEptd0WA==
expires: Wed, 11 May 2022 05:34:14 GMT

GET
H2 200 eyJpdSI6IjFlNGM4ZjNiNTUwNTgwYTZjMjg3NjM5N2ZmMDc4YzBmOGRkYWUwNWE5MTY4ZmQ1MTM4NzM5Y2U2MWU4Mzc5YWUiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjaCI6NDk0NTk1NTU1LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 28 KB
28 KB 160ms
50ms Image
image/webp 184.87.213.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFlNGM4ZjNiNTUwNTgwYTZjMjg3NjM5N2ZmMDc4YzBmOGRkYWUwNWE5MTY4ZmQ1MTM4NzM5Y2U2MWU4Mzc5YWUiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjaCI6NDk0NTk1NTU1LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.205 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8eb16c0eab583526e5aceef87b6fdd3f9d7074a1902bc09a9c7492fbd07c8117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
cache-control: max-age=340975
last-modified: Mon, 11 Apr 2022 16:29:17 GMT
x-traceid: 77ca6604dbb008f5bcc82d3038a05539
timing-allow-origin: *
content-length: 28502
content-type: image/webp

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 113ms
113ms Fetch
application/json 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=19dbf1efd89b26568e4edf49eb339b2d&pvId=4500860755c10172c676a530d66da2c2&sid=8537982&pid=122703&idx=1&wId=1515&pad=1&org=0&tm=1063&eT=3&cnsnt=no_consent&wRV=2000718&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:51:08 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 4be196d9caade7945087ef57a964e3be
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 18 KB
6 KB 440ms
440ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%27.get_permalink().%27&settings=true&recs=true&widgetJSId=GS_6&key=NANOWDGT01&version=2000718&apv=false&sig=rTxIUUUd&format=html&rand=10306&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NDUwMDg2MDc1NWMxMDE3MmM2NzZhNTMwZDY2ZGEyYzI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=1&fAB=11520-0&layeredTestInfo=11520-0-&clid=ee411d24-b7a4-573a-e35e-ed1c81dac346&fdu=www.pua-unemployment-login.com&dpr=1&cw=324&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa1684f03b06bdc3b85e16da9195c861eb3bc4e0eac0f5e091c79218838523db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1652215868.201147,VS0,VE403
accept-ranges: bytes
x-served-by: cache-lga21946-LGA, cache-fra19152-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: e6c7af302668391b4783e37f2ff1588e
content-encoding: gzip
content-length: 6514
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 77D5 4 KB
1 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:57:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 10 May 2022 20:51:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 May 2022 20:51:08 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/ Frame 77D5 19 KB
9 KB 125ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:46:55 GMT

GET
H3 200 container.html Show response
b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2374 6 KB
3 KB 118ms
42ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:51:07 GMT
expires: Wed, 10 May 2023 20:51:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A52A 6 KB
3 KB 111ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:51:07 GMT
expires: Wed, 10 May 2023 20:51:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D3A 6 KB
3 KB 104ms
38ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:51:07 GMT
expires: Wed, 10 May 2023 20:51:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.742/ 658 KB
179 KB 138ms
47ms Script
application/javascript 2600:9000:2156:9400:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.742/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 14:40:17 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 06:41:24 GMT
server: AmazonS3
age: 2355052
etag: W/"d40fd85fcbb9dac1ff245ac8cec6aeb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vWqFtmqv8OTYQOLtt6FRNLYITrfLYJR1ZF1WOKW0x3yXCcxBKqkULg==

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 2 KB
2 KB 404ms
138ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=73518621151021079012291240098271741020768067090758006278766803261509&nc=0&tsf=0&tsfmi=&pv=0&cb=1652215868449&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1738489652&at=&bid=e30%3D&di=W1siZWYiLDM2NDBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyKVwi%0D%0ALFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJv%0D%0AbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixc%0D%0AImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NTMsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0%0D%0AIHdlYmdsXCIsXCJzZWZcIjoxMDUxNjk0MDg5LFwic2VjXCI6XCJcIn0iXSxbLTEsIi0iXSxbLTIs%0D%0AIjEyLGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJISkw4NkwyM0FDR1VoQkl3SVNT%0D%0ARUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9yODcwdXhxRngiXSxbLTMsIltc%0D%0AImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFp%0D%0AXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwie1wi%0D%0Ad1wiOltcIjBcIixcImNocm9tZVwiLFwiYWxsb3dlZFwiLFwiYmxvY2tlZExpc3RcIixcImlcIixc%0D%0AImZvcmVtZWRpYV9mcmFtZVwiLFwiZm9yZXNob3BNZWRpYUR5bmFtaWNUYWdcIixcImVsZW1lbnRc%0D%0AIixcImZcIixcIiRcIixcImpRdWVyeVwiLFwiZm9yZXNob3BNZWRpYUR5bmFtaWNUYWcxXCIsXCJm%0D%0Ab3Jlc2hvcE1lZGlhRHluYW1pY1RhZzJcIixcIl9jcmVhdGVDbGFzc1wiLFwiX2NsYXNzQ2FsbENo%0D%0AZWNrXCIsXCJSb2NrZXRCcm93c2VyQ29tcGF0aWJpbGl0eUNoZWNrZXJcIixcIlJvY2tldFByZWxv%0D%0AYWRMaW5rc0NvbmZpZ1wiLFwic2NyZWVuUmVhZGVyVGV4dFwiLFwiR0FfSURcIixcImd0YWdcIixc%0D%0AImRhdGFMYXllclwiLFwibGF6eUxvYWRPcHRpb25zXCIsXCJsYXp5TG9hZFRodW1iXCIsXCJsYXp5%0D%0ATG9hZFlvdXR1YmVJZnJhbWVcIixcImZvcmVzaG9wTWVkaWFEeW5hbWljVGFnM1wiLFwiZm9ybWVk%0D%0AaWFBZE9iamVjdFwiLFwiaW50ZXJzdGl0aWFsU2xvdFwiLFwic3RhdGljU2xvdFwiLFwiZ29vZ2xl%0D%0AdGFnXCIsXCJ5bVwiLFwiYWRUYWdzXCIsXCJPQlJcIixcIk9CX3JlbGVhc2VWZXJcIixcIk9CUiRc%0D%0AIixcIk9CX1BST1hZXCIsXCJvdXRicmFpblwiLFwib3V0YnJhaW5fcmF0ZXJcIixcIkxhenlMb2Fk%0D%0AXCIsXCJnb29nbGVfdGFnX21hbmFnZXJcIixcImdvb2dsZV90YWdfZGF0YVwiLFwiZ2FHbG9iYWxc%0D%0AIixcIm9uWW91VHViZUlmcmFtZUFQSVJlYWR5XCIsXCJqUXVlcnkzNjAwMTY5MDMwMjg3MTE5NDY1%0D%0ANTUxXCIsXCJpbWFnZXNcIixcImlzX2ltYWdlXCIsXCJpZnJhbWVzXCIsXCJpc19pZnJhbWVcIixc%0D%0AInJvY2tldF9sYXp5XCIsXCJHb29nbGVBbmFseXRpY3NPYmplY3RcIixcImdhXCJdLFwiblwiOltd%0D%0ALFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7%0D%0AXCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJd%0D%0ALFstMTQsIntcIm9cIjowLjEzMjA3NTQ3MTY5ODExMzJ9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxb%0D%0ALTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCIt%0D%0AXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIs%0D%0AXCItXCJdIl0sWy0yMCwiMTY3MzI2OTkxNy4xNjUyMjE1ODY3Il0sWy0yMSwiclR4SVVVVWQiXSxb%0D%0ALTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYs%0D%0AIntcInRqaHNcIjoyNDUwMDAwMCxcInVqaHNcIjoxNjEwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAw%0D%0AfSJdLFstMjcsIlswLDkuMywwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1wi%0D%0AdlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2%0D%0AXCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUs%0D%0AIlsxNjUyMjE1ODY4NDI4LDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0%0D%0ALTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDAsMCwxLDAsMTEsODIsNjY4LDQ3MCwwLDEwNDMuOCwx%0D%0AMDcyLjMsMjU4OCwyNTg5Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiwwLFwiR2Vja29cIixcIk5ldHNj%0D%0AYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDBdIl0sWy00MCwi%0D%0AMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEw%0D%0AMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiRXRj%0D%0AL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5j%0D%0AaCIsMTIwXV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A1055%2C%22y%22%3A919%2C%22w%22%3A324%2C%22h%22%3A440%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=6i7iEiHPSR&sdd=%7B%7D&pto=2610
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: bc0c7610b9e6d11c9ee336017612071dc883b6b536bd554a1b066a6f1e3dd3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1478
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 native.js Show response
foremedianative.com/js/native/ Frame DD7C 48 KB
17 KB 152ms
53ms Script
application/javascript 2606:4700:3030::ac43:8da3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foremedianative.com/js/native/native.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8da3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba03cc685ee113c6a8bde68f5e37f74e8285d0da7bf3d50f916acec186e93edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 17:26:37 GMT
server: cloudflare
age: 6409
etag: W/"c0a4-5da45196234fa-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkL%2Bcvwuvq3UR%2FJkdkoogY6ewAke%2FtUdoglm%2BoJEWCL48vSbIQ0wgI%2BcSiwU8lvxeZ%2BJvljJri%2BqQGhRkRVs02Nf9DMJiU64x43b0uZaPbELocTqk%2FsDjvbp8HL7IkGflbWjfRhQQa5E8wnTvq2pgVBO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70958d1abe1e5c5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD7C 120 KB
37 KB 162ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:51:08 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4D3A 0
0 78ms
78ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMkoWO9B6YpufKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhwJP0CzOONgUHm_xgUSdj2xKptotwg85Lg-EBhrxBGbgOGQYeR0PZbfM8iYBR9MeahWPkiBze38wnGOERvHFOfAVsvlhWEvisKYVri6XTO5QMIe1q1t764yC_QT_3MfomjvZ7dmGFqTtAhjyhlv06AVVwyqqexo778TmnjtI_15Sja9H4VfOxxkM4ugRePVhsk15IR9TpwN_tfj7XHSqq5wKExMivBGqCN2tVCOZVDnyJW90MnApBJeNlzwXakjcotoERBOelDiUPVCtWO-2HbDPZs4q12vex1d_FsldkpS8NFEubLpoT5C0vxF87_fjICkK-Nq6HS-lAXmp6pp_aVPImOJGAUz8q-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzAxMTk1ODgzNDQxMDg5MRjT2nM&sigh=Rt8Ut3LqkPY&uach_m=[UACH]&cid=CAQSPwCNIrLMV_z-bLNTdWki-Kn-Uanr8veygff8T7IcaPezK4xVls8vOFEcZzW9tL6FCfExhxjvn5b-Z4ECtulaghgB
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 4D3A 0
0 163ms
46ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EI-lBKwC2ASdg2ICAgAAALri8-6L2MhMEDvQemLDSxDFRFUojhJ20QASAAA&wp=YnrQOwAKj5sIu8nZAAm-PsJh2xRUVkuEvokeoA

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 221538
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0F6F 171 KB
54 KB 320ms
226ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj5sIu8nZAAm-PsJh2xRUVkuEvokeoA&u=%7C0rweMepMFJSbMojxlue6gsUkNRt7en80JLMAm4wni4A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3GMZfjVtuw14HJf2DcQ2lBYX5-AwDeuHaELAQlYvQIdJmP6ihwSSCvVjMgVe7bXEO3aWFTwIRyIjCyZLi-j-ALzPkP4lEfoiHTFJMGCpDo0sKeKoobiBwJE0H-CLVloonNNHTP2z_J0_x2dC1A1RIaCG9s4OihcYNyPLYGpUC5To1_KosgDmAMSCrOk_a1HNHMAL--knwE4VJI0XDOD_OJzdlXFVMztWfMUtxDgLnSBBfvIaHny2xCrD_ewuY-iKUFQw7i1WVQIbFhacfHngMEzu_yHw9qdNyVuxDyqIcCbDCRu0riMd4W7CJktsuDaAxrONQwcLGT-UZkOVULdHIoPpT6ZVcBUGw_GuC0e8d4wZJM_nJpePue8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaOTuO9B6YpufKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEigJP0CzOONgUHm_xgUSdj2xKptotwg85Lg-EBhrxBGbgOGQYeR0PZbfM8iYBR9MeahWPkiBze38wnGOERvHFOfAVsvlhWEvisKYVri6XTO5QMIe1q1t764yC_QT_3MfomjvZ7dmGFqTtAhjyhlv06AVVwyqqexo778TmnjtI_15Sja9H4VfOxxkM4ugRePVhsk15IR9TpwN_tfj7XHSqq5wKExMivBGqCN2tVCOZVDnyJW90MnApBJeNlzwXakjcotoERBOelDiUPVCtWO-2HbDPZs4q12vex1d_FsldkpS8NFFsbpv6yB8orK7g-1QzHY_y8c6wqyWLGfsdIqfZm-zWtPrDq8jvFIFuJOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_14In9zOoOLWeB9RWVzwhmQ8KM8SQ%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ceb22fe08934d8fd06ac457acfba081c1b0ad7ec78e1a9c8f7871666be8cd5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:51:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZBOrYlwtUJPvhsntLKtMa7-iKwZMqcipFoJL1gWAysPbtzj7UNYIIYhfUraAMC3XCj5hh0iDz1UDbVihb26hjAVS2DsMcfQEMAOKW7QrUA8EG6nh4vD5aJUPZlTjOrwRJCxtoDp17v4IDve8yTjt80KcxIvPTc2fpWmZdl6EUr5Eh5m9EcDn7w5VQcrMMuKfT1sNCR0VcxxM3M43orsJNnBeMV-1zy0wy0BflWDPj5PHj0VMDtEyLXl9N5ylnM3d-2I46A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 130238630
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 4D3A 3 KB
1 KB 153ms
73ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:48:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D3A 120 KB
37 KB 196ms
96ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:51:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 4D3A 15 KB
6 KB 143ms
64ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:48:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4D3A 22 KB
7 KB 125ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A52A 0
0 75ms
74ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CydD9O9B6YqCfKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEgQJP0DYWYq0zFVaQXiYVwx3ZvtbbNXozPPbVqnhS1gVFXqivQy0MqvMIuG3oLCo9lAZlcbTMyBhXoo2uavLlaS1V_zGjCbl8HLar10_FbEkqgoLHF3u4tmgcutVDcA9Uo4WdXJZT-jlnadSYMi4VrGtQIeHCUedhXrwibBM16GcCJuqI-CoVpis-YmegCOawfyPGVPpRHpOjqmcY4wcuXbxJPT7B8XAi5uCXYvj7tchroq4Yi1yFT7DAQFXrq3O8k5glO4xCp9hSPNQ4-p3rkckhcKn-4GQOgBt_OXcGVytqRJKzLg3s_UrT6ABfaM5CSIz53488iOvtFWQ0XtFxFnE7-uAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzAxMTk1ODgzNDQxMDg5MRjT2nM&sigh=kp29P_tSBjQ&uach_m=[UACH]&cid=CAQSPwCNIrLMV_z-bLNTdWki-Kn-Uanr8veygff8T7IcaPezK4xVls8vOFEcZzW9tL6FCfExhxjvn5b-Z4ECtulaghgB
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame A52A 0
0 126ms
41ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMg12AVanYNiAgIAAAC64vPui9jITBA70HpiU5l9YgswpT5WtKcAEgAA&wp=YnrQOwAKj6AIu8nZAAm-PmbBnp2PHIA_3eZzsQ

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 330761
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BAA1 145 KB
49 KB 367ms
276ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj6AIu8nZAAm-PmbBnp2PHIA_3eZzsQ&u=%7C0rweMepMFJTEpjFgXclM1KUFywlGxdooO0dHS7%2BhN4Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xQmFH1Rvc9StwZQUKfaPOFa7rXaRvrF3PSJukC32hqP9_yHyOEL2OigQuTcKKytIuAq7wndDETdk6y05EQfbz1FyIs_rGDeUOjnf6bPFBS-z7V-B95LFJBeEjOJWjZZPb31XYoJEXcAg2ps8kXGDcZtSQwW6SfXEybQEtRRKulISW-KdhoA1wFmrgUWN8u0BGknOEd7k0mlqrFP4A_C5V5dpcV4ukJPuuVLhAoYBsddALAJs9zkaL6cZyGTEa41YolDUT-juSbC4PK8p3dXEbxiTC4iJYSM8_dltoBYp4za-Xmfp7-UWvWhuye8iLA2GLv6DHXadv1GtXhWUkS0uJPOkaHyvpIth6jq9nHOmGuYPoRNen9QdBKGuI3YHNrKwCWa5SwX6rLtTeff_EmklJd8fgagV8fVbJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCma5NO9B6YqCfKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhAJP0DYWYq0zFVaQXiYVwx3ZvtbbNXozPPbVqnhS1gVFXqivQy0MqvMIuG3oLCo9lAZlcbTMyBhXoo2uavLlaS1V_zGjCbl8HLar10_FbEkqgoLHF3u4tmgcutVDcA9Uo4WdXJZT-jlnadSYMi4VrGtQIeHCUedhXrwibBM16GcCJuqI-CoVpis-YmegCOawfyPGVPpRHpOjqmcY4wcuXbxJPT7B8XAi5uCXYvj7tchroq4Yi1yFT7DAQFXrq3O8k5glO4xCp9hSPNQ4-p3rkckhcKn-4GQOgBt_OXdEVQr4wx0vPbJw6ekD1aanYdpI_obXxw2IQNZL59sqcsn0vPUoRRzjTOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JDFEXwfRf4amLdbrSawXD6RsR-g%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

172f13f6a7ed08bacc64ae8a6c8b6ac53bc9ea81af52ddcc48c85147ef1a7644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:51:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oclzY1wtUJPvhsntTWYidD7MQssI1yqcG7eeHJOjYFpngpxLl8Av_EreOHKHltMidVC1zQwkDL8bX3EYCZCfysk5XlxDqyRTa4i-aU3x0cg7Mqng6krQU82E6SvZhIzDINlriGsv0QNMf8D0QXp4iClu84msMVHqRtQsUPYTy2LmdqJvSiVt5lsxEFj-vhbT_jKUtaqr8JBj-f002M2I5NXVpqezXeatEdvc7hi4QjhtIGJKJP9K_lIh_uDst8MvEGVPXQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 139549191
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame A52A 3 KB
1 KB 147ms
71ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:48:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A52A 120 KB
37 KB 234ms
137ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:51:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame A52A 15 KB
6 KB 112ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:48:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A52A 0
0 131ms
46ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyYb-b36lymKs014L7EzErwAXq3JAFQxPd7XBSGvK8UeTz3_uE8V8m_puRwyKfVfhqQJUkDYOH4UUtB5APM7XaMz9x-Q
Requested by: Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A52A 22 KB
7 KB 116ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2374 0
0 77ms
76ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CohQzO9B6Yp2fKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEggJP0JpguRmuhd6BluLwRy8aeT_2ZqeXhagMdLKb-o7er9YvyzlcSPf4d_lIjhqe64WwCveVR06dd9deeIU_R9IXU2Ddyv-RCYs5fnAIXpsjrQDcr84J1Aklh34mC3ZSZOLEjqAZgKuVT5bbSzSAW64wGQzpFNSEzGL03xDaVv0ZIBf7lLryMf_QoMBlYaK3Z7Wxs7UEvnGgVMRSWu93vapEbI1bU6wKMaMJfgiEnnhYiilE8IL8QcbY6EmVueB_c3t8q-9cc-WAW8-_Ai_r-R3Vnz_gMci2H9TN6rfnC1Z0x2bfl5ShNzGCb03W1nlThmgC3PI6AatYYpFY7gTQXU1Qi_vgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTcwMTE5NTg4MzQ0MTA4OTEY09pz&sigh=26hD0NAwnYU&uach_m=[UACH]&cid=CAQSPwCNIrLMV_z-bLNTdWki-Kn-Uanr8veygff8T7IcaPezK4xVls8vOFEcZzW9tL6FCfExhxjvn5b-Z4ECtulaghgB
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2374 0
0 265ms
184ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8ELikCdACmAKdg2ICAgAAALri8-6L2MhMEDvQemK8PG-soh14QW2w_AASAAA&wp=YnrQOwAKj50Iu8nZAAm-PuOSifAQb3iLCOX82A

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 264895
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D947 159 KB
49 KB 251ms
164ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj50Iu8nZAAm-PuOSifAQb3iLCOX82A&u=%7C0rweMepMFJSTYsfYRRtRCEZiCXaSHXG5MiY9PNHk1MY%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqAtaD38bvZa_lDxLVjOtBdFR-9NjsgymLJMfUzB8trrucs-nlB3l4G6sPHBb7pSe4zdOoGyIWdptC8IRYf7tV-jzG1QpXMtXGUG9swttpSuvmbgj37Id0KXAmth3AFtyus6A0-KOIqvb9WR-twP4SF1Is25xExyzVD-sbTBX6pN3tVwiD8_bmnF5Cdtv_enq-QQScrzGIX9YDz8mL8Uj6xfjWIE9uBTVDGN95X09AmAG1g17ujf4cFnrD2FMwvqsL_2TDzWE4-632x3APNf583i9l44odA5l0fliSSueoW8pp1qd0mYgAON2qNTwaGeuB3obLeU0eXS1PfSFFAcGemQqrF9azU6hnQHREdkzCTIJEj1CFy9EtRIiuYv48584dprzdvQS2BsOMwyDdi0vkPBF5drabf4RJLMQQFCIpKAvhzPO2JbG7Lra4VOgX1Oy_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi34oO9B6Yp2fKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhQJP0JpguRmuhd6BluLwRy8aeT_2ZqeXhagMdLKb-o7er9YvyzlcSPf4d_lIjhqe64WwCveVR06dd9deeIU_R9IXU2Ddyv-RCYs5fnAIXpsjrQDcr84J1Aklh34mC3ZSZOLEjqAZgKuVT5bbSzSAW64wGQzpFNSEzGL03xDaVv0ZIBf7lLryMf_QoMBlYaK3Z7Wxs7UEvnGgVMRSWu93vapEbI1bU6wKMaMJfgiEnnhYiilE8IL8QcbY6EmVueB_c3t8q-9cc-WAW8-_Ai_r-R3Vnz_gMci2H9TN6rfnSVRVVeFQC4ceqyUhv3BwLnBHjN4I8uq4tWNlxGPn8CjI2OfUmEQ8RtbgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Qu-OlJpdfE06UIffTBmzUsagpxQ%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

053c78fc5d2dac21e29942294c488f6940614d4caa3d70a14fa8b948a4a8520e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:51:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jFTwQ1wtUJPvhsnt6SAlqAYdCCEZ4y58yJZpmFs6SO_IjwvN0u1O3Z6g2gxnZ_MXhif_qmOBaqf8xt7E2GtsDZfwFhb9Ir7ROSP74r2XXyz8SRvGgiYvh5kGH8crG_D2Y7VlN-5ZwkbAfNnXY4MwfrBIIQRrlDwNsDof26oLydCVmT9MsTtzQBLLnk3WyLR9jF2Ga1tkvQUOw9j-SxjaDxzAnmRL9f90v9Z0s6wzS1iQ2Xvsgw3eDwhPFThEJnjqJUFEMw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 117947065
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 2374 3 KB
1 KB 145ms
72ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:48:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2374 120 KB
37 KB 214ms
121ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:51:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 2374 15 KB
6 KB 124ms
52ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:48:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2374 0
0 127ms
46ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzt2bbHo5kD0KpBX7RxjH5x3ZIo2MEmTWZL48Eztc5pFzK4GkEHarAdsNfiFFg5mCGrA5sAcjBQFg9agHR_YAd7Ye3hg
Requested by: Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2374 22 KB
7 KB 129ms
58ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
URL: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
739 B 579ms
143ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.pua-unemployment-login.com&l1=5681&l2=pua-unemployment-login.com&l3=DE&l4=desktop&l5=5.742&cb=0.3159661277296688
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.742/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:51:09 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.pua-unemployment-login.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 119ms
119ms Fetch
text/plain 70.42.32.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=8d1d400457cb92e48ceec27fb3b96b0c_122703_1652215868551&tm=1513&eT=0&widgetWidth=324&widgetHeight=342&widgetX=1055&widgetY=1309&wRV=2000718&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=445&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
X-TraceId: 57dabedf9348e9b6a94c6d3a5aa932f7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImY3YmY0NzAzMGY1NmZlYTQ1NDE2MzMzYTU2MzUwODY0NzQ5N2MzODdhMzZkYTk5ZTk4YjRmMzAzYjM0YjI1YzAiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 32 KB
32 KB 52ms
52ms Image
image/webp 184.87.213.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY3YmY0NzAzMGY1NmZlYTQ1NDE2MzMzYTU2MzUwODY0NzQ5N2MzODdhMzZkYTk5ZTk4YjRmMzAzYjM0YjI1YzAiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.205 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8be509cc391531efc6348acd6958bf23c63a9ea6c162f179d8192bfb359001d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
cache-control: max-age=817672
last-modified: Thu, 31 Mar 2022 08:20:07 GMT
x-traceid: c19bd32d21b41e76e1abd4d389ff79a8
timing-allow-origin: *
content-length: 32782
content-type: image/webp

GET
H3

200

09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c Show response
foremedianative.com/native/nativead/4/ Frame 42C6
Redirect Chain

https://foremedianative.com/native/nativead/4/09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c/?u=1652215868713
https://foremedianative.com/native/nativead/4/09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c?u=1652215868713

1 KB
2 KB

731ms
730ms

Document
text/html

2606:4700:3030::ac43:8da3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://foremedianative.com/native/nativead/4/09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c?u=1652215868713
Requested by: Host: foremedianative.com
URL: https://foremedianative.com/js/native/native.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8da3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82cde18ae48153282653bb6076ba2428a97f9436701b0fb1b1773b649cf927bd

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 70958d1cc9829b7a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 20:51:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsOKxvinbF7JPNJglQw91qn9DkXaRbFBUfQ8bwVli%2BTAxkjQTNa9j3%2F2cVAdRDFG%2FI6010xbyE9GQ%2Bm0ykOPDo0Tnc2twoHR%2FYR2a%2F2wYig%2F0H8wO4WF2WLSfhdK8fM0HxFB5481jxpSzhNwiJnKRT7f"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-ratelimit-limit: 40
x-ratelimit-remaining: 39

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70958d1bef429b7a-FRA
content-type: text/html; charset=iso-8859-1
date: Tue, 10 May 2022 20:51:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://foremedianative.com/native/nativead/4/09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c?u=1652215868713
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2B6pEUwWV2CWWKAEsEZRNXINCsJ45lXaTbhIlLd1UkyZ1HMLOh812qGgkBY0Kd494icACS77jYwmQZSzBcBROZxQpAmWZg1Y221MAHCqhpCT8BKvOeOMm1iSfZtWqyUXIZRr19Z4ZtL2SxkDL%2ByPHzKG"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ Frame 4D3A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fae26f5b1325a4dba26b7cf7e51b8a24e862c16d817c2b7e3cbd6b9b00b17d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D947 2 KB
1 KB 136ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj50Iu8nZAAm-PuOSifAQb3iLCOX82A&u=%7C0rweMepMFJSTYsfYRRtRCEZiCXaSHXG5MiY9PNHk1MY%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqAtaD38bvZa_lDxLVjOtBdFR-9NjsgymLJMfUzB8trrucs-nlB3l4G6sPHBb7pSe4zdOoGyIWdptC8IRYf7tV-jzG1QpXMtXGUG9swttpSuvmbgj37Id0KXAmth3AFtyus6A0-KOIqvb9WR-twP4SF1Is25xExyzVD-sbTBX6pN3tVwiD8_bmnF5Cdtv_enq-QQScrzGIX9YDz8mL8Uj6xfjWIE9uBTVDGN95X09AmAG1g17ujf4cFnrD2FMwvqsL_2TDzWE4-632x3APNf583i9l44odA5l0fliSSueoW8pp1qd0mYgAON2qNTwaGeuB3obLeU0eXS1PfSFFAcGemQqrF9azU6hnQHREdkzCTIJEj1CFy9EtRIiuYv48584dprzdvQS2BsOMwyDdi0vkPBF5drabf4RJLMQQFCIpKAvhzPO2JbG7Lra4VOgX1Oy_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi34oO9B6Yp2fKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhQJP0JpguRmuhd6BluLwRy8aeT_2ZqeXhagMdLKb-o7er9YvyzlcSPf4d_lIjhqe64WwCveVR06dd9deeIU_R9IXU2Ddyv-RCYs5fnAIXpsjrQDcr84J1Aklh34mC3ZSZOLEjqAZgKuVT5bbSzSAW64wGQzpFNSEzGL03xDaVv0ZIBf7lLryMf_QoMBlYaK3Z7Wxs7UEvnGgVMRSWu93vapEbI1bU6wKMaMJfgiEnnhYiilE8IL8QcbY6EmVueB_c3t8q-9cc-WAW8-_Ai_r-R3Vnz_gMci2H9TN6rfnSVRVVeFQC4ceqyUhv3BwLnBHjN4I8uq4tWNlxGPn8CjI2OfUmEQ8RtbgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Qu-OlJpdfE06UIffTBmzUsagpxQ%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D947 2 KB
1 KB 175ms
81ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D947 308 B
636 B 125ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame D947 507 B
835 B 124ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame D947 0
689 B 318ms
190ms Image
text/plain 2600:9000:2156:3000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215868
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj50Iu8nZAAm-PuOSifAQb3iLCOX82A&u=%7C0rweMepMFJSTYsfYRRtRCEZiCXaSHXG5MiY9PNHk1MY%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqAtaD38bvZa_lDxLVjOtBdFR-9NjsgymLJMfUzB8trrucs-nlB3l4G6sPHBb7pSe4zdOoGyIWdptC8IRYf7tV-jzG1QpXMtXGUG9swttpSuvmbgj37Id0KXAmth3AFtyus6A0-KOIqvb9WR-twP4SF1Is25xExyzVD-sbTBX6pN3tVwiD8_bmnF5Cdtv_enq-QQScrzGIX9YDz8mL8Uj6xfjWIE9uBTVDGN95X09AmAG1g17ujf4cFnrD2FMwvqsL_2TDzWE4-632x3APNf583i9l44odA5l0fliSSueoW8pp1qd0mYgAON2qNTwaGeuB3obLeU0eXS1PfSFFAcGemQqrF9azU6hnQHREdkzCTIJEj1CFy9EtRIiuYv48584dprzdvQS2BsOMwyDdi0vkPBF5drabf4RJLMQQFCIpKAvhzPO2JbG7Lra4VOgX1Oy_A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi34oO9B6Yp2fKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhQJP0JpguRmuhd6BluLwRy8aeT_2ZqeXhagMdLKb-o7er9YvyzlcSPf4d_lIjhqe64WwCveVR06dd9deeIU_R9IXU2Ddyv-RCYs5fnAIXpsjrQDcr84J1Aklh34mC3ZSZOLEjqAZgKuVT5bbSzSAW64wGQzpFNSEzGL03xDaVv0ZIBf7lLryMf_QoMBlYaK3Z7Wxs7UEvnGgVMRSWu93vapEbI1bU6wKMaMJfgiEnnhYiilE8IL8QcbY6EmVueB_c3t8q-9cc-WAW8-_Ai_r-R3Vnz_gMci2H9TN6rfnSVRVVeFQC4ceqyUhv3BwLnBHjN4I8uq4tWNlxGPn8CjI2OfUmEQ8RtbgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1Qu-OlJpdfE06UIffTBmzUsagpxQ%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:09 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: hA_lsUNypK8FoTbY-BteZkkt9-DigeyDrw1EUaJXc9GQlqkOgv387A==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame D947 43 B
347 B 265ms
48ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GUM6KTACq-ghFkGvPg4D7jpfanoJ-48ikblA3gO0PXCBreeOwPIpBucmIG8VyrLKMw8YIEw8-SuoXGgACthhuxEVZ6qkvXvzha_zodEtJj6q5ceLZtUzf76ICCEbpcSQk4M2L2dQ9wWoXskASTZaqz4Aa-PHw3YZlIsurCw5d75HsDr0_5p6ggjrL8KXNnTUQBx8Kf3d0rmRgsyJhCbPWEtmRf3-SvQbp4hmmkb64GLmkzzrWL20TA8m0xbMO-rD2UcEXaV5l431tN8C-X9g2ac5E4yDNy6o9zHJ5DaPS3MB9R3f9HA_scczb-4Q85G5rUhTkVaZy_OTTlsuW-F-NeHENQgC9PwyO1FUQaTwWel_R1s3Lt2sQRquvMfTe81pGmkfgb0daL0X-CZl0zHLpmQvFIvyT_5aHt3h0irL6RJX5Hs6lFc9oXCkEo3udFFceKETt4MLukFcWXflR8BFThZr9-o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:08 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2912203
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2374 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 391da233433a6d2edd5e7da8f5e520633cc32366e13c55eff75dafb1cabc6de9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A52A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6449fe10cdcb74fb8198e80f792c9c4df97d887f69b0d9f59239456936cc377

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0F6F 2 KB
1 KB 135ms
81ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj5sIu8nZAAm-PsJh2xRUVkuEvokeoA&u=%7C0rweMepMFJSbMojxlue6gsUkNRt7en80JLMAm4wni4A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3GMZfjVtuw14HJf2DcQ2lBYX5-AwDeuHaELAQlYvQIdJmP6ihwSSCvVjMgVe7bXEO3aWFTwIRyIjCyZLi-j-ALzPkP4lEfoiHTFJMGCpDo0sKeKoobiBwJE0H-CLVloonNNHTP2z_J0_x2dC1A1RIaCG9s4OihcYNyPLYGpUC5To1_KosgDmAMSCrOk_a1HNHMAL--knwE4VJI0XDOD_OJzdlXFVMztWfMUtxDgLnSBBfvIaHny2xCrD_ewuY-iKUFQw7i1WVQIbFhacfHngMEzu_yHw9qdNyVuxDyqIcCbDCRu0riMd4W7CJktsuDaAxrONQwcLGT-UZkOVULdHIoPpT6ZVcBUGw_GuC0e8d4wZJM_nJpePue8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaOTuO9B6YpufKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEigJP0CzOONgUHm_xgUSdj2xKptotwg85Lg-EBhrxBGbgOGQYeR0PZbfM8iYBR9MeahWPkiBze38wnGOERvHFOfAVsvlhWEvisKYVri6XTO5QMIe1q1t764yC_QT_3MfomjvZ7dmGFqTtAhjyhlv06AVVwyqqexo778TmnjtI_15Sja9H4VfOxxkM4ugRePVhsk15IR9TpwN_tfj7XHSqq5wKExMivBGqCN2tVCOZVDnyJW90MnApBJeNlzwXakjcotoERBOelDiUPVCtWO-2HbDPZs4q12vex1d_FsldkpS8NFFsbpv6yB8orK7g-1QzHY_y8c6wqyWLGfsdIqfZm-zWtPrDq8jvFIFuJOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_14In9zOoOLWeB9RWVzwhmQ8KM8SQ%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D947 12 KB
6 KB 126ms
79ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D947 18 KB
18 KB 471ms
88ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=92&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=668&s=zZ9XXdLqBPrx8VhOI0CLOKLn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

63fcc9fc6cf4e04b4c3190ae61fbdd2540d37d73ea1d665a4ffd6d7324847a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30973246
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 18609
expires: Thu, 04 May 2023 08:31:55 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D947 0
128 B 376ms
182ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=jFTwQ1wtUJPvhsnt6SAlqAYdCCEZ4y58yJZpmFs6SO_IjwvN0u1O3Z6g2gxnZ_MXhif_qmOBaqf8xt7E2GtsDZfwFhb9Ir7ROSP74r2XXyz8SRvGgiYvh5kGH8crG_D2Y7VlN-5ZwkbAfNnXY4MwfrBIIQRrlDwNsDof26oLydCVmT9MsTtzQBLLnk3WyLR9jF2Ga1tkvQUOw9j-SxjaDxzAnmRL9f90v9Z0s6wzS1iQ2Xvsgw3eDwhPFThEJnjqJUFEMw&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:51:08 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D947 2 KB
1 KB 53ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D947 2 KB
1 KB 44ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0F6F 2 KB
1 KB 80ms
79ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0F6F 308 B
636 B 84ms
84ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 0F6F 507 B
835 B 80ms
80ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 0F6F 0
690 B 233ms
189ms Image
text/plain 2600:9000:2156:3000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215868
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj5sIu8nZAAm-PsJh2xRUVkuEvokeoA&u=%7C0rweMepMFJSbMojxlue6gsUkNRt7en80JLMAm4wni4A%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzIJLbCwDbhfTlippPOqEO3zJcH2bJloFw3GMZfjVtuw14HJf2DcQ2lBYX5-AwDeuHaELAQlYvQIdJmP6ihwSSCvVjMgVe7bXEO3aWFTwIRyIjCyZLi-j-ALzPkP4lEfoiHTFJMGCpDo0sKeKoobiBwJE0H-CLVloonNNHTP2z_J0_x2dC1A1RIaCG9s4OihcYNyPLYGpUC5To1_KosgDmAMSCrOk_a1HNHMAL--knwE4VJI0XDOD_OJzdlXFVMztWfMUtxDgLnSBBfvIaHny2xCrD_ewuY-iKUFQw7i1WVQIbFhacfHngMEzu_yHw9qdNyVuxDyqIcCbDCRu0riMd4W7CJktsuDaAxrONQwcLGT-UZkOVULdHIoPpT6ZVcBUGw_GuC0e8d4wZJM_nJpePue8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaOTuO9B6YpufKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEigJP0CzOONgUHm_xgUSdj2xKptotwg85Lg-EBhrxBGbgOGQYeR0PZbfM8iYBR9MeahWPkiBze38wnGOERvHFOfAVsvlhWEvisKYVri6XTO5QMIe1q1t764yC_QT_3MfomjvZ7dmGFqTtAhjyhlv06AVVwyqqexo778TmnjtI_15Sja9H4VfOxxkM4ugRePVhsk15IR9TpwN_tfj7XHSqq5wKExMivBGqCN2tVCOZVDnyJW90MnApBJeNlzwXakjcotoERBOelDiUPVCtWO-2HbDPZs4q12vex1d_FsldkpS8NFFsbpv6yB8orK7g-1QzHY_y8c6wqyWLGfsdIqfZm-zWtPrDq8jvFIFuJOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_14In9zOoOLWeB9RWVzwhmQ8KM8SQ%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:09 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: ZAVOnIMoSSsRJMBJrIxRowVXEiJRE4plqwxq4ui5wTMyNmzJ-yuldQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 0F6F 43 B
347 B 181ms
48ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WIWUd-eY1lTfXKpfqTBHIEZqRfRmwewS5LYDJ1_VdDcDFhRVJaGio3SAoAHlGdaAh44HdetQc5D6HfmzXrRiy5kyv3qzQvjzLYwgdeM1QmA4r-5aBAzN9qm6r-ehzrOdBd-CL56JM-a4dk2RZBaaO1ugvD90Hbsse-dUWEbWqeH1l4K72Ps6Zk_lSfzB6m1eJQrzs3a1d-wC0FdAwKGkqOAkO4DsT-NgoO08IWSATHbxX3hf8O5qBJBiAxFG1tBrA-vEeS5IdKu4n2wOVT7LavTu19boL6gweCyVyDMxwsI9nqG8xwNUli5BEXYlGvgu6hUE93xSSCr42vXGTPRRjmwx-F_LiOrc0qft25XqxtGRzb_nK3MxGawy3PRxD9DhQ0sN7wmLTZY_eTNZVP1JjxoEP2GDxvmk_MmDrXcOtxZlupkWlcxIg-2vG7eoIv6gi3kjmQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:08 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3128336
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BAA1 2 KB
1 KB 77ms
76ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj6AIu8nZAAm-PmbBnp2PHIA_3eZzsQ&u=%7C0rweMepMFJTEpjFgXclM1KUFywlGxdooO0dHS7%2BhN4Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xQmFH1Rvc9StwZQUKfaPOFa7rXaRvrF3PSJukC32hqP9_yHyOEL2OigQuTcKKytIuAq7wndDETdk6y05EQfbz1FyIs_rGDeUOjnf6bPFBS-z7V-B95LFJBeEjOJWjZZPb31XYoJEXcAg2ps8kXGDcZtSQwW6SfXEybQEtRRKulISW-KdhoA1wFmrgUWN8u0BGknOEd7k0mlqrFP4A_C5V5dpcV4ukJPuuVLhAoYBsddALAJs9zkaL6cZyGTEa41YolDUT-juSbC4PK8p3dXEbxiTC4iJYSM8_dltoBYp4za-Xmfp7-UWvWhuye8iLA2GLv6DHXadv1GtXhWUkS0uJPOkaHyvpIth6jq9nHOmGuYPoRNen9QdBKGuI3YHNrKwCWa5SwX6rLtTeff_EmklJd8fgagV8fVbJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCma5NO9B6YqCfKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhAJP0DYWYq0zFVaQXiYVwx3ZvtbbNXozPPbVqnhS1gVFXqivQy0MqvMIuG3oLCo9lAZlcbTMyBhXoo2uavLlaS1V_zGjCbl8HLar10_FbEkqgoLHF3u4tmgcutVDcA9Uo4WdXJZT-jlnadSYMi4VrGtQIeHCUedhXrwibBM16GcCJuqI-CoVpis-YmegCOawfyPGVPpRHpOjqmcY4wcuXbxJPT7B8XAi5uCXYvj7tchroq4Yi1yFT7DAQFXrq3O8k5glO4xCp9hSPNQ4-p3rkckhcKn-4GQOgBt_OXdEVQr4wx0vPbJw6ekD1aanYdpI_obXxw2IQNZL59sqcsn0vPUoRRzjTOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JDFEXwfRf4amLdbrSawXD6RsR-g%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BAA1 2 KB
1 KB 77ms
77ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BAA1 308 B
636 B 58ms
57ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame BAA1 507 B
835 B 57ms
56ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame BAA1 0
689 B 208ms
187ms Image
text/plain 2600:9000:2156:3000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215868
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrQOwAKj6AIu8nZAAm-PmbBnp2PHIA_3eZzsQ&u=%7C0rweMepMFJTEpjFgXclM1KUFywlGxdooO0dHS7%2BhN4Q%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xQmFH1Rvc9StwZQUKfaPOFa7rXaRvrF3PSJukC32hqP9_yHyOEL2OigQuTcKKytIuAq7wndDETdk6y05EQfbz1FyIs_rGDeUOjnf6bPFBS-z7V-B95LFJBeEjOJWjZZPb31XYoJEXcAg2ps8kXGDcZtSQwW6SfXEybQEtRRKulISW-KdhoA1wFmrgUWN8u0BGknOEd7k0mlqrFP4A_C5V5dpcV4ukJPuuVLhAoYBsddALAJs9zkaL6cZyGTEa41YolDUT-juSbC4PK8p3dXEbxiTC4iJYSM8_dltoBYp4za-Xmfp7-UWvWhuye8iLA2GLv6DHXadv1GtXhWUkS0uJPOkaHyvpIth6jq9nHOmGuYPoRNen9QdBKGuI3YHNrKwCWa5SwX6rLtTeff_EmklJd8fgagV8fVbJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCma5NO9B6YqCfKtmT7_UPvvym-A7JntKxXNWdkfdwwI23ARABIABgldqOgpgHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQJ0rdIaaLCxPuACAKgDAaoEhAJP0DYWYq0zFVaQXiYVwx3ZvtbbNXozPPbVqnhS1gVFXqivQy0MqvMIuG3oLCo9lAZlcbTMyBhXoo2uavLlaS1V_zGjCbl8HLar10_FbEkqgoLHF3u4tmgcutVDcA9Uo4WdXJZT-jlnadSYMi4VrGtQIeHCUedhXrwibBM16GcCJuqI-CoVpis-YmegCOawfyPGVPpRHpOjqmcY4wcuXbxJPT7B8XAi5uCXYvj7tchroq4Yi1yFT7DAQFXrq3O8k5glO4xCp9hSPNQ4-p3rkckhcKn-4GQOgBt_OXdEVQr4wx0vPbJw6ekD1aanYdpI_obXxw2IQNZL59sqcsn0vPUoRRzjTOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JDFEXwfRf4amLdbrSawXD6RsR-g%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:09 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: dcycHSqCWA-wVBdV7GmbDlXo3X1Jmlm2-U0UABm7BB0L4CBq71ZUug==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame BAA1 43 B
348 B 157ms
47ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QOyNKuFtwMx5BkCzaq8HKeJFXfOQ92EK6Imlk-6Kkun7kaRWoahUAOzn02I7zFT_E6b9u372iOLaFlwwpN26o1PPdyLpLFE4TwaJ-FJSSiFgeoLK4aWP0lNFQTXfqjcMRkLdVJGn1jdMn0tQKKYoc3b7Uh7Jnm-DlhJiHp-szZxkM0XRpJLIYzpJ0FMXurSvCQlXUf32XnDqakaut0QEdpt2KoIzNj4I84fy9unI-umaGef25ju1hCGLb9kWEvk1gWcnAp1WjgWJWFjGmS2MxtygeKX0Lr9U95l189u8vFF-KeNQ-X7KXYqq58VpKXUGN4vLixmFWozfYLD8DiczMIJkdaeuQEUGP5mJ2lm_VZHyijsVlop2_Cr039kCJjRFPyUggy6PedRB8Q-jMZA8sBF9wLpxzPjkzLf7HjueA8L2S1tULwDpmYcgRZ9QQhLvMa8ewA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:08 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1777501
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 125ms
124ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136fecc534ef4f8c959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60635f578aee5d5eb474fbd408dbd39e821da61c45085052aae2d05f91e46042dc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1908f77f6ba195157ae8dceb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f8283e1f48eefe54b7bf126b3eff97a0766bdd33096e517b0114700810f5c84d4d2888fbc9227c32c90c6f5ae53df5f5b1aa35e64c1c3ca182487eb74a800e0c31cc427fa28411b559963e5568997fa2dbed368c35ca9cfcbcb69ce010478e84b5841694a31d0a064bb57dac19c2ba29273b29e21df89e5b27c82bfaa526c7585a91004ddb0490251baacf233f579c5b44ee5e332a03efc239f38d708d4a835db1925e2b291633723630229174111aae09071d402b35953402ffca852dc9e1810e3bedfb8d170d0bef6f6948cdae3575d6ee94d87aa4b2bd2516f1fcb711e242eb02eed054687b5853ad437c52fcfe96998a41fda3b1d2b204f&cb=1652215868918&cri=6i7iEiHPSR
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/ohio
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:08 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0F6F 12 KB
6 KB 50ms
50ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0F6F 16 KB
16 KB 390ms
94ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=VmpB6zKqWSQPc8u3HQtDjREj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29478818
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16600
expires: Mon, 17 Apr 2023 01:24:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0F6F 2 KB
2 KB 387ms
91ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2Flogodrivetech-Fahrversuch-GmbH-171567DE.gif%3Feb%3D1&v=3&w=400&s=AWC9_tVS2C2Xr8zOMCnCWqF6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=844595
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1538
expires: Fri, 20 May 2022 15:27:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0F6F 2 KB
3 KB 435ms
139ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoAmprio-GmbH-201935DE-2106231706.gif%3Feb%3D1&v=3&w=400&s=zS9tGcRBwO8wq0xAVW3bODHb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=995241
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Sun, 22 May 2022 09:18:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0F6F 2 KB
2 KB 386ms
90ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoStepStone-GmbH-148733DE.gif%3Feb%3D1&v=3&w=400&s=wSPXg05NAm7YwFBXI_4Y57ix&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2228928
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1770
expires: Sun, 05 Jun 2022 15:59:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0F6F 1 KB
1 KB 405ms
109ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=400&s=t5TW_8UYa2eFuuuPo_Q7nmQe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=151627
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1100
expires: Thu, 12 May 2022 14:58:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0F6F 5 KB
5 KB 385ms
89ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoZenJob-GmbH-Extern-253922DE-2011231050.gif%3Feb%3D1&v=3&w=400&s=JLFsYJdH654v7-8d4e4sB-p3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4833
expires: Tue, 10 May 2022 20:51:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0F6F 1 KB
2 KB 48ms
48ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoIlle-Papier-Service-GmbH-280332DE-2111180848.gif%3Feb%3D1&v=3&w=400&s=WXhO8CipOdneZQ6CRJmWY-EI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d5ea9fcb2a448ba0c621ea95e22d27827e79c5aabee99a0ccea258665e5f40a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1472282
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1450
expires: Fri, 27 May 2022 21:49:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0F6F 3 KB
3 KB 53ms
52ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoABF-Pharmazie-GmbH-Co-KG-276589DE-2112061114.gif%3Feb%3D1&v=3&w=400&s=xsgRWAIcaY3v_8_g1oyXFuKC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

511dfce7c1f8030304d0d886e6f4a408a84e76c4a8ca8a1ca1a3414dcaf54dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2384662
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2770
expires: Tue, 07 Jun 2022 11:15:32 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0F6F 0
127 B 289ms
183ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ZBOrYlwtUJPvhsntLKtMa7-iKwZMqcipFoJL1gWAysPbtzj7UNYIIYhfUraAMC3XCj5hh0iDz1UDbVihb26hjAVS2DsMcfQEMAOKW7QrUA8EG6nh4vD5aJUPZlTjOrwRJCxtoDp17v4IDve8yTjt80KcxIvPTc2fpWmZdl6EUr5Eh5m9EcDn7w5VQcrMMuKfT1sNCR0VcxxM3M43orsJNnBeMV-1zy0wy0BflWDPj5PHj0VMDtEyLXl9N5ylnM3d-2I46A&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:51:09 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0F6F 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0F6F 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:08 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BAA1 12 KB
6 KB 56ms
56ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:09 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BAA1 7 KB
7 KB 378ms
132ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=OoHbAbMjs34limBOASsMBFuJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29478818
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7142
expires: Mon, 17 Apr 2023 01:24:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BAA1 0
127 B 239ms
183ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=oclzY1wtUJPvhsntTWYidD7MQssI1yqcG7eeHJOjYFpngpxLl8Av_EreOHKHltMidVC1zQwkDL8bX3EYCZCfysk5XlxDqyRTa4i-aU3x0cg7Mqng6krQU82E6SvZhIzDINlriGsv0QNMf8D0QXp4iClu84msMVHqRtQsUPYTy2LmdqJvSiVt5lsxEFj-vhbT_jKUtaqr8JBj-f002M2I5NXVpqezXeatEdvc7hi4QjhtIGJKJP9K_lIh_uDst8MvEGVPXQ&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:51:09 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BAA1 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:09 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BAA1 2 KB
1 KB 47ms
46ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:09 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:51:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 42C6 24 KB
1 KB 125ms
47ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Requested by

Host: foremedianative.com
URL: https://foremedianative.com/native/nativead/4/09a41d24373874cf5b9d8629a1efc147826e8698a3bc1a9a08d328ea45b59c8c?u=1652215868713

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foremedianative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 May 2022 20:06:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 10 May 2022 20:51:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 May 2022 20:51:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 152ms
53ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80f78b6bd665861aeec5ab486d9a63ad6c0973a1e63c254b23cce34d4390ebe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10684
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2374 42 B
174 B 160ms
71ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTnteJgO-s6qNgQwYPvMtUe1ynEcXSSF8k9crvZjwJMKjB4Ux8oHnumLQ_H64qjZM7_l-dJjWD2IEUoN3y_2re&sig=Cg0ArKJSzGoBWmr6ZZkKEAE&id=lidar2&mcvt=1008&p=485,1052,765,1388&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=574321577&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652215868258&rpt=500&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A52A 42 B
108 B 158ms
72ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPbkgvA8VppDbuPnbxQr-avPTrKozBMR4ojwlP3gsSHHxnehh8BQZyNljN7LxY8c2t1wWiGtJve-LcbDqewi_f&sig=Cg0ArKJSzOiOOYh6xN64EAE&id=lidar2&mcvt=1012&p=1079,436,1169,1164&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=201602981&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652215868263&rpt=511&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D947 0
127 B 38ms
38ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:51:09 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 2529ms
2528ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:51:12 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BAA1 0
127 B 38ms
38ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:51:09 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
110 B 399ms
87ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=1&wv-hit=896984651&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&rn=822540360&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652215871%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510205110%3Au%3A1652215868731165073%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215871&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:11 GMT
last-modified: Tue, 10-May-2022 20:51:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:51:11 GMT

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
145 B 91ms
82ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=1&wv-hit=896984651&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&rn=269662394&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1652215871%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510205111%3Au%3A1652215868731165073%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215871&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:11 GMT
last-modified: Tue, 10-May-2022 20:51:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:51:11 GMT

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
205 B 80ms
79ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=2&wv-hit=896984651&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fohio&rn=238800735&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652215872%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510205112%3Au%3A1652215868731165073%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215872&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:51:12 GMT
last-modified: Tue, 10-May-2022 20:51:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:51:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B7F9 13 KB
5 KB 40ms
37ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 18:34:09 GMT
expires: Wed, 10 May 2023 18:34:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0B6C 783 B
536 B 126ms
47ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b9d34aea5a2dad335c717000923ea595b0f6b4b5540bbfe0384c53e8375930e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6X49TRBNmm803AediO1YJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-6X49TRBNmm803AediO1YJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:51:12 GMT
expires: Tue, 10 May 2022 20:51:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame B7F9 35 KB
13 KB 115ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 16:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 16:03:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0B6C 0
0 87ms
87ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050501&jk=2564605264663829&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B7F9 0
9 B 37ms
36ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5SzPXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:51:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pua-unemployment-login.com/	1970-01-20 20:28:07	Name: _ga_2X191KKTRE Value: GS1.1.1652215867.1.0.1652215867.0
.pua-unemployment-login.com/	1970-01-20 20:28:07	Name: _ga Value: GA1.1.1673269917.1652215867
.yandex.ru/	1970-01-20 11:42:31	Name: yandexuid Value: 9752161461652215867
.yandex.ru/	1970-01-20 11:42:31	Name: yuidss Value: 9752161461652215867
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1045018811652215867
.yandex.ru/	1970-01-23 18:32:55	Name: i Value: O4VSJcGFF+pIFV32N9kY9DwlXBFwB+AaOlN9ipKdC4Mi0kxhanxDuY1qVZJAHR3w+AVD1iiBxPhLt+j/FQ/Ue1Rz63o=
.yandex.ru/	1970-01-20 11:42:31	Name: ymex Value: 1683751867.yrts.1652215867#1683751867.yrtsi.1652215867
.pua-unemployment-login.com/	1970-01-20 11:42:31	Name: _ym_uid Value: 1652215868731165073
.pua-unemployment-login.com/	1970-01-20 11:42:31	Name: _ym_d Value: 1652215868
.pua-unemployment-login.com/	1970-01-20 02:58:07	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 02:56:56	Name: sync_cookie_csrf Value: 2487394172fake
.mc.yandex.ru/	1970-01-20 02:56:56	Name: sync_cookie_csrf Value: 544844042fake
.yandex.com/	1970-01-20 11:42:31	Name: yandexuid Value: 9752161461652215867
.yandex.com/	1970-01-20 11:42:31	Name: yuidss Value: 9752161461652215867
.mc.yandex.com/	1970-01-20 02:58:22	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 627248421652215867
.yandex.com/	1970-01-23 18:32:55	Name: i Value: oeV6Y3XOuoWp4RFsmBd1epHXiWZuo/PrGJULdwdxTD6Bi41aMKPv0OR0fZ2R8ZJCVQzQrhuE4+r44mxOTs4fyr5pN6M=
.yandex.com/	1970-01-20 11:42:31	Name: ymex Value: 1683751867.yrts.1652215867#1683751867.yrtsi.1652215867
.pua-unemployment-login.com/	1970-01-20 02:56:57	Name: _ym_visorc Value: w
.pua-unemployment-login.com/	1970-01-20 12:18:31	Name: __gads Value: ID=a57e0339822c0f81-223f651b92cd00d9:T=1652215867:S=ALNI_MYVvIacYRZGFag8ZwGnt4Otj5F2VQ
.doubleclick.net/	1970-01-20 12:18:31	Name: IDE Value: AHWqTUn9dl9BF1xUpKekb8Q_afQaRhwRu2WW8hJCifH7Yy12ogiSgNPysumxm_WzS_g
data.ad-score.com/	1970-01-21 22:46:19	Name: token Value: tFeFVvAhwHPgp-wdjv-IMQoubCRPpYCz

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.pua-unemployment-login.com/ohio Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
b0e9e1536ab9e003fa0b66035801be8c.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
cnt.trvdp.com
csm.eu.criteo.net
data.ad-score.com
fonts.googleapis.com
foremedianative.com
go.trvdp.com
images.outbrainimg.com
log.outbrainimg.com
mc.yandex.com
mc.yandex.ru
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pagead2.googlesyndication.com
pix.eu.criteo.net
platform.foremedia.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.trvdp.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static.criteo.net
stg.truvidplayer.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pua-unemployment-login.com
108.157.4.52
108.157.4.6
130.211.115.4
142.250.184.194
151.101.14.132
178.250.0.139
178.250.0.160
178.250.2.150
184.87.213.205
23.35.237.86
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:2156:3000:1e:a43d:b640:93a1
2600:9000:2156:9400:d:3c0f:bcc0:93a1
2600:9000:2156:a200:3:7e1c:5b40:93a1
2600:9000:2156:d200:1e:6a6f:9700:93a1
2606:4700:3030::ac43:8da3
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a02:6b8::1:119
2a06:98c1:3120::a
2a06:98c1:3121::a
70.42.32.223
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
053c78fc5d2dac21e29942294c488f6940614d4caa3d70a14fa8b948a4a8520e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09
0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e
10ab9ae1d16ca00d6b56fee2e4c687eb5538ae42dfb0fe60af8e5baa9dbd33ec
172f13f6a7ed08bacc64ae8a6c8b6ac53bc9ea81af52ddcc48c85147ef1a7644
193af24ee1ee57616c68f47ca4cc71c36fabb05b1afae6d15f4b0e267fc89c82
1acdc2684bd8b7adaff16a3484ffbfb6aba5d5f84c8f3b953b627d964f1dee09
1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cf5b79db4626571627f31e8a7e3bec8d03ac3989d6e2b4e6ee2253f53f65b84
391da233433a6d2edd5e7da8f5e520633cc32366e13c55eff75dafb1cabc6de9
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
4257ae7fef496cc1b81dd5e2fab57e8c938400c10b11566bf3a7fe41ff622f5b
4ac754f43f0059a7e083b86aebdd7e6df7974df57209f7164709a238d3302d05
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511dfce7c1f8030304d0d886e6f4a408a84e76c4a8ca8a1ca1a3414dcaf54dd2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b0489eeab75dd1bcb5f6856c67ee4731ea74b0a64442b185505ff0d93631fa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
5e781551b26f8fdaaa828b555b92cf515e8a481a92ea4f544c25a982e7b9f75b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
63fcc9fc6cf4e04b4c3190ae61fbdd2540d37d73ea1d665a4ffd6d7324847a04
6f82e92f570144e5591909c4e61040ac0cbcb1024d0c0acc6a79abf7364d84ea
73a9eaebd1e51360e20a453fd080f7dc7ce220eb009c50c3337b41cf1b0db975
7b9d34aea5a2dad335c717000923ea595b0f6b4b5540bbfe0384c53e8375930e
80f78b6bd665861aeec5ab486d9a63ad6c0973a1e63c254b23cce34d4390ebe2
82cde18ae48153282653bb6076ba2428a97f9436701b0fb1b1773b649cf927bd
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8be509cc391531efc6348acd6958bf23c63a9ea6c162f179d8192bfb359001d6
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d4b5f0005b2d8a47b9b0fc0fdf0a351ad45b0f5900a55e624b4a70000544bae
8eb16c0eab583526e5aceef87b6fdd3f9d7074a1902bc09a9c7492fbd07c8117
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
930eb3f887b0f657812c12b21e1648e6955384adedca8aacab2855ed1d0b1acb
93fbf26c7da3d17b1d602ee05d91d63af89666e1c7df99fa9ea7656973102c9d
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
9d3a4411f186523148f4e4703a96f2259ee672b7b6133abe7953f243f571d7a2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa1684f03b06bdc3b85e16da9195c861eb3bc4e0eac0f5e091c79218838523db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b0f5a0cc806846ed2f58fbb2740c4c7ef9ad190e401368493c1442b7dcc9eecd
b26f4370b5fcaa6e2fd63a64a1de2b080db94131eb58afb6203328f2d019abf8
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9b69a3dd2271ada2d50dfe7bfaea402e8ae9d830cd245e34fac2437ca33158d
ba03cc685ee113c6a8bde68f5e37f74e8285d0da7bf3d50f916acec186e93edb
babb18965e9ca0d1953890df5b83fd4d714854b55e5af46dbec4bf768ab534c6
bc0c7610b9e6d11c9ee336017612071dc883b6b536bd554a1b066a6f1e3dd3b7
bc7efc48e5c37e8d392a52637dbdacc1b81c7ba29c8f10cd5a0ddb3cdd3fb180
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
be67f7ae0b641a9b22d647a2fd65fe8a2ca608eb9bf9e8941badd898d2787e23
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cccceafbf83aec903f0974b23f6c94fac56cebb332adc6d7fb48f4d957ff6329
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ceb22fe08934d8fd06ac457acfba081c1b0ad7ec78e1a9c8f7871666be8cd5b7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0
d5ea9fcb2a448ba0c621ea95e22d27827e79c5aabee99a0ccea258665e5f40a2
d637341e9d6d89752d08ae604391544a79e884fcb68c56a617c700b906555b7c
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
da524ab3b63b0729cef49c40106e10fe0f23483c0a761355cbbb7ee3742ccc28
dbe6a6b5b64bf6ea1a25fd5aa7c736f971111fa066ba856cde47432d02dc263b
df174ce03e6a22ad812e3301fa1cb4c94bb1c8fc36690e4077a958c4446eabb4
e35e5f94adbf07e0121025407f631f9a49fb4ab9597e87af6d42da690656250f
e3a986f929c194d761eefb5f6032a6258f70d9ffe752a343a08aee086e8f411b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40143e736f525cb284279c368de9f5a44ab9278dba7911c1157d5ec0ba0a810
e442afceada3ad856d11b90bcc9ccfa5ee84182e6fa2125e5656ab00221f3f20
e467b8cb04f6f34bd50fa7f2f15a21d229f4403a8b88b25456219689377819ce
e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753
e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2
eb493a6b8a417aa33b098f8c0c34376509a6d7032b4f66351133c8325f84189c
ecb02060fbb2cd5a6affe0d185aca6d9227a2c2fc53cd7b5be44ca9b95f2cec5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f63c6de989281851ed59dfa1c06a7eecd4ab37f89453a7dd89150a2e1b8be469
f6449fe10cdcb74fb8198e80f792c9c4df97d887f69b0d9f59239456936cc377
f756dfbe6acaf000051e953483ef0b192ebde398a02a3b02342626d01e19cd2b
f8aadd68eb9c6abebf719b41cefb6466283be19d3154c9e51f38f0bac1bb7b82
fae26f5b1325a4dba26b7cf7e51b8a24e862c16d817c2b7e3cbd6b9b00b17d1a

www.pua-unemployment-login.com Open in urlscan Pro 2a06:98c1:3120::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

154 Requests

98 %HTTPS

68 %IPv6

22 Domains

39 Subdomains

35 IPs

5 Countries

1645 kBTransfer

4269 kBSize

22 Cookies

5 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pua-unemployment-login.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

98 %
HTTPS

68 %
IPv6

22
Domains

39
Subdomains

35
IPs

5
Countries

1645 kB
Transfer

4269 kB
Size

22
Cookies

154 HTTP transactions
4 data transactions